From: Parav Pandit <parav@xxxxxxxxxxxx>
Provide an option to change net namespace of rdma device through netlink
command. When multiple rdma devices exists in a system, and when
containers are used, this will limit rdma device visibility in specified
net namespace.
An example command to change net namespace of mlx5_1 device to
previously created net namespace 'foo' would be below.
$ rdma dev set mlx5_1 netns foo
Signed-off-by: Parav Pandit <parav@xxxxxxxxxxxx>
Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxxxx>
---
Documentation/infiniband/core_devices.txt | 2 +-
drivers/infiniband/core/core_priv.h | 2 ++
drivers/infiniband/core/net_namespace.c | 20 ++++++++++++++++++++
drivers/infiniband/core/nldev.c | 9 +++++++++
include/uapi/rdma/rdma_netlink.h | 5 +++++
5 files changed, 37 insertions(+), 1 deletion(-)
diff --git a/Documentation/infiniband/core_devices.txt b/Documentation/infiniband/core_devices.txt
index fd98b27dd3d9..413cac03471d 100644
--- a/Documentation/infiniband/core_devices.txt
+++ b/Documentation/infiniband/core_devices.txt
@@ -72,7 +72,7 @@ All ib_core_device(s) points to one owner ib_device using driver_data.
| *owner------------------------+
+--------------+
-2.2 rdma ib_device bound to a net namespace (in future)
+2.2 rdma ib_device bound to a net namespace
--------------------------------------------------------
In this mode, when an rdma device is bound to a net namespace, all compat
diff --git a/drivers/infiniband/core/core_priv.h b/drivers/infiniband/core/core_priv.h
index bd401ed9d119..6bd0c39f8bdd 100644
--- a/drivers/infiniband/core/core_priv.h
+++ b/drivers/infiniband/core/core_priv.h
@@ -363,4 +363,6 @@ void ib_gid_table_cleanup_one(struct ib_device *device);
int ib_dev_change_net_ns(struct ib_device *device, struct net *net);
int _ib_dev_change_net_ns(struct ib_device *device, struct net *net);
+int ib_set_device_netns_by_fd(struct sk_buff *skb,
+ struct ib_device *device, u32 ns_fd);
#endif /* _CORE_PRIV_H */
diff --git a/drivers/infiniband/core/net_namespace.c b/drivers/infiniband/core/net_namespace.c
index db442f927480..25678ae7c4fa 100644
--- a/drivers/infiniband/core/net_namespace.c
+++ b/drivers/infiniband/core/net_namespace.c
@@ -205,6 +205,26 @@ void rdma_compatdev_set(u8 enable)
mutex_unlock(&ib_device_mutex);
}
+int ib_set_device_netns_by_fd(struct sk_buff *skb,
+ struct ib_device *device, u32 ns_fd)
+{
+ struct net *net;
+ int ret = 0;
+
+ net = get_net_ns_by_fd(ns_fd);
+ if (IS_ERR(net))
+ return PTR_ERR(net);
+ if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) {
+ ret = -EPERM;
+ goto done;
+ }
+
+ ret = ib_dev_change_net_ns(device, net);
+done:
+ put_net(net);
+ return ret;
+}
+
static __net_init int rdma_dev_init_net(struct net *net)
{
struct rdma_dev_net *rdma_net = net_generic(net, rdma_dev_net_id);
diff --git a/drivers/infiniband/core/nldev.c b/drivers/infiniband/core/nldev.c
index 11ad2fe08d00..d4ce7106e4b8 100644
--- a/drivers/infiniband/core/nldev.c
+++ b/drivers/infiniband/core/nldev.c
@@ -108,6 +108,7 @@ static const struct nla_policy nldev_policy[RDMA_NLDEV_ATTR_MAX] = {
[RDMA_NLDEV_ATTR_DRIVER_S64] = { .type = NLA_S64 },
[RDMA_NLDEV_ATTR_DRIVER_U64] = { .type = NLA_U64 },
[RDMA_NLDEV_SYS_ATTR_NETNS_MODE] = { .type = NLA_U8 },
+ [RDMA_NLDEV_NET_NS_FD] = { .type = NLA_U32 },
};
static int put_driver_name_print_type(struct sk_buff *msg, const char *name,
@@ -675,8 +676,16 @@ static int nldev_set_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
nla_strlcpy(name, tb[RDMA_NLDEV_ATTR_DEV_NAME],
IB_DEVICE_NAME_MAX);
err = ib_device_rename(device, name);
+ goto out;
}
+ if (tb[RDMA_NLDEV_NET_NS_FD]) {
+ u32 ns_fd;
+
+ ns_fd = nla_get_u32(tb[RDMA_NLDEV_NET_NS_FD]);
+ err = ib_set_device_netns_by_fd(skb, device, ns_fd);
+ }
+out:
ib_device_put(device);
return err;
}
diff --git a/include/uapi/rdma/rdma_netlink.h b/include/uapi/rdma/rdma_netlink.h
index 033eaf4b32ad..40b1563eafbe 100644
--- a/include/uapi/rdma/rdma_netlink.h
+++ b/include/uapi/rdma/rdma_netlink.h
@@ -437,6 +437,11 @@ enum rdma_nldev_attr {
*/
RDMA_NLDEV_SYS_ATTR_NETNS_MODE, /* u8 */
+ /*
+ * File descriptor handle of the net namespace object
+ */
+ RDMA_NLDEV_NET_NS_FD, /* u32 */
+
/*
* Always the end
*/
--
2.19.1
