[8/9,v2] opensm: Ensure sweep interval/mkey lease are sensibly set

Commit Message

Jim Foraker Aug. 1, 2012, 2:52 p.m. UTC

If mkeys are protected, sweep should always be enabled and
set to an interval < the lease timeout, to ensure a missed trap
doesn't lead to mkey exposure.

Signed-off-by: Jim Foraker <foraker1@llnl.gov>
---
 opensm/osm_subnet.c |   20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

Patch

diff --git a/opensm/osm_subnet.c b/opensm/osm_subnet.c
index 5ae49bb..460582a 100644
--- a/opensm/osm_subnet.c
+++ b/opensm/osm_subnet.c
@@ -2011,6 +2011,26 @@  int osm_subn_verify_config(IN osm_subn_opt_t * p_opts)
 			   "instead\n", p_opts->m_key_protect_bits, 2);
 		p_opts->m_key_protect_bits = 2;
 	}
+	if (p_opts->m_key_protect_bits && p_opts->m_key_lease_period) {
+		if (!p_opts->sweep_interval) {
+			log_report(" Sweep disabled with protected mkey "
+				   "leases in effect; re-enabling sweeping "
+				   "with interval %u\n",
+				   cl_ntoh16(p_opts->m_key_lease_period) - 1);
+			p_opts->sweep_interval =
+				cl_ntoh16(p_opts->m_key_lease_period) - 1;
+		}
+		if (p_opts->sweep_interval >=
+			cl_ntoh16(p_opts->m_key_lease_period)) {
+			log_report(" Sweep interval %u >= mkey lease period "
+				   "%u. Setting lease period to %u\n",
+				   p_opts->sweep_interval,
+				   cl_ntoh16(p_opts->m_key_lease_period),
+				   p_opts->sweep_interval + 1);
+			p_opts->m_key_lease_period =
+				cl_hton16(p_opts->sweep_interval + 1);
+		}
+	}
 
 	if (p_opts->root_guid_file != NULL) {
 		FILE *root_file = fopen(p_opts->root_guid_file, "r");