From: Parav Pandit <parav@xxxxxxxxxxxx>
Provide an option to change net namespace of rdma device through netlink
command. When multiple rdma devices exists in a system, and when
containers are used, this will limit rdma device visibility in specified
net namespace.
An example command to change net namespace of mlx5_1 device to
previously created net namespace 'foo' would be below.
$ ip netns add foo
$ rdma dev set mlx5_1 netns foo
Signed-off-by: Parav Pandit <parav@xxxxxxxxxxxx>
Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxxxx>
---
Documentation/infiniband/core_devices.txt | 2 +-
drivers/infiniband/core/core_priv.h | 2 ++
drivers/infiniband/core/device.c | 29 +++++++++++++++++++++++
drivers/infiniband/core/nldev.c | 13 +++++++++-
include/uapi/rdma/rdma_netlink.h | 4 ++++
5 files changed, 48 insertions(+), 2 deletions(-)
diff --git a/Documentation/infiniband/core_devices.txt b/Documentation/infiniband/core_devices.txt
index 34f7d5cea54f..62d6d42e9f9d 100644
--- a/Documentation/infiniband/core_devices.txt
+++ b/Documentation/infiniband/core_devices.txt
@@ -72,7 +72,7 @@ All ib_core_device(s) points to one owner ib_device using owner pointer.
| *owner------------------------+
+--------------+
-2.2 rdma ib_device bound to a net namespace (in future)
+2.2 rdma ib_device bound to a net namespace
--------------------------------------------------------
In this mode, when an rdma device is bound to a net namespace, all compat
diff --git a/drivers/infiniband/core/core_priv.h b/drivers/infiniband/core/core_priv.h
index 0663fc64e950..d4d5f0015f9b 100644
--- a/drivers/infiniband/core/core_priv.h
+++ b/drivers/infiniband/core/core_priv.h
@@ -344,4 +344,6 @@ int ib_setup_port_attrs(struct ib_core_device *coredev,
bool alloc_hw_stats);
int rdma_compatdev_set(u8 enable);
+int ib_device_set_netns_put(struct sk_buff *skb,
+ struct ib_device *dev, u32 ns_fd);
#endif /* _CORE_PRIV_H */
diff --git a/drivers/infiniband/core/device.c b/drivers/infiniband/core/device.c
index 48805e00b115..0a2d35af7069 100644
--- a/drivers/infiniband/core/device.c
+++ b/drivers/infiniband/core/device.c
@@ -1495,6 +1495,7 @@ static int __rdma_dev_change_netns(struct ib_device *device, struct net *net)
dev_warn(&device->dev,
"%s Couldn't re-enable device\n", __func__);
}
+
ib_device_put(device);
return ret;
}
@@ -1552,6 +1553,34 @@ static int rdma_dev_change_netns_with_put(struct ib_device *dev,
return ret;
}
+int ib_device_set_netns_put(struct sk_buff *skb,
+ struct ib_device *dev, u32 ns_fd)
+{
+ struct net *net;
+ int ret;
+
+ net = get_net_ns_by_fd(ns_fd);
+ if (IS_ERR(net)) {
+ ret = PTR_ERR(net);
+ goto net_err;
+ }
+
+ if (!netlink_ns_capable(skb, net->user_ns, CAP_NET_ADMIN)) {
+ ret = -EPERM;
+ goto ns_err;
+ }
+
+ ret = rdma_dev_change_netns_with_put(dev, net);
+ put_net(net);
+ return ret;
+
+ns_err:
+ put_net(net);
+net_err:
+ ib_device_put(dev);
+ return ret;
+}
+
static struct pernet_operations rdma_dev_net_ops = {
.init = rdma_dev_init_net,
.exit = rdma_dev_exit_net,
diff --git a/drivers/infiniband/core/nldev.c b/drivers/infiniband/core/nldev.c
index 0d70727920cd..ccf84142acd0 100644
--- a/drivers/infiniband/core/nldev.c
+++ b/drivers/infiniband/core/nldev.c
@@ -117,6 +117,7 @@ static const struct nla_policy nldev_policy[RDMA_NLDEV_ATTR_MAX] = {
[RDMA_NLDEV_ATTR_LINK_TYPE] = { .type = NLA_NUL_STRING,
.len = RDMA_NLDEV_ATTR_ENTRY_STRLEN },
[RDMA_NLDEV_SYS_ATTR_NETNS_MODE] = { .type = NLA_U8 },
+ [RDMA_NLDEV_NET_NS_FD] = { .type = NLA_U32 },
};
static int put_driver_name_print_type(struct sk_buff *msg, const char *name,
@@ -669,9 +670,20 @@ static int nldev_set_doit(struct sk_buff *skb, struct nlmsghdr *nlh,
nla_strlcpy(name, tb[RDMA_NLDEV_ATTR_DEV_NAME],
IB_DEVICE_NAME_MAX);
err = ib_device_rename(device, name);
+ goto done;
}
+ if (tb[RDMA_NLDEV_NET_NS_FD]) {
+ u32 ns_fd;
+
+ ns_fd = nla_get_u32(tb[RDMA_NLDEV_NET_NS_FD]);
+ err = ib_device_set_netns_put(skb, device, ns_fd);
+ goto put_done;
+ }
+
+done:
ib_device_put(device);
+put_done:
return err;
}
@@ -905,7 +917,6 @@ static int _nldev_res_get_dumpit(struct ib_device *device,
nlmsg_cancel(skb, nlh);
goto out;
}
-
nlmsg_end(skb, nlh);
idx++;
diff --git a/include/uapi/rdma/rdma_netlink.h b/include/uapi/rdma/rdma_netlink.h
index 9bba001a7347..09b0ad8ea9d4 100644
--- a/include/uapi/rdma/rdma_netlink.h
+++ b/include/uapi/rdma/rdma_netlink.h
@@ -480,6 +480,10 @@ enum rdma_nldev_attr {
* either shared or exclusive among multiple net namespaces.
*/
RDMA_NLDEV_SYS_ATTR_NETNS_MODE, /* u8 */
+ /*
+ * File descriptor handle of the net namespace object
+ */
+ RDMA_NLDEV_NET_NS_FD, /* u32 */
/*
* Always the end
--
2.19.1
