From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id BDD42A0544; Mon, 20 Jun 2022 08:10:41 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 5B56440F19; Mon, 20 Jun 2022 08:10:41 +0200 (CEST) Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam07on2082.outbound.protection.outlook.com [40.107.212.82]) by mails.dpdk.org (Postfix) with ESMTP id 6651140150; Mon, 20 Jun 2022 08:10:40 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PNbZaHPjst2rXtSOYe2bOyUsCtbMmu2zZb1JxeDuf53dOQjOSgVlv04ZOdxeKKZCZaWuFSAitc3SP4WmyYqBc281B97toWTA+yKUW5yLJPSbVNe/obWbFw+zSvyvpIOlkd8Uo8x+ejnsfcoOuiYPF6IcNVp7pTWKy/VRgFa80K3H1SHw9nTpiDrugigqfZxSqB5MsGZWIkIxiW7xA9Pd/ouljPxEeWaFJoyjfs7Nz53LvPeNsXvnZcRkSpkakR0JsPI6j9/PlTsQ44fB+lkZejwsFyFlJdRY0V949UNaunS4rsuNG+xdJfIv7KjMJi/XRWqZEG8t5pcM/lWQbcOVig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TaAMLRXHEfP9e46lm413u92GgJmo+OzoI4K3VNvk+es=; b=JI+SnYNCdBrUu7kdzlB5Ys5YT4gh8mLmjVi2aobo3gLXw8e1XOGgjeT4xIjM33OZqBeGOiJEyApK5t07Hl2exXB3mc6KEwYoeWW46qvsCU5yfh6Ag2xRgjpdoz4QGGvVQCB7KgnDi8sOoqqHvLU7iDqlvk2A+TZZZTfSQ1DRKgNz9bwvWKLRP4KWe+PMVtEUpszytW8vFHMlU88bK1v/UHdKXu4t8QQMNkp4nxz/59E9/rTdPyQDNCvkqYM093LDv5eGXSfATv8Wfr2oUljLs6C644MwnBUAbnlGFBgc45Fv2SyOo18SrxLOgLp8a4XDsqlJtgRNWQzm0OIcmGojjg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TaAMLRXHEfP9e46lm413u92GgJmo+OzoI4K3VNvk+es=; b=Y/zrfHItoWKMeq4HEGRdU9bG4ts4vLiE+k0inZdLI8yu4v5KZucBB0wQd68rDHe/p8CIXgQ5Iiu3D9pPjWaxwHW4TYeuN++Tgj8DpXIwIqm8Un1nTnQxkMJvKjNzfuHkKmq+nHuqD03NA7O+ysd8c/3ajNGKpzhUKL1/RbOdnm4ywNEu0c9KDOUA+bJ3b10P9yWARVAupj/1f5YUtNZDPcYkGFpZt8KYMDNrVMBLgHGr8lTtcO7EwxXvjr35zCKiPjqJ+y3fOE3Uw1R2+lmfF+jXe1+tfhgNvLIugCYfwwbkshk97tncQkZ4+x0LtV5tM2OlviSAPdInahEKsl17mw== Received: from BL1PR12MB5945.namprd12.prod.outlook.com (2603:10b6:208:398::14) by BY5PR12MB3730.namprd12.prod.outlook.com (2603:10b6:a03:1ac::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5353.15; Mon, 20 Jun 2022 06:10:37 +0000 Received: from BL1PR12MB5945.namprd12.prod.outlook.com ([fe80::9951:cab3:3606:671d]) by BL1PR12MB5945.namprd12.prod.outlook.com ([fe80::9951:cab3:3606:671d%5]) with mapi id 15.20.5353.014; Mon, 20 Jun 2022 06:10:37 +0000 From: Dmitry Kozlyuk To: Bruce Richardson CC: "dev@dpdk.org" , "stable@dpdk.org" , Anatoly Burakov Subject: RE: [PATCH v2 3/4] doc: give specific instructions for running as non-root Thread-Topic: [PATCH v2 3/4] doc: give specific instructions for running as non-root Thread-Index: AQHYgjz+e0oWkc5TFkemtqdv8EkHPq1TzNOAgAQAI+A= Date: Mon, 20 Jun 2022 06:10:37 +0000 Message-ID: References: <20220607234949.2311884-1-dkozlyuk@nvidia.com> <20220617112508.3823291-1-dkozlyuk@nvidia.com> <20220617112508.3823291-4-dkozlyuk@nvidia.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 5b9882f6-8e83-47d7-2ece-08da52839883 x-ms-traffictypediagnostic: BY5PR12MB3730:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: wSysVhYR+bZBF7zwMMgnlW51E9cLZRlll8fHoLLbBB4hPHF5vNwg9s3u0xxV9262dUTJDMzedRugRCQHfk0miuxKdY4pfItB1V3FGRmCnaTOQHBh7ePL5YEiXVLNkG1oY0yMWUHZrvtJVgH/7JLvF15wSKx8NdAcZV/P0kHQ7MIlAHcjLNvQv+UqGcfVqIiugUg+FklrNvts6CnwfKH0C5nIw7qM8IJziAj0oc0HnwNJhW5t93ulyCLL6lO7P9ryNS5FKEq8wzZBK/6b2jAVILQfttxLAS5t6ALfD5hMzQKAmI3GRVnDciS5a1UL5JfOTVzilzEahtB3v3oQuv64ktBhE/O6YKZ8iHBTJccg6k0ZW/uogjZBgIEoJjgw+8za5gyrSw3GRTz8yh0K+qafC/7UIrSubVFVwUI1CcDX0SS8DHelQuF+Ll0FfOdbITasQ13y8O3Oa23wmBJt0KzvR2KwTa3Js0+6GY9Q9YiYfla8LboxtcwDdc1cWzTCbcFjYUV7NfIFY7AhiCh1edjeje24Zl6kyO3l4mx2tF8iqf18ZndbFTa09GnlRnpppKbEQOuW0DcmdItG9z1BOkPDkd3HWKTvrTaAUHkDNoO/HVslpia92K72S5R3BToCCL7/5sUoZjCpA8JxgGolw64DNZErZTom+WJl8bEt3/boug+M2/0y4nG7OU+nPvl3qKVZZKY2Yxyu+1jg4on1e7AkgA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BL1PR12MB5945.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(366004)(38070700005)(122000001)(38100700002)(55016003)(316002)(6916009)(54906003)(186003)(26005)(9686003)(2906002)(76116006)(8676002)(66556008)(66946007)(64756008)(4326008)(66446008)(66476007)(83380400001)(8936002)(498600001)(5660300002)(33656002)(52536014)(86362001)(6506007)(71200400001)(7696005); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?Ekrgn37bFrj7WxgLtVNEouvvADKcN5pFrcEKW3H2AeyndT095EYszP6bpV7e?= =?us-ascii?Q?7sMjYMBIHMjwnWYH+CtHAPVIsmOOg1djs+Su/N+sB2hAfwCmHyr+x3xw6AY4?= =?us-ascii?Q?wYSGd28upnO9eXPZahTBndnJ2Q8cAPTTrXmE9EIf1XLBVs5IQuTlhpZCvzpU?= =?us-ascii?Q?ChGDv6hiWOOoQe49oxePbP/5Fx+c2c9vLsCZ1Dl+W56tcPs3lJSaGsNBlsny?= =?us-ascii?Q?jv//yy7xHiiSLWYVRMsAxEJXZqfa0VDocCf7UQSF2ClOQtzJhjgHkB5zw4Bk?= =?us-ascii?Q?rWpK6sFWhnRBMiqTvK63oH6scaEg6ixOyAXjnRpUQLwatDxvtM9dbch/cx84?= =?us-ascii?Q?pA2+hiBO33t2Zo1cSoMRbRVJv4nWWF2B5xACAUW1qh0EWWQna0sRlruHBRu7?= =?us-ascii?Q?Ay0jjOwXMMfoQDvC/fy36PMU0SQMsIaQ0WmMzigknM1r3wg/dTtM4aD7SkWk?= =?us-ascii?Q?BV06XRvKnatlyqN96hs1iPzOtawR9v5Fm1nXS4w6egauHRm9Czma3inwmmnL?= =?us-ascii?Q?ZaAq1qIztbrfX15utk1CxVjlU06+upeEaP/6HH3yYs+9Hf9ROXG4ALHqAb3i?= =?us-ascii?Q?ATzfTPoJE/pMD6c3kPCxlHYWpokeXXf8oolvLJGVEtFREQyRpgin5jJZAa8i?= =?us-ascii?Q?jDblXx0OcuhXwyWVAlmcwDpivEEV2z+pQ/jC3eCT1eJQOwpU97WbAyqwGlDo?= =?us-ascii?Q?s9p2trzhV8r192CSjgMLmF3YHUN5C18pG/xih3u3pJjeedSWat5AJudQNjkF?= =?us-ascii?Q?/79vbX8ZBTSYhch6dFu1aClG+l0Wifu5QlfmEOc+gKuGO6D1kmlXSr/jRytl?= =?us-ascii?Q?vm5WVjAeuQAAiGoyllOt7cD/YUyyx4Pycp2PhW9xZn+BEelDfPyHzUxLH7LI?= =?us-ascii?Q?RxQE1B5SQSgaMQHxIO7NRb9txJms8Da+z77i8WSEVGR/z6tYxrerH+Uv27jS?= =?us-ascii?Q?6sfLNRjpMEBGKZ5ixaSIslCj6qidpSnOXISYOIBzESyDxp3A9AJ1a+ZO1QeN?= =?us-ascii?Q?ftTKKbg3c1SZKy5Lt6uQDn2ShP+EVmKnFqxBud19ngUOu58XZ+8CnclTSuul?= =?us-ascii?Q?psQtWsOCEs4izUbWNa61yj4pkhM35uCkPwnFOw4f6LMESXoP0FhmOrAn01XW?= =?us-ascii?Q?GPRDicsyhb5FIGJ7m+c8z5jXq21GFzbsCMIJz/XCTXEx8rEya9T4tp6ck/QG?= =?us-ascii?Q?Ki8k3F6Wv3l9TadUs06Xb18FRROpL+8uR5cPYiVPbImp0m47g9hKkJLRZiAp?= =?us-ascii?Q?i8MJJJ4a7/aeukLlGLUf19RA2jTDPl7XXHBYerSFYznkCKg6hiIZWQozbk1K?= =?us-ascii?Q?KoGQAagEyROQ4fi0R0M2m3UkYmvjRVIKAdVDBbiI2xBkTZs1+0jL6L4JumwG?= =?us-ascii?Q?jMlVZYTyM/zkH6bjol0nG9UAzMiBYysZGyJAkDjW9S0YUu6uVJjlFYAOZAVO?= =?us-ascii?Q?ft91R/VkJ5obFv72tpNlFe7TDCyD/7A7VxOLr853LnbJsbP6sg//ps+hDL8/?= =?us-ascii?Q?PZIMJMWdjxLLuXgLjxAC1OoPEwZSP1ArrewM+us+xinn5AjR72n4E4C/+BLZ?= =?us-ascii?Q?QMoY6aNzhx4meFysG7sfyTP0/Ym/Gve9BQrB5UOZoBVt1N6bjKugJ57pqs5f?= =?us-ascii?Q?sWe2SpV5cjz5/Nb+uhBlYsiZP9OgYUjvcpxMAWFhG07FtpzvbM6GqmDIgmyT?= =?us-ascii?Q?9VETtows/dgvUyEhhC6ypMqcF9HEBjYiOmUbz8h/88GeKWlVZmIcsjkQjBEo?= =?us-ascii?Q?EwjlM71VNw=3D=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BL1PR12MB5945.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5b9882f6-8e83-47d7-2ece-08da52839883 X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Jun 2022 06:10:37.9117 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: CxKIA8FO4wB+mohChKcRxdaAPQmSTbOB42ot9mkgjv1xR3u9B/fBceW8NOh3ZO/594dAI3+65ReMJAGBZksL4w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB3730 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > From: Bruce Richardson > Sent: Friday, June 17, 2022 7:38 PM > > [...] > > +If the driver requires using physical addresses (PA), > > +the executable file must be granted additional capabilities: > > + > > +* ``SYS_ADMIN`` to read ``/proc/self/pagemaps`` > > +* ``IPC_LOCK`` to lock hugepages in memory >=20 > Are either of these necessary if using vfio-pci and VA mode? I have > seen it previously reported that IPC_LOCK is necessary for IOMMU > memory mapping for DMA - at least for docker containers - so I'd > like it confirmed that we don't need them in the in-memory case > running on the host. If I get the chance I'll try double-checking > by testing myself. Sorry, I don't have a physical device using vfio-pci to check. MLX5 that I have tested doesn't need these capabilities, but it locks memory from the kernel side. Note that --in-memory doesn't imply --iova-mode=3Dva. >=20 > > + > > +.. code-block:: console > > + > > + setcap cap_ipc_lock,cap_sys_admin+ep > > + > > +If physical addresses are not accessible, > > +the following message will appear during EAL initialization:: > > + > > + EAL: rte_mem_virt2phy(): cannot open /proc/self/pagemap: > Permission denied > > + > > +It is harmless in case PA are not needed. > > + >=20 > While this is probably worth having in the doc, I think we should > really > include a note here about using vfio-pci rather than uio and therefore > not > needing physical addresses. A note won't harm. There are also non-PCI devices, though. > > +For ``virtio`` PMD in legacy mode, ``SYS_RAWIO`` capability is > required > > +for ``iopl()`` call to enable access to PCI IO ports. > > >=20 > How "legacy" is legacy-mode? Is it still likely in widespread use that > we need this? I don't really know. The spec says that legacy support is optional (2.2.3 Legacy Interface: A Note on Feature Bits) and it aims to reduce the chance of a legacy driver attempting to drive the device (4.1.2.1 Device Requirements: PCI Device Discovery). OTOH, DPDK supports it and requirements must be documented. I can add a line suggesting to use modern virtio, but also don't mind removing this. I'll address skipped comments in v3, thanks.