This source file includes following definitions.
- get_pkey_idx_qp_list
- get_pkey_and_subnet_prefix
- enforce_qp_pkey_security
- check_qp_port_pkey_settings
- qp_to_error
- check_pkey_qps
- port_pkey_list_insert
- port_pkey_list_remove
- destroy_qp_security
- get_new_pps
- ib_open_shared_qp_security
- ib_close_shared_qp_security
- ib_create_qp_security
- ib_destroy_qp_security_begin
- ib_destroy_qp_security_abort
- ib_destroy_qp_security_end
- ib_security_cache_change
- ib_security_release_port_pkey_list
- ib_security_modify_qp
- ib_security_pkey_access
- ib_mad_agent_security_change
- ib_mad_agent_security_setup
- ib_mad_agent_security_cleanup
- ib_mad_enforce_security
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33 #include <linux/security.h>
34 #include <linux/completion.h>
35 #include <linux/list.h>
36
37 #include <rdma/ib_verbs.h>
38 #include <rdma/ib_cache.h>
39 #include "core_priv.h"
40 #include "mad_priv.h"
41
42 static LIST_HEAD(mad_agent_list);
43
44 static DEFINE_SPINLOCK(mad_agent_list_lock);
45
46 static struct pkey_index_qp_list *get_pkey_idx_qp_list(struct ib_port_pkey *pp)
47 {
48 struct pkey_index_qp_list *pkey = NULL;
49 struct pkey_index_qp_list *tmp_pkey;
50 struct ib_device *dev = pp->sec->dev;
51
52 spin_lock(&dev->port_data[pp->port_num].pkey_list_lock);
53 list_for_each_entry (tmp_pkey, &dev->port_data[pp->port_num].pkey_list,
54 pkey_index_list) {
55 if (tmp_pkey->pkey_index == pp->pkey_index) {
56 pkey = tmp_pkey;
57 break;
58 }
59 }
60 spin_unlock(&dev->port_data[pp->port_num].pkey_list_lock);
61 return pkey;
62 }
63
64 static int get_pkey_and_subnet_prefix(struct ib_port_pkey *pp,
65 u16 *pkey,
66 u64 *subnet_prefix)
67 {
68 struct ib_device *dev = pp->sec->dev;
69 int ret;
70
71 ret = ib_get_cached_pkey(dev, pp->port_num, pp->pkey_index, pkey);
72 if (ret)
73 return ret;
74
75 ret = ib_get_cached_subnet_prefix(dev, pp->port_num, subnet_prefix);
76
77 return ret;
78 }
79
80 static int enforce_qp_pkey_security(u16 pkey,
81 u64 subnet_prefix,
82 struct ib_qp_security *qp_sec)
83 {
84 struct ib_qp_security *shared_qp_sec;
85 int ret;
86
87 ret = security_ib_pkey_access(qp_sec->security, subnet_prefix, pkey);
88 if (ret)
89 return ret;
90
91 list_for_each_entry(shared_qp_sec,
92 &qp_sec->shared_qp_list,
93 shared_qp_list) {
94 ret = security_ib_pkey_access(shared_qp_sec->security,
95 subnet_prefix,
96 pkey);
97 if (ret)
98 return ret;
99 }
100 return 0;
101 }
102
103
104
105
106
107
108
109
110
111 static int check_qp_port_pkey_settings(struct ib_ports_pkeys *pps,
112 struct ib_qp_security *sec)
113 {
114 u64 subnet_prefix;
115 u16 pkey;
116 int ret = 0;
117
118 if (!pps)
119 return 0;
120
121 if (pps->main.state != IB_PORT_PKEY_NOT_VALID) {
122 ret = get_pkey_and_subnet_prefix(&pps->main,
123 &pkey,
124 &subnet_prefix);
125 if (ret)
126 return ret;
127
128 ret = enforce_qp_pkey_security(pkey,
129 subnet_prefix,
130 sec);
131 if (ret)
132 return ret;
133 }
134
135 if (pps->alt.state != IB_PORT_PKEY_NOT_VALID) {
136 ret = get_pkey_and_subnet_prefix(&pps->alt,
137 &pkey,
138 &subnet_prefix);
139 if (ret)
140 return ret;
141
142 ret = enforce_qp_pkey_security(pkey,
143 subnet_prefix,
144 sec);
145 }
146
147 return ret;
148 }
149
150
151
152
153 static void qp_to_error(struct ib_qp_security *sec)
154 {
155 struct ib_qp_security *shared_qp_sec;
156 struct ib_qp_attr attr = {
157 .qp_state = IB_QPS_ERR
158 };
159 struct ib_event event = {
160 .event = IB_EVENT_QP_FATAL
161 };
162
163
164
165
166
167 if (sec->destroying)
168 return;
169
170 ib_modify_qp(sec->qp,
171 &attr,
172 IB_QP_STATE);
173
174 if (sec->qp->event_handler && sec->qp->qp_context) {
175 event.element.qp = sec->qp;
176 sec->qp->event_handler(&event,
177 sec->qp->qp_context);
178 }
179
180 list_for_each_entry(shared_qp_sec,
181 &sec->shared_qp_list,
182 shared_qp_list) {
183 struct ib_qp *qp = shared_qp_sec->qp;
184
185 if (qp->event_handler && qp->qp_context) {
186 event.element.qp = qp;
187 event.device = qp->device;
188 qp->event_handler(&event,
189 qp->qp_context);
190 }
191 }
192 }
193
194 static inline void check_pkey_qps(struct pkey_index_qp_list *pkey,
195 struct ib_device *device,
196 u8 port_num,
197 u64 subnet_prefix)
198 {
199 struct ib_port_pkey *pp, *tmp_pp;
200 bool comp;
201 LIST_HEAD(to_error_list);
202 u16 pkey_val;
203
204 if (!ib_get_cached_pkey(device,
205 port_num,
206 pkey->pkey_index,
207 &pkey_val)) {
208 spin_lock(&pkey->qp_list_lock);
209 list_for_each_entry(pp, &pkey->qp_list, qp_list) {
210 if (atomic_read(&pp->sec->error_list_count))
211 continue;
212
213 if (enforce_qp_pkey_security(pkey_val,
214 subnet_prefix,
215 pp->sec)) {
216 atomic_inc(&pp->sec->error_list_count);
217 list_add(&pp->to_error_list,
218 &to_error_list);
219 }
220 }
221 spin_unlock(&pkey->qp_list_lock);
222 }
223
224 list_for_each_entry_safe(pp,
225 tmp_pp,
226 &to_error_list,
227 to_error_list) {
228 mutex_lock(&pp->sec->mutex);
229 qp_to_error(pp->sec);
230 list_del(&pp->to_error_list);
231 atomic_dec(&pp->sec->error_list_count);
232 comp = pp->sec->destroying;
233 mutex_unlock(&pp->sec->mutex);
234
235 if (comp)
236 complete(&pp->sec->error_complete);
237 }
238 }
239
240
241
242
243 static int port_pkey_list_insert(struct ib_port_pkey *pp)
244 {
245 struct pkey_index_qp_list *tmp_pkey;
246 struct pkey_index_qp_list *pkey;
247 struct ib_device *dev;
248 u8 port_num = pp->port_num;
249 int ret = 0;
250
251 if (pp->state != IB_PORT_PKEY_VALID)
252 return 0;
253
254 dev = pp->sec->dev;
255
256 pkey = get_pkey_idx_qp_list(pp);
257
258 if (!pkey) {
259 bool found = false;
260
261 pkey = kzalloc(sizeof(*pkey), GFP_KERNEL);
262 if (!pkey)
263 return -ENOMEM;
264
265 spin_lock(&dev->port_data[port_num].pkey_list_lock);
266
267
268
269 list_for_each_entry(tmp_pkey,
270 &dev->port_data[port_num].pkey_list,
271 pkey_index_list) {
272 if (tmp_pkey->pkey_index == pp->pkey_index) {
273 kfree(pkey);
274 pkey = tmp_pkey;
275 found = true;
276 break;
277 }
278 }
279
280 if (!found) {
281 pkey->pkey_index = pp->pkey_index;
282 spin_lock_init(&pkey->qp_list_lock);
283 INIT_LIST_HEAD(&pkey->qp_list);
284 list_add(&pkey->pkey_index_list,
285 &dev->port_data[port_num].pkey_list);
286 }
287 spin_unlock(&dev->port_data[port_num].pkey_list_lock);
288 }
289
290 spin_lock(&pkey->qp_list_lock);
291 list_add(&pp->qp_list, &pkey->qp_list);
292 spin_unlock(&pkey->qp_list_lock);
293
294 pp->state = IB_PORT_PKEY_LISTED;
295
296 return ret;
297 }
298
299
300
301
302 static void port_pkey_list_remove(struct ib_port_pkey *pp)
303 {
304 struct pkey_index_qp_list *pkey;
305
306 if (pp->state != IB_PORT_PKEY_LISTED)
307 return;
308
309 pkey = get_pkey_idx_qp_list(pp);
310
311 spin_lock(&pkey->qp_list_lock);
312 list_del(&pp->qp_list);
313 spin_unlock(&pkey->qp_list_lock);
314
315
316
317
318 pp->state = IB_PORT_PKEY_VALID;
319 }
320
321 static void destroy_qp_security(struct ib_qp_security *sec)
322 {
323 security_ib_free_security(sec->security);
324 kfree(sec->ports_pkeys);
325 kfree(sec);
326 }
327
328
329
330
331 static struct ib_ports_pkeys *get_new_pps(const struct ib_qp *qp,
332 const struct ib_qp_attr *qp_attr,
333 int qp_attr_mask)
334 {
335 struct ib_ports_pkeys *new_pps;
336 struct ib_ports_pkeys *qp_pps = qp->qp_sec->ports_pkeys;
337
338 new_pps = kzalloc(sizeof(*new_pps), GFP_KERNEL);
339 if (!new_pps)
340 return NULL;
341
342 if (qp_attr_mask & IB_QP_PORT)
343 new_pps->main.port_num = qp_attr->port_num;
344 else if (qp_pps)
345 new_pps->main.port_num = qp_pps->main.port_num;
346
347 if (qp_attr_mask & IB_QP_PKEY_INDEX)
348 new_pps->main.pkey_index = qp_attr->pkey_index;
349 else if (qp_pps)
350 new_pps->main.pkey_index = qp_pps->main.pkey_index;
351
352 if (((qp_attr_mask & IB_QP_PKEY_INDEX) &&
353 (qp_attr_mask & IB_QP_PORT)) ||
354 (qp_pps && qp_pps->main.state != IB_PORT_PKEY_NOT_VALID))
355 new_pps->main.state = IB_PORT_PKEY_VALID;
356
357 if (qp_attr_mask & IB_QP_ALT_PATH) {
358 new_pps->alt.port_num = qp_attr->alt_port_num;
359 new_pps->alt.pkey_index = qp_attr->alt_pkey_index;
360 new_pps->alt.state = IB_PORT_PKEY_VALID;
361 } else if (qp_pps) {
362 new_pps->alt.port_num = qp_pps->alt.port_num;
363 new_pps->alt.pkey_index = qp_pps->alt.pkey_index;
364 if (qp_pps->alt.state != IB_PORT_PKEY_NOT_VALID)
365 new_pps->alt.state = IB_PORT_PKEY_VALID;
366 }
367
368 new_pps->main.sec = qp->qp_sec;
369 new_pps->alt.sec = qp->qp_sec;
370 return new_pps;
371 }
372
373 int ib_open_shared_qp_security(struct ib_qp *qp, struct ib_device *dev)
374 {
375 struct ib_qp *real_qp = qp->real_qp;
376 int ret;
377
378 ret = ib_create_qp_security(qp, dev);
379
380 if (ret)
381 return ret;
382
383 if (!qp->qp_sec)
384 return 0;
385
386 mutex_lock(&real_qp->qp_sec->mutex);
387 ret = check_qp_port_pkey_settings(real_qp->qp_sec->ports_pkeys,
388 qp->qp_sec);
389
390 if (ret)
391 goto ret;
392
393 if (qp != real_qp)
394 list_add(&qp->qp_sec->shared_qp_list,
395 &real_qp->qp_sec->shared_qp_list);
396 ret:
397 mutex_unlock(&real_qp->qp_sec->mutex);
398 if (ret)
399 destroy_qp_security(qp->qp_sec);
400
401 return ret;
402 }
403
404 void ib_close_shared_qp_security(struct ib_qp_security *sec)
405 {
406 struct ib_qp *real_qp = sec->qp->real_qp;
407
408 mutex_lock(&real_qp->qp_sec->mutex);
409 list_del(&sec->shared_qp_list);
410 mutex_unlock(&real_qp->qp_sec->mutex);
411
412 destroy_qp_security(sec);
413 }
414
415 int ib_create_qp_security(struct ib_qp *qp, struct ib_device *dev)
416 {
417 unsigned int i;
418 bool is_ib = false;
419 int ret;
420
421 rdma_for_each_port (dev, i) {
422 is_ib = rdma_protocol_ib(dev, i);
423 if (is_ib)
424 break;
425 }
426
427
428 if (!is_ib)
429 return 0;
430
431 qp->qp_sec = kzalloc(sizeof(*qp->qp_sec), GFP_KERNEL);
432 if (!qp->qp_sec)
433 return -ENOMEM;
434
435 qp->qp_sec->qp = qp;
436 qp->qp_sec->dev = dev;
437 mutex_init(&qp->qp_sec->mutex);
438 INIT_LIST_HEAD(&qp->qp_sec->shared_qp_list);
439 atomic_set(&qp->qp_sec->error_list_count, 0);
440 init_completion(&qp->qp_sec->error_complete);
441 ret = security_ib_alloc_security(&qp->qp_sec->security);
442 if (ret) {
443 kfree(qp->qp_sec);
444 qp->qp_sec = NULL;
445 }
446
447 return ret;
448 }
449 EXPORT_SYMBOL(ib_create_qp_security);
450
451 void ib_destroy_qp_security_begin(struct ib_qp_security *sec)
452 {
453
454 if (!sec)
455 return;
456
457 mutex_lock(&sec->mutex);
458
459
460
461
462 if (sec->ports_pkeys) {
463 port_pkey_list_remove(&sec->ports_pkeys->main);
464 port_pkey_list_remove(&sec->ports_pkeys->alt);
465 }
466
467
468
469
470
471 sec->destroying = true;
472
473
474
475
476 sec->error_comps_pending = atomic_read(&sec->error_list_count);
477
478 mutex_unlock(&sec->mutex);
479 }
480
481 void ib_destroy_qp_security_abort(struct ib_qp_security *sec)
482 {
483 int ret;
484 int i;
485
486
487 if (!sec)
488 return;
489
490
491
492
493
494 for (i = 0; i < sec->error_comps_pending; i++)
495 wait_for_completion(&sec->error_complete);
496
497 mutex_lock(&sec->mutex);
498 sec->destroying = false;
499
500
501
502
503
504
505
506
507
508
509 if (sec->ports_pkeys) {
510 port_pkey_list_insert(&sec->ports_pkeys->main);
511 port_pkey_list_insert(&sec->ports_pkeys->alt);
512 }
513
514 ret = check_qp_port_pkey_settings(sec->ports_pkeys, sec);
515 if (ret)
516 qp_to_error(sec);
517
518 mutex_unlock(&sec->mutex);
519 }
520
521 void ib_destroy_qp_security_end(struct ib_qp_security *sec)
522 {
523 int i;
524
525
526 if (!sec)
527 return;
528
529
530
531
532
533
534 for (i = 0; i < sec->error_comps_pending; i++)
535 wait_for_completion(&sec->error_complete);
536
537 destroy_qp_security(sec);
538 }
539
540 void ib_security_cache_change(struct ib_device *device,
541 u8 port_num,
542 u64 subnet_prefix)
543 {
544 struct pkey_index_qp_list *pkey;
545
546 list_for_each_entry (pkey, &device->port_data[port_num].pkey_list,
547 pkey_index_list) {
548 check_pkey_qps(pkey,
549 device,
550 port_num,
551 subnet_prefix);
552 }
553 }
554
555 void ib_security_release_port_pkey_list(struct ib_device *device)
556 {
557 struct pkey_index_qp_list *pkey, *tmp_pkey;
558 unsigned int i;
559
560 rdma_for_each_port (device, i) {
561 list_for_each_entry_safe(pkey,
562 tmp_pkey,
563 &device->port_data[i].pkey_list,
564 pkey_index_list) {
565 list_del(&pkey->pkey_index_list);
566 kfree(pkey);
567 }
568 }
569 }
570
571 int ib_security_modify_qp(struct ib_qp *qp,
572 struct ib_qp_attr *qp_attr,
573 int qp_attr_mask,
574 struct ib_udata *udata)
575 {
576 int ret = 0;
577 struct ib_ports_pkeys *tmp_pps;
578 struct ib_ports_pkeys *new_pps = NULL;
579 struct ib_qp *real_qp = qp->real_qp;
580 bool special_qp = (real_qp->qp_type == IB_QPT_SMI ||
581 real_qp->qp_type == IB_QPT_GSI ||
582 real_qp->qp_type >= IB_QPT_RESERVED1);
583 bool pps_change = ((qp_attr_mask & (IB_QP_PKEY_INDEX | IB_QP_PORT)) ||
584 (qp_attr_mask & IB_QP_ALT_PATH));
585
586 WARN_ONCE((qp_attr_mask & IB_QP_PORT &&
587 rdma_protocol_ib(real_qp->device, qp_attr->port_num) &&
588 !real_qp->qp_sec),
589 "%s: QP security is not initialized for IB QP: %d\n",
590 __func__, real_qp->qp_num);
591
592
593
594
595
596
597
598 if (pps_change && !special_qp && real_qp->qp_sec) {
599 mutex_lock(&real_qp->qp_sec->mutex);
600 new_pps = get_new_pps(real_qp,
601 qp_attr,
602 qp_attr_mask);
603 if (!new_pps) {
604 mutex_unlock(&real_qp->qp_sec->mutex);
605 return -ENOMEM;
606 }
607
608
609
610
611
612
613
614 ret = port_pkey_list_insert(&new_pps->main);
615
616 if (!ret)
617 ret = port_pkey_list_insert(&new_pps->alt);
618
619 if (!ret)
620 ret = check_qp_port_pkey_settings(new_pps,
621 real_qp->qp_sec);
622 }
623
624 if (!ret)
625 ret = real_qp->device->ops.modify_qp(real_qp,
626 qp_attr,
627 qp_attr_mask,
628 udata);
629
630 if (new_pps) {
631
632
633
634 if (ret) {
635 tmp_pps = new_pps;
636 } else {
637 tmp_pps = real_qp->qp_sec->ports_pkeys;
638 real_qp->qp_sec->ports_pkeys = new_pps;
639 }
640
641 if (tmp_pps) {
642 port_pkey_list_remove(&tmp_pps->main);
643 port_pkey_list_remove(&tmp_pps->alt);
644 }
645 kfree(tmp_pps);
646 mutex_unlock(&real_qp->qp_sec->mutex);
647 }
648 return ret;
649 }
650
651 static int ib_security_pkey_access(struct ib_device *dev,
652 u8 port_num,
653 u16 pkey_index,
654 void *sec)
655 {
656 u64 subnet_prefix;
657 u16 pkey;
658 int ret;
659
660 if (!rdma_protocol_ib(dev, port_num))
661 return 0;
662
663 ret = ib_get_cached_pkey(dev, port_num, pkey_index, &pkey);
664 if (ret)
665 return ret;
666
667 ret = ib_get_cached_subnet_prefix(dev, port_num, &subnet_prefix);
668
669 if (ret)
670 return ret;
671
672 return security_ib_pkey_access(sec, subnet_prefix, pkey);
673 }
674
675 void ib_mad_agent_security_change(void)
676 {
677 struct ib_mad_agent *ag;
678
679 spin_lock(&mad_agent_list_lock);
680 list_for_each_entry(ag,
681 &mad_agent_list,
682 mad_agent_sec_list)
683 WRITE_ONCE(ag->smp_allowed,
684 !security_ib_endport_manage_subnet(ag->security,
685 dev_name(&ag->device->dev), ag->port_num));
686 spin_unlock(&mad_agent_list_lock);
687 }
688
689 int ib_mad_agent_security_setup(struct ib_mad_agent *agent,
690 enum ib_qp_type qp_type)
691 {
692 int ret;
693
694 if (!rdma_protocol_ib(agent->device, agent->port_num))
695 return 0;
696
697 INIT_LIST_HEAD(&agent->mad_agent_sec_list);
698
699 ret = security_ib_alloc_security(&agent->security);
700 if (ret)
701 return ret;
702
703 if (qp_type != IB_QPT_SMI)
704 return 0;
705
706 spin_lock(&mad_agent_list_lock);
707 ret = security_ib_endport_manage_subnet(agent->security,
708 dev_name(&agent->device->dev),
709 agent->port_num);
710 if (ret)
711 goto free_security;
712
713 WRITE_ONCE(agent->smp_allowed, true);
714 list_add(&agent->mad_agent_sec_list, &mad_agent_list);
715 spin_unlock(&mad_agent_list_lock);
716 return 0;
717
718 free_security:
719 spin_unlock(&mad_agent_list_lock);
720 security_ib_free_security(agent->security);
721 return ret;
722 }
723
724 void ib_mad_agent_security_cleanup(struct ib_mad_agent *agent)
725 {
726 if (!rdma_protocol_ib(agent->device, agent->port_num))
727 return;
728
729 if (agent->qp->qp_type == IB_QPT_SMI) {
730 spin_lock(&mad_agent_list_lock);
731 list_del(&agent->mad_agent_sec_list);
732 spin_unlock(&mad_agent_list_lock);
733 }
734
735 security_ib_free_security(agent->security);
736 }
737
738 int ib_mad_enforce_security(struct ib_mad_agent_private *map, u16 pkey_index)
739 {
740 if (!rdma_protocol_ib(map->agent.device, map->agent.port_num))
741 return 0;
742
743 if (map->agent.qp->qp_type == IB_QPT_SMI) {
744 if (!READ_ONCE(map->agent.smp_allowed))
745 return -EACCES;
746 return 0;
747 }
748
749 return ib_security_pkey_access(map->agent.device,
750 map->agent.port_num,
751 pkey_index,
752 map->agent.security);
753 }