On Tue, Nov 23, 2021 at 03:44:03PM +0100, David Hildenbrand wrote: > On 23.11.21 15:07, Jason Gunthorpe wrote: > > On Tue, Nov 23, 2021 at 02:39:19PM +0100, David Hildenbrand wrote: > >>> > >>>> 2) Could be provide a mmu variant to ordinary users that's just good > >>>> enough but maybe not as fast as what we have today? And limit > >>>> FOLL_LONGTERM to special, privileged users? > >>> > >>> rdma has never been privileged > >> > >> Feel free to correct me if I'm wrong: it requires special networking > >> hardware and the admin/kernel has to prepare the system in a way such > >> that it can be used. > > > > Not really, plug in the right PCI card and it works > > Naive me would have assumed that the right modules have to be loaded > (and not blacklisted), that there has to be an rdma service installed > and running, that the NIC has to be configured in some way, and that > there is some kind of access control which user can actually use which > NIC. Not really, we've worked hard that it works as well as any other HW device. Plug it in and it works. There is no systemd service, or special mandatory configuration, for instance. > For example, I would have assume from inside a container it usually > wouldn't just work. Nope, RDMA follows the net namespaces of its ethernet port, so it just works in containers too. > believe what you say and I trust your experience :) So could as well be > that on such a "special" (or not so special) systems there should be a > way to restrict it to privileged users only. At this point RDMA is about as "special" as people running large ZONE_MOVABLE systems, and the two are going to start colliding heavily. The RDMA VFIO migration driver should be merged soon which makes VMs using this stuff finally practical. Jason
