On Thu, Sep 20, 2018 at 09:45:17PM +0300, Leon Romanovsky wrote: > From: Leon Romanovsky <leonro@xxxxxxxxxxxx> > > >From Yishai, > > This series comes to enable the DEVX functionality in some wider scope, > specifically, > - It enables using kernel objects that were created by the verbs > API in the DEVX flow. > - It enables white list commands without DEVX user context. > - It enables the IB link layer under CAP_NET_RAW capabilities. > - It exposes the PRM handles for RAW QP (i.e. TIRN, TISN, RQN, SQN) > to be used later on directly by the DEVX interface. > > In General, > Each object that is created/destroyed/modified via verbs will be stamped > with a UID based on its user context. This is already done for DEVX objects > commands. > > This will enable the firmware to enforce the usage of kernel objects > from the DEVX flow by validating that the same UID is used and the resources are > really related to the same user. > > For example in case a CQ was created with verbs it will be stamped with > UID and once will be pointed by a DEVX create QP command the firmware will > validate that the input CQN really belongs to the UID which issues the create QP > command. > > As of the above, all the PRM objects (except of the public ones which > are managed by the kernel e.g. FLOW, etc.) will have a UID upon their > create/modify/destroy commands. The detection of UMEM / physical > addressed in the relevant commands will be done by firmware according to a 'umem > valid bit' as the UID may be used in both cases. > > The series also enables white list commands which don't require a > specific DEVX context, instead of this a device UID is used so that > the firmware will mask un-privileged functionality. The IB link layer > is also enabled once CAP_NET_RAW permission exists. > > To enable using the RAW QP underlay objects (e.g. TIRN, RQN, etc.) later > on by DEVX commands the UHW output for this case was extended to return this > data when a DEVX context is used. > > Thanks > > Yishai Hadas (4): > IB/mlx5: Expose RAW QP device handles to user space > IB/mlx5: Manage device uid for DEVX white list commands > IB/mlx5: Enable DEVX white list commands > IB/mlx5: Enable DEVX on IB Applied to for-next Jason
