From: Adrien Mazarguil <adrien.mazarguil@6wind.com>
To: Thomas Monjalon <thomas.monjalon@6wind.com>
Cc: Jez Higgins <jez@jezuk.co.uk>,
users@dpdk.org, olivier.matz@6wind.com,
sergio.gonzalez.monroy@intel.com
Subject: Re: [dpdk-users] Running DPDK as non-root
Date: Tue, 12 Jul 2016 19:09:17 +0200 [thread overview]
Message-ID: <20160712170917.GU7621@6wind.com> (raw)
In-Reply-To: <4313092.zcSIIfa3F0@xps13>
On Thu, Jul 07, 2016 at 06:17:21PM +0200, Thomas Monjalon wrote:
> Hi
>
> 2016-07-07 16:47, Jez Higgins:
> > Is it possible to get DPDK up and running as non-root - if so, can
> > anyone guide me to what I'm missing? Or should I be giving this up as a
> > bad job?
>
> You can try the --no-huge option.
> But most of drivers won't work without hugepage currently.
> A rework of the memory allocation is needed to make it work better.
A little late but just for the record, mlx4 and mlx5 should run fine with
--no-huge since these devices use virtual memory addresses directly
(although I must admit this feature is not tested very often).
There is still a requirement for root in order to create raw Ethernet TX and
RX queues for security reasons, as it would be like setting a network
interface in promiscuous mode to sniff traffic (tcpdump) or creating raw
sockets (ping) as a mere user, but this may be possibly achieved (not sure,
to be verified) by running applications with the CAP_NET_ADMIN capability.
Raw Ethernet QP creation can be allowed by default without special user
capabilities by installing MLNX_OFED with the --vma flag.
A few features will still be missing such as setting interfaces up and down,
updating MTU of the physical link and so on, basically all netdevice
operations that are not queries. Those can be performed as super-user on the
related netdevice directly from a separate process, even before starting the
DPDK application.
--
Adrien Mazarguil
6WIND
next prev parent reply other threads:[~2016-07-12 17:09 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-07 15:47 Jez Higgins
2016-07-07 16:17 ` Thomas Monjalon
2016-07-07 18:37 ` Wiles, Keith
2016-07-08 2:29 ` Tan, Jianfeng
2016-07-12 17:09 ` Adrien Mazarguil [this message]
2016-07-08 3:55 ` Singh, Satish 1. (Nokia - IN/Bangalore)
2016-07-08 5:01 ` Singh, Satish 1. (Nokia - IN/Bangalore)
2016-07-11 10:41 ` Jez Higgins
2016-08-19 18:16 John Ousterhout
2016-08-19 18:39 ` Wiles, Keith
2016-08-25 13:56 ` Vincent JARDIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160712170917.GU7621@6wind.com \
--to=adrien.mazarguil@6wind.com \
--cc=jez@jezuk.co.uk \
--cc=olivier.matz@6wind.com \
--cc=sergio.gonzalez.monroy@intel.com \
--cc=thomas.monjalon@6wind.com \
--cc=users@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).