[PATCH 1/2] net/mlx5: improve socket file path

Yang Ming ming.1.yang at nokia-sbell.com
Wed Mar 12 03:55:55 CET 2025

Previous message (by thread): [PATCH] drivers: remove invalid options for MSVC
Next message (by thread): [PATCH 1/2] net/mlx5: improve socket file path
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2025/1/3 10:51, Ming 1. Yang (NSB) wrote:
>
>
> On 2024/12/14 01:16, Bruce Richardson wrote:
>> On Fri, Dec 13, 2024 at 09:12:39AM -0800, Stephen Hemminger wrote:
>>> On Fri, 13 Dec 2024 17:24:42 +0800
>>> Yang Ming<ming.1.yang at nokia-sbell.com>  wrote:
>>>
>>>> 1. /var/tmp is hard code which is not a good style
>>>> 2. /var/tmp may be not allowed to be written via container's
>>>> read only mode.
>>>>
>>>> Signed-off-by: Yang Ming<ming.1.yang at nokia-sbell.com>
>>> Since this is a unix domain socket, why not use abstract socket
>>> that doesn't have to be associated with filesystem?
>> In general, I think we should avoid abstract sockets in DPDK. Primary
>> reason is that they are linux-specific. Last time I checked other unixes,
>> like BSD, don't support them. A secondary concern is that having a
>> filesystem path allows permission checks, so for e.g. telemetry sockets,
>> only users with appropriate permissions can connect. With an abstract socket
>> we'd have to open up the area of user authentication.
>>
>> /Bruce
>>
> Hi Stephen & Bruce,
>
> I'm not sure whether abstract socket is a good idea. Maybe it can be improved further or step by step. But we don't need to discuss it for this commit.
> We do this improvement because "/var/tmp" and "/var/log" can't be write in Readonly mode of container except that we add /var/ specfic for DPDK application in container's setting. But nearly all DPDK modules have already used common runtime path returned from `rte_eal_get_runtime_dir()`. Why not we apply this common path for Mellanox NIC?
>
>
>
Hi Stephen,

I'm not entirely sure whether using an abstract socket is the best 
approach. It might be possible to improve it further or incrementally. 
However, we don't need to discuss this for the current commit.
We made this improvement because the directories "/var/tmp" and 
"/var/log" cannot be written to in a container with read-only mode, 
unless we specifically configure the /var/ directory for the DPDK 
application in the container's settings. Nearly all DPDK modules already 
use the common runtime path returned by rte_eal_get_runtime_dir(). 
Therefore, it makes sense to apply this common path for the Mellanox NIC 
as well.
Actually, the objective of this patch series is to prevent the DPDK 
Mellanox driver from crashing when attempting to access the read-only 
directories "/var/" in a container.

Brs,
Yang Ming
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mails.dpdk.org/archives/dev/attachments/20250312/577bb42b/attachment-0001.htm>

Previous message (by thread): [PATCH] drivers: remove invalid options for MSVC
Next message (by thread): [PATCH 1/2] net/mlx5: improve socket file path
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list