Thank you Jason,
I'll sure take a look.
Regards,
Vinit.
On 20/11/19 5:04 AM, Jason Gunthorpe wrote:
You need this kernel commit
commit 4785860e04bc8d7e244b25257168e1cf8a5529ab
Author: Jason Gunthorpe <jgg@xxxxxxxx>
Date: Fri Nov 30 13:06:21 2018 +0200
RDMA/uverbs: Implement an ioctl that can call write and write_ex handlers
Now that the handlers do not process their own udata we can make a
sensible ioctl that wrappers them. The ioctl follows the same format as
the write_ex() and has the user explicitly specify the core and driver
in/out opaque structures and a command number.
This works for all forms of write commands.
Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxxxx>
Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxxxx>
Signed-off-by: Doug Ledford <dledford@xxxxxxxxxx>
And a rdma-core new enough to call UVERBS_METHOD_INVOKE_WRITE
On Mon, Nov 18, 2019 at 10:29:33AM +0530, Vinit Agnihotri wrote:
Thank you Jason.
I did went through archives for the same.
Can you please provide pointer towards documentation or
sample userspace usage for the same? Or which kernel version to be looked
into?
Thanks & Regards,
Vinit.
On 15/11/19 7:42 PM, Jason Gunthorpe wrote:
On Fri, Nov 15, 2019 at 09:27:40AM +0530, Vinit Agnihotri wrote:
Hi,
I am trying to use setfsgid()/setfssid() calls to ensure proper access check
for linux users.
However if user is non-root then ibv_reg_mr() returns EACCESS. While I am
sure I am calling ibv_reg_mr()
as root user, not sure why it still returns EACCESS.
While going through libibverbs sources I realize EACCESS might be returned
by this call:
if (write(pd->context->cmd_fd, cmd, cmd_size) != cmd_size)
return errno;
Can anyone provide any insight into this behavior? Does calling these
systems calls in threads can affect
entire process? I checked /dev/infiniband/* has appropriate privileges.
This is a security limitation, if you want do this flow you need a new
enough kernel and rdma-core to support the ioctl() scheme for calling
verbs
Jason
