From 61e51682816d395307f78ae06d640089054c28ab Mon Sep 17 00:00:00 2001 From: Chiara Meiohas Date: Thu, 6 Mar 2025 13:51:26 +0200 Subject: RDMA/uverbs: Introduce UCAP (User CAPabilities) API Implement a new User CAPabilities (UCAP) API to provide fine-grained control over specific firmware features. This approach offers more granular capabilities than the existing Linux capabilities, which may be too generic for certain FW features. This mechanism represents each capability as a character device with root read-write access. Root processes can grant users special privileges by allowing access to these character devices (e.g., using chown). UCAP character devices are located in /dev/infiniband and the class path is /sys/class/infiniband_ucaps. Signed-off-by: Chiara Meiohas Link: https://patch.msgid.link/5a1379187cd21178e8554afc81a3c941f21af22f.1741261611.git.leon@kernel.org Reviewed-by: Yishai Hadas Reviewed-by: Zhu Yanjun Signed-off-by: Leon Romanovsky --- include/rdma/ib_ucaps.h | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 include/rdma/ib_ucaps.h (limited to 'include/rdma') diff --git a/include/rdma/ib_ucaps.h b/include/rdma/ib_ucaps.h new file mode 100644 index 000000000000..d9f96be3a553 --- /dev/null +++ b/include/rdma/ib_ucaps.h @@ -0,0 +1,30 @@ +/* SPDX-License-Identifier: GPL-2.0 OR Linux-OpenIB */ +/* + * Copyright (c) 2025, NVIDIA CORPORATION & AFFILIATES. All rights reserved + */ + +#ifndef _IB_UCAPS_H_ +#define _IB_UCAPS_H_ + +#define UCAP_ENABLED(ucaps, type) (!!((ucaps) & (1U << (type)))) + +enum rdma_user_cap { + RDMA_UCAP_MLX5_CTRL_LOCAL, + RDMA_UCAP_MLX5_CTRL_OTHER_VHCA, + RDMA_UCAP_MAX +}; + +void ib_cleanup_ucaps(void); +int ib_get_ucaps(int *fds, int fd_count, uint64_t *idx_mask); +#if IS_ENABLED(CONFIG_INFINIBAND_USER_ACCESS) +int ib_create_ucap(enum rdma_user_cap type); +void ib_remove_ucap(enum rdma_user_cap type); +#else +static inline int ib_create_ucap(enum rdma_user_cap type) +{ + return -EOPNOTSUPP; +} +static inline void ib_remove_ucap(enum rdma_user_cap type) {} +#endif /* CONFIG_INFINIBAND_USER_ACCESS */ + +#endif /* _IB_UCAPS_H_ */ -- cgit v1.2.3