Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set container device permissions to 'rw' #491

Merged
merged 1 commit into from
Aug 1, 2023
Merged

Set container device permissions to 'rw' #491

merged 1 commit into from
Aug 1, 2023

Conversation

e0ne
Copy link
Collaborator

@e0ne e0ne commented Jun 29, 2023
edited
Loading

There is no need to create devices inside containers, so we don't
need to add 'm' permissions.

@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 5412491197

  • 1 of 1 (100.0%) changed or added relevant line in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 78.445%
Totals Coverage Status
Change from base Build 5378078974: 0.0%
Covered Lines: 1947
Relevant Lines: 2482
💛 - Coveralls

@e0ne
Set container device permissions to 'rw'
74ee2ef 
There is no need to create devices inside containers, so we don't
need to add 'm' permissions.
@e0ne e0ne marked this pull request as ready for review July 14, 2023 16:00
@e0ne e0ne changed the title WIP. Set container device permissions to 'rw' Set container device permissions to 'rw' Jul 14, 2023
@moshe010
Copy link
Contributor

I thought the scope of the PR in RDMA. Did you tested for the other cases as well? (vdpa vfio ... )

@e0ne
Copy link
Collaborator Author

e0ne commented Jul 17, 2023

vdpa

I tested rdma devices with PF and VFs and also verified that SFs are not affected

@adrianchiris
Copy link
Contributor

@SchSeba @Eoghan1232

if u have time to test it for VFIO / UIO would be great !

the benefit is providing workloads less permissions over mounts as they dont require them.

@adrianchiris
Copy link
Contributor

@SchSeba @Eoghan1232 any update on this one ?

@Eoghan1232
Copy link
Collaborator

@SchSeba @Eoghan1232 any update on this one ?

Hi @adrianchiris just tested it with vfio-pci driver now, it works as expected, no issues.

PCIDEVICE_INTEL_COM_INTEL_SRIOV_DPDK_INFO={"0000:4b:01.0":{"generic":{"deviceID":"0000:4b:01.0"},"vfio":{"dev-mount":"/dev/vfio/314","mount":"/dev/vfio/vfio"}}}

@SchSeba SchSeba merged commit 820cdf4 into k8snetworkplumbingwg:master Aug 1, 2023
9 checks passed
@coveralls
Copy link
Collaborator

coveralls commented Aug 13, 2024
edited
Loading

Pull Request Test Coverage Report for Build 5412491197

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 7 of 7 (100.0%) changed or added relevant lines in 5 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 78.445%
Totals Coverage Status
Change from base Build 5378078974: 0.0%
Covered Lines: 1947
Relevant Lines: 2482
💛 - Coveralls

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SchSeba SchSeba SchSeba approved these changes

@adrianchiris adrianchiris adrianchiris approved these changes

@Eoghan1232 Eoghan1232 Eoghan1232 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@e0ne @coveralls @moshe010 @adrianchiris @Eoghan1232 @SchSeba