RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create - kernel

diff options

author	Parav Pandit <[email protected]>	2025-06-26 18:58:07 +0000
committer	Leon Romanovsky <[email protected]>	2025-07-01 09:21:41 +0000
commit	0498c2d9984ed2ad75b1cd5ba6abfa1226742df5 (patch)
tree	23423578ef0b848f41be88f8e4fc48393f7da65b /drivers/infiniband/hw/mlx5/devx.c
parent	RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (diff)
download	kernel-0498c2d9984ed2ad75b1cd5ba6abfa1226742df5.tar.gz kernel-0498c2d9984ed2ad75b1cd5ba6abfa1226742df5.zip

RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create

Currently, the capability check is done in the default init_user_ns user namespace. When a process runs in a non default user namespace, such check fails. Due to this when a process is running using Podman, it fails to create the QP. Since the RDMA device is a resource within a network namespace, use the network namespace associated with the RDMA device to determine its owning user namespace. Fixes: 2dee0e545894 ("IB/uverbs: Enable QP creation with a given source QP number") Signed-off-by: Parav Pandit <[email protected]> Link: https://patch.msgid.link/0e5920d1dfe836817bb07576b192da41b637130b.1750963874.git.leon@kernel.org Signed-off-by: Leon Romanovsky <[email protected]>

Diffstat (limited to 'drivers/infiniband/hw/mlx5/devx.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: