• Jack Morgenstein's avatar
    RDMA/uverbs: Expand primary and alt AV port checks · addb8a65
    Jack Morgenstein authored
    The commit cited below checked that the port numbers provided in the
    primary and alt AVs are legal.
    
    That is sufficient to prevent a kernel panic. However, it is not
    sufficient for correct operation.
    
    In Linux, AVs (both primary and alt) must be completely self-described.
    We do not accept an AV from userspace without an embedded port number.
    (This has been the case since kernel 3.14 commit dbf727de
    ("IB/core: Use GID table in AH creation and dmac resolution")).
    
    For the primary AV, this embedded port number must match the port number
    specified with IB_QP_PORT.
    
    We also expect the port number embedded in the alt AV to match the
    alt_port_num value passed by the userspace driver in the modify_qp command
    base structure.
    
    Add these checks to modify_qp.
    
    Cc: <stable@vger.kernel.org> # 4.16
    Fixes: 5d4c05c3 ("RDMA/uverbs: Sanitize user entered port numbers prior to access it")
    Signed-off-by: default avatarJack Morgenstein <jackm@dev.mellanox.co.il>
    Signed-off-by: default avatarLeon Romanovsky <leonro@mellanox.com>
    Signed-off-by: default avatarJason Gunthorpe <jgg@mellanox.com>
    addb8a65
uverbs_cmd.c 105 KB