DPDK patches and discussions
 help / color / mirror / Atom feed
From: Stephen Hemminger <stephen@networkplumber.org>
To: Dmitry Kozlyuk <dkozlyuk@nvidia.com>
Cc: <dev@dpdk.org>, Thomas Monjalon <thomas@monjalon.net>, <stable@dpdk.org>
Subject: Re: [PATCH 4/4] doc: update instructions for running as non-root for MLX5
Date: Tue, 7 Jun 2022 17:13:47 -0700	[thread overview]
Message-ID: <20220607171347.43200cbe@hermes.local> (raw)
In-Reply-To: <20220607234949.2311884-5-dkozlyuk@nvidia.com>

On Wed, 8 Jun 2022 02:49:49 +0300
Dmitry Kozlyuk <dkozlyuk@nvidia.com> wrote:

> Reference the common guide for generic setup.
> Remove excessive capabilities from the recommended list.
> 
> Cc: stable@dpdk.org
> 
> Signed-off-by: Dmitry Kozlyuk <dkozlyuk@nvidia.com>
> ---
>  doc/guides/platform/mlx5.rst | 22 ++++++++++------------
>  1 file changed, 10 insertions(+), 12 deletions(-)


This change needs additional changes to make it correct English grammar.

> diff --git a/doc/guides/platform/mlx5.rst b/doc/guides/platform/mlx5.rst
> index 64a4c5e76e..956a72fadf 100644
> --- a/doc/guides/platform/mlx5.rst
> +++ b/doc/guides/platform/mlx5.rst
> @@ -404,25 +404,23 @@ The device can be bound again at this point.
>  Run as Non-Root
>  ^^^^^^^^^^^^^^^
>  
> -In order to run as a non-root user,
> -some capabilities must be granted to the application::
> +Hugepage and resource limit setup is documented

Subject is plural so verb must be plural => are documented

> +in the :ref:`common Linux guide <Running_Without_Root_Privileges>`.
> +This PMD does not require physical addresses,
> +so capability configuration is not needed to access hugepages.

In technical writing "therefore" is preferred over "so"
and you need a preposition. Please reword something like:

"This PMD does can operate without direct physical memory and hugepages
are not required."

Often applications will keep using hugepages (makes them NIC independent)
and in that case they would still need permissions.

> +Note that physical addresses may be required by other drivers.
>  
> -   setcap cap_sys_admin,cap_net_admin,cap_net_raw,cap_ipc_lock+ep <dpdk-app>
> +Additional capabilities must be granted to the application::
>  
> -Below are the reasons for the need of each capability:
> -
> -``cap_sys_admin``
> -   When using physical addresses (PA mode), with Linux >= 4.0,
> -   for access to ``/proc/self/pagemap``.
> +   setcap cap_net_raw,cap_net_admin,cap_sys_rawio+ep <executable>
>  
> -``cap_net_admin``
> -   For device configuration.
> +Below are the reasons for the need of each capability:
>  
>  ``cap_net_raw``
>     For raw ethernet queue allocation through kernel driver.
>  
> -``cap_ipc_lock``
> -   For DMA memory pinning.
> +``cap_net_admin``
> +   For device configuration, like setting link status or MTU.
>  

The most common usage for running as non-root is some container system.
In that case capabilities are managed by the container service (ie systemd, docker, etc)
and not done by setting filesystem capabilities.

  reply	other threads:[~2022-06-08  0:13 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-07 23:49 [PATCH 0/4] Improve documentation for running as non-root Dmitry Kozlyuk
2022-06-07 23:49 ` [PATCH 1/4] usertools: add option to select hugetlbfs directory Dmitry Kozlyuk
2022-06-07 23:49 ` [PATCH 2/4] usertools: add option to change mount point owner Dmitry Kozlyuk
2022-06-08  0:00   ` Stephen Hemminger
2022-06-07 23:49 ` [PATCH 3/4] doc: give specific instructions for running as non-root Dmitry Kozlyuk
2022-06-08  0:03   ` Stephen Hemminger
2022-06-07 23:49 ` [PATCH 4/4] doc: update instructions for running as non-root for MLX5 Dmitry Kozlyuk
2022-06-08  0:13   ` Stephen Hemminger [this message]
2022-06-17 11:26     ` Dmitry Kozlyuk
2022-06-17 11:25 ` [PATCH v2 0/4] Improve documentation for running as non-root Dmitry Kozlyuk
2022-06-17 11:25   ` [PATCH v2 1/4] usertools: add option to select hugetlbfs directory Dmitry Kozlyuk
2022-06-17 15:50     ` Bruce Richardson
2022-06-17 11:25   ` [PATCH v2 2/4] usertools: add option to change mount point owner Dmitry Kozlyuk
2022-06-17 15:53     ` Bruce Richardson
2022-06-20  5:43       ` Dmitry Kozlyuk
2022-06-17 11:25   ` [PATCH v2 3/4] doc: give specific instructions for running as non-root Dmitry Kozlyuk
2022-06-17 16:38     ` Bruce Richardson
2022-06-20  6:10       ` Dmitry Kozlyuk
2022-06-20  8:37         ` Bruce Richardson
2022-06-24  8:49           ` Dmitry Kozlyuk
2022-06-17 11:25   ` [PATCH v2 4/4] doc: update instructions for running as non-root for MLX5 Dmitry Kozlyuk
2022-06-24  8:48   ` [PATCH v3 0/5] Improve documentation for running as non-root Dmitry Kozlyuk
2022-06-24  8:48     ` [PATCH v3 1/5] usertools: add option to select hugetlbfs directory Dmitry Kozlyuk
2022-06-24  9:02       ` Bruce Richardson
2022-06-24  8:48     ` [PATCH v3 2/5] usertools: add option to change mount point owner Dmitry Kozlyuk
2022-06-24  9:04       ` Bruce Richardson
2022-06-24  8:48     ` [PATCH v3 3/5] doc: give specific instructions for running as non-root Dmitry Kozlyuk
2022-06-24  9:09       ` Bruce Richardson
2022-06-24  8:48     ` [PATCH v3 4/5] doc: update instructions for running as non-root for MLX5 Dmitry Kozlyuk
2022-06-24  8:48     ` [PATCH v3 5/5] doc: add note about running virtio-legacy as non-root Dmitry Kozlyuk
2022-06-24 13:19     ` [PATCH v4 0/5] Improve documentation for running " Dmitry Kozlyuk
2022-06-24 13:19       ` [PATCH v4 1/5] usertools: add option to select hugetlbfs directory Dmitry Kozlyuk
2022-06-24 13:19       ` [PATCH v4 2/5] usertools: add options to change mount point owner Dmitry Kozlyuk
2022-06-24 13:37         ` Bruce Richardson
2022-06-24 13:19       ` [PATCH v4 3/5] doc: give specific instructions for running as non-root Dmitry Kozlyuk
2022-06-24 13:19       ` [PATCH v4 4/5] doc: update instructions for running as non-root for MLX5 Dmitry Kozlyuk
2022-06-24 13:19       ` [PATCH v4 5/5] doc: add note about running virtio-legacy as non-root Dmitry Kozlyuk
2022-06-27  0:45       ` [PATCH v4 0/5] Improve documentation for running " Thomas Monjalon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220607171347.43200cbe@hermes.local \
    --to=stephen@networkplumber.org \
    --cc=dev@dpdk.org \
    --cc=dkozlyuk@nvidia.com \
    --cc=stable@dpdk.org \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).