diff mbox series

[rdma-next,4/4] IB/mlx5: Device resource control for privileged DEVX user

Message ID 20190505140714.8741-5-leon@kernel.org (mailing list archive)
State Mainlined
Commit 33cde96fb5d7ae36207541c8a832d7fae3cadbde
Delegated to: Jason Gunthorpe
Headers show
Series User space steering | expand

Commit Message

Leon Romanovsky May 5, 2019, 2:07 p.m. UTC 
From: Ariel Levkovich <lariel@mellanox.com>

For DEVX users who have SYS_RAWIO capability, we set the
internal device resources capability when creating the UCTX.
This will allow the device to restrict the allocation of internal
device resources such as SW ICM memory to privileged DEVX users
only.

Signed-off-by: Ariel Levkovich <lariel@mellanox.com>
Reviewed-by: Eli Cohen <eli@mellanox.com>
Reviewed-by: Mark Bloch <markb@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
---
 drivers/infiniband/hw/mlx5/devx.c | 4 ++++
 1 file changed, 4 insertions(+)
diff mbox series

Patch

diff --git a/drivers/infiniband/hw/mlx5/devx.c b/drivers/infiniband/hw/mlx5/devx.c
index d627f44bc84d..169ffffcf5ed 100644
--- a/drivers/infiniband/hw/mlx5/devx.c
+++ b/drivers/infiniband/hw/mlx5/devx.c
@@ -85,6 +85,10 @@  int mlx5_ib_devx_create(struct mlx5_ib_dev *dev, bool is_user)
 	if (is_user && capable(CAP_NET_RAW) &&
 	    (MLX5_CAP_GEN(dev->mdev, uctx_cap) & MLX5_UCTX_CAP_RAW_TX))
 		cap |= MLX5_UCTX_CAP_RAW_TX;
+	if (is_user && capable(CAP_SYS_RAWIO) &&
+	    (MLX5_CAP_GEN(dev->mdev, uctx_cap) &
+	     MLX5_UCTX_CAP_INTERNAL_DEV_RES))
+		cap |= MLX5_UCTX_CAP_INTERNAL_DEV_RES;
 
 	MLX5_SET(create_uctx_in, in, opcode, MLX5_CMD_OP_CREATE_UCTX);
 	MLX5_SET(uctx, uctx, cap, cap);