August 04, 2004John Carrier, Adaptec1 One-Shot STags John Carrier Adaptec.

Slides:

Advertisements

Similar presentations

IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: Initiate An Exercise for Generating a 21a Document Date Submitted: September 21, 2009.

Advertisements

A Study of iSCSI Extensions for RDMA (iSER)

Contents Overview Data Information Frame Format Protocol

Computer Architecture

System Integration and Performance

Doc.: IEEE /0836r2 Submission July 2008 Dan Harkins, Aruba NetworksSlide 1 Changes to SAE State Machine Date: Authors:

Lectures on File Management

Dr. Rabie A. Ramadan Al-Azhar University Lecture 3

Multi-core systems System Architecture COMP25212 Daniel Goodman Advanced Processor Technologies Group.

OFED TCP Port Mapper Proposal June 15, Overview Current NE020 Linux OFED driver uses host TCP/IP stack MAC and IP address for RDMA connections Hardware.

NAT Traversal for P2PSIP Philip Matthews Avaya. Peer X Peer Y Peer W 2. P2PSIP Network Establishing new Peer Protocol connection Peer Protocol messages.

IWARP Update #OFADevWorkshop.

12/02/14 Chet Douglas, DCG Crystal Ridge PE SW Architecture

August 02, 2004Mallikarjun Chadalapaka, HP1 iSCSI/RDMA: Overview of DA and iSER Mallikarjun Chadalapaka HP.

TMN Workshop Antwerp, 27 May1998 EURESCOM Project P710 “Security for the TMN X-interface” by Pål Kristiansen, Telenor R&D  The need for TMN security &

Research Agenda on Efficient and Robust Datapath Yingping Lu.

Service Broker Lesson 11. Skills Matrix Service Broker Service Broker, provides a solution to common problems with message delivery and consistency that.

1 Shared-memory Architectures Adapted from a lecture by Ian Watson, University of Machester.

Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

Signature Verbs Extension Richard L. Graham. Data Integrity Field (DIF) Used to provide data block integrity check capabilities (CRC) for block storage.

How to read and critique a technical paper?. 3 phases to reading Determine if there is anything interesting at all in the paper. Determine which portion.

Configuration Management Issues in IHE Asuman Dogac, SRDC, METU, Turkey

I-D: draft-rahman-mipshop-mih-transport-01.txt Transport of Media Independent Handover Messages Over IP 67 th IETF Annual Meeting MIPSHOP Working Group.

COM594 TCP and Wireless: Unforeseen Consequences.

PCI Team 3: Adam Meyer, Christopher Koch,

RDMAP/DDP Security Draft draft-ietf-rddp-security-01.txt Jim Pinkerton, Ellen Deleganes, Sara Bitan.

Authentication Applications Unit 6. Kerberos In Greek and Roman mythology, is a multi-headed (usually three-headed) dog, or "hellhound” with a serpent's.

ISER on SCTP & IB draft-hufferd-ips-iser-sctp-ib-00.txt Generalizations to iSER specification John Hufferd Mike Ko Yaron Haviv.

(Business) Process Centric Exchanges

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: MIH_Handover primitives and scenarios Date Submitted: April, 30,

Chapter 12 Transmission Control Protocol (TCP)

2.8. Data Communication The data that flows on a connection may be thought of as a stream of octets. The sending user indicates in each SEND call whether.

Storage Interconnect Requirements Chen Zhao, Frank Yang NetApp, Inc.

1 Next Steps for iWARP Caitlin Bestler Uri Elzur.

1 SIPREC draft-ietf-siprec-architecture-00 An Architecture for Media Recording using SIP IETF SIPREC INTERIM – Sept 28 th 2010 Andrew Hutton.

ISCSI Extensions for RDMA (iSER) draft-ko-iwarp-iser-02 Mike Ko IBM August 2, 2004.

Wireless TCP. References r Hari Balakrishnan, Venkat Padmanabhan, Srinivasan Seshan and Randy H. Katz, " A Comparison of Mechanisms for Improving TCP.

InfiniBand support for Socket- based connection model by CM Arkady Kanevsky November 16, 2005 version 4.

SAML FTF #4 Workitems Bob Blakley. SAML “SenderVouches” SubjectConfirmation Method: A Proposed Alternative to Bindings 0.5 Proposals.

SIP working group IETF#70 Essential corrections Keith Drage.

Draft-ietf-rddp-security-02 Summary of outstanding issues August 4, 2004 Jim Pinkerton.

RDMAP/DDP Security Draft draft-ietf-rddp-security-00.txt Jim Pinkerton, Ellen Deleganes, Allyn Romanow, Bernard Aboba.

Copyrighted material John Tullis 12/16/2015 page 1 04/08/00 MQ Series Middleware Presentation John Tullis DePaul Instructor

Making SIP NAT Friendly Jonathan Rosenberg dynamicsoft.

Mr. P. K. GuptaSandeep Gupta Roopak Agarwal

New IP Drivers using drvIpac Module Driver:CANopen Carrier Driver:GPFC drvIpac ?? CANopen Tip810 CAN Tip810 mv162GPFCatc40vipc310vipc616 Module driver.

ISER on InfiniBand (and SCTP). Problem Statement Currently defined IB Storage I/O protocol –SRP (SCSI RDMA Protocol) –SRP does not have a discovery or.

Service Component Architecture Policy TC Issue 33 Capabilities.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: ID Definition Date Submitted: July 14, 2006 Presented at IEEE session in San.

App End-to-End Security Requirements Group Name: SEC WG4 Source: Phil Hawkes, Qualcomm, Meeting Date:

ISER Support Annex Arkady Kanevsky, Ph.D. IBTA SWG San Francisco September 25, 2006.

ISA 95 Working Group (Business) Process Centric Exchanges Dennis Brandl A Modest Proposal July 22, 2015.

1 Device Controller I/O units typically consist of A mechanical component: the device itself An electronic component: the device controller or adapter.

RDMAP/DDP Security Draft draft-pinkerton-rddp-security-00.txt Jim Pinkerton, Ellen Deleganes, Allyn Romanow, Bernard Aboba.

2015 Storage Developer Conference. © Intel Corporation. All Rights Reserved. RDMA with PMEM Software mechanisms for enabling access to remote persistent.

Data Link Layer.

© 2006 Open Grid Forum Network Services Interface Policy-based routing enforcement John MacAuley, ESnet 4 th February 2015.

1 load [2], [9] Transfer contents of memory location 9 to memory location 2. Illegal instruction.

Draft-gu-ppsp-tracker-protocol-04 Presenter ： Gu Yingjie IETF-81, Quebec, July, 2011.

API RP 17A - Discussion Points

METHODS AND BEHAVIORS AKEEL AHMED.

Strayer University at Arlington, VA

Changes to SAE State Machine

Slides developed by Dr. Hesham El-Rewini Copyright Hesham El-Rewini

Cache coherence CEG 4131 Computer Architecture III

Coherent caches Adapted from a lecture by Ian Watson, University of Machester.

IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec

draft-ietf-ips-iser-00 Mike Ko November 8, 2004

Revisiting Path Switch

Presentation transcript:

August 04, 2004John Carrier, Adaptec1 One-Shot STags John Carrier Adaptec

August 04, 2004John Carrier, Adaptec2 Agenda Problem Statement Proposals Recommendations

August 04, 2004John Carrier, Adaptec3 Problem Statement STags may be valid for more than one RDMA access, which may leave the ULP open to attack from the remote peer. The ULP may be especially vulnerable from attacks through RDMA Writes –The remote peer indicates completion of the RDMA through an RDMA Send type message. –When the local ULP receives this completion message, it may assume that it again has ownership of its sink buffer. –However, unless the STag itself is invalidated, the remote peer may overwrite the buffer even as the local ULP is processing its contents. This remote access may be inadvertent or deliberate. IPsec cannot address this problem because the error is generated by the connection peer, not a man in the middle.

August 04, 2004John Carrier, Adaptec4 RDMA Write with Explicit ULP Invalidation

August 04, 2004John Carrier, Adaptec5 Peer Attack of Data Sink Buffer

August 04, 2004John Carrier, Adaptec6 Proposed Solutions Caitlin Bestler proposed ‘one-shot’ STags as a means of limiting the scope of STags to a single RDMA transaction. Current architectures, however, enable persistent STags that may be used for multiple RDMA events. –Some protocols such as SCSI, will rely on persistent STags to enable targets to DMA data to initiator buffers in the way targets find most efficient (ie as it becomes available) Reflector discussions focused on mechanisms where the RNIC could invalidate the STag before the ULP processed the completion –Send & Invalidate –Receive & Invalidate –RDMA Write & Invalidate

August 04, 2004John Carrier, Adaptec7 Send & Invalidate DDP already includes a Send & Invalidate message that allows the remote peer to include an STag in a Send Message which the local RNIC can invalidate before the local ULP processes the completion. The original intent of this message was to reduce a roundtrip to the RNIC during completion processing. If the RNIC invalidated the STag, then the local peer would not have to write to the RNIC after receiving the completion. The mechanism, however, effectively closes remote access to the STag and removes the vulnerability to further attack from the remote peer.

August 04, 2004John Carrier, Adaptec8 Implicit Invalidation: Send & Invalidate

August 04, 2004John Carrier, Adaptec9 Receive & Invalidate Caitlin suggested that the local peer should be in control of invalidating its own STags. –Send & Invalidate leaves that control with the remote peer. –Unless the ULP explicitly describes the use of Send & Invalidate (as iSER does), it is possible that the message will not be used correctly and sink buffers will be vulnerable. For ULPs that know which untagged receive buffer will be used to complete an RDMA Write, Caitlin proposed a new mechanism where the ULP included an STag when it posted the receive buffer. When the RNIC consumes the untagged buffer, it retrieves the STag associated with it, and then invalidates the STag for the Data Sink buffer.

August 04, 2004John Carrier, Adaptec10 Implicit Invalidation: Receive & Invalidate

August 04, 2004John Carrier, Adaptec11 RDMA Write & Invalidate In both Send & Invalidate and Receive & Invalidate the RNIC invalidates the STag following an RDMA Send Message. It is possible to have the RNIC invalidate the STag following the RDMA Write Message. –The RNIC “knows” that a Write Message is complete –After ACKing the last byte of the message, it could invalidate the STag associated with the RDMA write. The problem with this proposal is that the remote peer may require multiple RDMA Writes to fill the Data Sink buffer. –iSER, for example, could not use this mechanism

August 04, 2004John Carrier, Adaptec12 Multiple Use of a Data Sink Stag

August 04, 2004John Carrier, Adaptec13 Recommendations Send & Invalidate is the only general purpose solution that can be validated on the wire Receive & Invalidate may be useful to specific classes of applications. –Two well known protocols (SDP, iSER), for example, do not have such tight control of receive resources as to be able to associate STags for an RDMA transaction with a specific untagged buffer to hold its completion. –Furthermore, enabling this mechanism requires a non-trivial change to the RNIC Interface in order for the RNIC to store a STags in a queue of STag buffer pointers. Write & Invalidate restricts use of RDMA Write

August 04, 2004John Carrier, Adaptec14 Discussion Are one-shot STags really necessary? Would it suffice to describe the pitfalls of not using Send&Invalidate?