From patchwork Sun Jul  4 14:12:00 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Aleksey Senin <alex@senin.name>
X-Patchwork-Id: 110154
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by demeter.kernel.org (8.14.4/8.14.3) with ESMTP id o64EC5QT010299
	for <patchwork-linux-rdma@patchwork.kernel.org>;
	Sun, 4 Jul 2010 14:12:06 GMT
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1756016Ab0GDOME (ORCPT
	<rfc822;patchwork-linux-rdma@patchwork.kernel.org>);
	Sun, 4 Jul 2010 10:12:04 -0400
Received: from fwil.voltaire.com ([193.47.165.2]:31775 "EHLO
	exil.voltaire.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1755556Ab0GDOMC (ORCPT <rfc822;linux-rdma@vger.kernel.org>);
	Sun, 4 Jul 2010 10:12:02 -0400
Received: from [172.25.5.76] ([172.25.5.76]) by exil.voltaire.com with
	Microsoft SMTPSVC(6.0.3790.4675); Sun, 4 Jul 2010 17:12:00 +0300
Message-ID: <4C3096B0.5030005@senin.name>
Date: Sun, 04 Jul 2010 17:12:00 +0300
From: Aleksey Senin <alex@senin.name>
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US;
	rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
MIME-Version: 1.0
To: Aleksey Senin <alex@senin.name>
CC: linux-rdma@vger.kernel.org, Roland Dreier <rolandd@cisco.com>,
	Moni Shoua <monis@Voltaire.COM>, Or Gerlitz <ogerlitz@Voltaire.COM>,
	Yiftah Shahar <yiftahs@Voltaire.COM>,
	Alex Rosenbaum <Alexr@Voltaire.COM>,
	"Walukiewicz, Miroslaw" <Miroslaw.Walukiewicz@intel.com>
Subject: [PATCH V1 3/4] Security check on QP type
References: <4C308E07.7050903@senin.name> <4C3092ED.6000701@senin.name>
	<4C3095CB.2000205@senin.name>
In-Reply-To: <4C3095CB.2000205@senin.name>
X-OriginalArrivalTime: 04 Jul 2010 14:12:00.0835 (UTC)
	FILETIME=[DED46130:01CB1B82]
Sender: linux-rdma-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-rdma.vger.kernel.org>
X-Mailing-List: linux-rdma@vger.kernel.org
X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by
	milter-greylist-4.2.3 (demeter.kernel.org [140.211.167.41]);
	Sun, 04 Jul 2010 14:12:12 +0000 (UTC)


diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c
index 6fcfbeb..87025fc 100644
--- a/drivers/infiniband/core/uverbs_cmd.c
+++ b/drivers/infiniband/core/uverbs_cmd.c
@@ -1050,6 +1050,9 @@ ssize_t ib_uverbs_create_qp(struct ib_uverbs_file *file,
 	if (copy_from_user(&cmd, buf, sizeof cmd))
 		return -EFAULT;
 
+	if (cmd.qp_type == IB_QPT_RAW_PACKET && !capable(CAP_NET_RAW))
+		return -EPERM;
+
 	INIT_UDATA(&udata, buf + sizeof cmd,
 		   (unsigned long) cmd.response + sizeof resp,
 		   in_len - sizeof cmd, out_len - sizeof resp);