On Fri, Nov 15, 2019 at 09:27:40AM +0530, Vinit Agnihotri wrote: > Hi, > > I am trying to use setfsgid()/setfssid() calls to ensure proper access check > for linux users. > > However if user is non-root then ibv_reg_mr() returns EACCESS. While I am > sure I am calling ibv_reg_mr() > > as root user, not sure why it still returns EACCESS. > > While going through libibverbs sources I realize EACCESS might be returned > by this call: > > if (write(pd->context->cmd_fd, cmd, cmd_size) != cmd_size) > return errno; > > Can anyone provide any insight into this behavior? Does calling these > systems calls in threads can affect > > entire process? I checked /dev/infiniband/* has appropriate privileges. This is a security limitation, if you want do this flow you need a new enough kernel and rdma-core to support the ioctl() scheme for calling verbs Jason
