Re: Questions about RDMA subsystem shared mode for RoCE device with MLNX_OFED driver

[Zhu Yanjun <yanjun.zhu@linux.dev>]

在 2024/1/19 20:31, 陈逸凡 写道:
> Questions:
> 1. Is RDMA shared mode supported for RoCE/iWARP devices? To be more
> clearly, ibdev ant netdev required to be in the same net namespace or
> not?

RoCE/RXE + the following commits can support ibdev in the net namespace.

https://patchwork.kernel.org/project/linux-rdma/cover/20230508075636.352138-1-yanjun.zhu@intel.com/

Current implementation of RXE does not support net namespace. We need 
the above commits to support net namespace.

IMO, the current implementation of iWARP does not support net namespace, 
too.

Zhu Yanjun

> 2. If the answer for first question is ‘YES’, but my test failed with
> MLNX_OFED driver, it does check whether user can access the netdev of
> the target gid attr, which means they(user and the netdev) should be
> at the same namespace. Meanwhile the upstream code dose not have the
> corresponding codes.
> 
> 
> MLNX_OFED impl，form mlnx-ofa_kernel-23.10，compared to the upstream codes
> ---
> @@ -1722,6 +1739,9 @@ static int ib_resolve_eth_dmac(struct ib_device *device,
>   {
>          int ret = 0;
> 
> +       if (!rdma_check_gid_user_access(ah_attr->grh.sgid_attr))
> +               return -ENODEV;
> +
>          if (rdma_is_multicast_addr((struct in6_addr *)ah_attr->grh.dgid.raw)) {
>                  if (ipv6_addr_v4mapped((struct in6_addr
> *)ah_attr->grh.dgid.raw)) {
>                          __be32 addr = 0;
> ---
> 
> Its definition:
> ---
> /**
>   * rdma_check_gid_user_access - Check if user process can access
>   * this GID entry or not.
>   * @attr: Pointer to GID entry attribute
>   *
>   * rdma_check_gid_user_access() returns true if user process can access
>   * this GID attribute otherwise returns false. This API should be called
>   * from the userspace process context.
>   */
> bool rdma_check_gid_user_access(const struct ib_gid_attr *attr)
> {
> bool allow;
> /*
>   * For IB and iWarp, there is no netdevice associate with GID entry,
>   * For RoCE consider the netdevice's net ns to validate against the
>   * calling process.
>   */
> rcu_read_lock();
> if (!attr->ndev ||
>      (attr->ndev &&
>       net_eq(dev_net(attr->ndev), current->nsproxy->net_ns)))
> allow = true;
> else
> allow = false;
> rcu_read_unlock();
> return allow;
> }
> ---
> 
> I think rdma_check_gid_user_access should be ignored while RDMA
> subsystem configured as shared mode, It should works with exclusive
> mode. Am i missing anything? Please tell me the background about why
> MLNX_OFED driver perform the check if anyone knows.
> 
> Thanks!