* [PATCH rdma-rc v1] RDMA/mlx5: Block delay drop to unprivileged users
@ 2020-03-22 12:49 Leon Romanovsky
2020-03-26 19:40 ` Jason Gunthorpe
0 siblings, 1 reply; 2+ messages in thread
From: Leon Romanovsky @ 2020-03-22 12:49 UTC (permalink / raw)
To: Doug Ledford, Jason Gunthorpe; +Cc: Maor Gottlieb, linux-rdma, Yishai Hadas
From: Maor Gottlieb <maorg@mellanox.com>
Since this feature can globally block the RX port, it should
be allowed to privileged users only.
Fixes: 03404e8ae652("IB/mlx5: Add support to dropless RQ")
Signed-off-by: Maor Gottlieb <maorg@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
---
Changelog:
v1: Changed permission from CAP_NET_RAW to be CAP_SYS_RAWIO like in
the devx code.
v0: https://lore.kernel.org/linux-rdma/20200318100223.46436-1-leon@kernel.org
---
drivers/infiniband/hw/mlx5/qp.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c
index d3055f3eb0b6..cf44c5a21f18 100644
--- a/drivers/infiniband/hw/mlx5/qp.c
+++ b/drivers/infiniband/hw/mlx5/qp.c
@@ -6247,6 +6247,10 @@ struct ib_wq *mlx5_ib_create_wq(struct ib_pd *pd,
if (udata->outlen && udata->outlen < min_resp_len)
return ERR_PTR(-EINVAL);
+ if (!capable(CAP_SYS_RAWIO) &&
+ init_attr->create_flags & IB_WQ_FLAGS_DELAY_DROP)
+ return ERR_PTR(-EPERM);
+
dev = to_mdev(pd->device);
switch (init_attr->wq_type) {
case IB_WQT_RQ:
--
2.24.1
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH rdma-rc v1] RDMA/mlx5: Block delay drop to unprivileged users
2020-03-22 12:49 [PATCH rdma-rc v1] RDMA/mlx5: Block delay drop to unprivileged users Leon Romanovsky
@ 2020-03-26 19:40 ` Jason Gunthorpe
0 siblings, 0 replies; 2+ messages in thread
From: Jason Gunthorpe @ 2020-03-26 19:40 UTC (permalink / raw)
To: Leon Romanovsky; +Cc: Doug Ledford, Maor Gottlieb, linux-rdma, Yishai Hadas
On Sun, Mar 22, 2020 at 02:49:06PM +0200, Leon Romanovsky wrote:
> From: Maor Gottlieb <maorg@mellanox.com>
>
> Since this feature can globally block the RX port, it should
> be allowed to privileged users only.
>
> Fixes: 03404e8ae652("IB/mlx5: Add support to dropless RQ")
> Signed-off-by: Maor Gottlieb <maorg@mellanox.com>
> Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
> ---
> Changelog:
> v1: Changed permission from CAP_NET_RAW to be CAP_SYS_RAWIO like in
> the devx code.
> v0: https://lore.kernel.org/linux-rdma/20200318100223.46436-1-leon@kernel.org
> ---
> drivers/infiniband/hw/mlx5/qp.c | 4 ++++
> 1 file changed, 4 insertions(+)
Ah, this was merged into rc and is already in linus's tree
Thanks,
Jason
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-03-26 19:40 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-22 12:49 [PATCH rdma-rc v1] RDMA/mlx5: Block delay drop to unprivileged users Leon Romanovsky
2020-03-26 19:40 ` Jason Gunthorpe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).