€•Î:Œsphinx.addnodes”Œdocument”“”)”}”(Œ rawsource”Œ”Œchildren”]”(Œ translations”Œ LanguagesNode”“”)”}”(hhh]”(hŒ pending_xref”“”)”}”(hhh]”Œdocutils.nodes”ŒText”“”ŒChinese (Simplified)”…””}”Œparent”hsbaŒ attributes”}”(Œids”]”Œclasses”]”Œnames”]”Œdupnames”]”Œbackrefs”]”Œ refdomain”Œstd”Œreftype”Œdoc”Œ reftarget”Œ$/translations/zh_CN/infiniband/ucaps”Œmodname”NŒ classname”NŒ refexplicit”ˆuŒtagname”hhh ubh)”}”(hhh]”hŒChinese (Traditional)”…””}”hh2sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ$/translations/zh_TW/infiniband/ucaps”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒItalian”…””}”hhFsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ$/translations/it_IT/infiniband/ucaps”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒJapanese”…””}”hhZsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ$/translations/ja_JP/infiniband/ucaps”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒKorean”…””}”hhnsbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ$/translations/ko_KR/infiniband/ucaps”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒPortuguese (Brazilian)”…””}”hh‚sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ$/translations/pt_BR/infiniband/ucaps”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubh)”}”(hhh]”hŒSpanish”…””}”hh–sbah}”(h]”h ]”h"]”h$]”h&]”Œ refdomain”h)Œreftype”h+Œ reftarget”Œ$/translations/sp_SP/infiniband/ucaps”Œmodname”NŒ classname”NŒ refexplicit”ˆuh1hhh ubeh}”(h]”h ]”h"]”h$]”h&]”Œcurrent_language”ŒEnglish”uh1h hhŒ _document”hŒsource”NŒline”NubhŒsection”“”)”}”(hhh]”(hŒtitle”“”)”}”(hŒ!Infiniband Userspace Capabilities”h]”hŒ!Infiniband Userspace Capabilities”…””}”(hh¼h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhh·h²hh³Œ>/var/lib/git/docbuild/linux/Documentation/infiniband/ucaps.rst”h´KubhŒ block_quote”“”)”}”(hXÈUser CAPabilities (UCAPs) provide fine-grained control over specific firmware features in Infiniband (IB) devices. This approach offers more granular capabilities than the existing Linux capabilities, which may be too generic for certain FW features. Each user capability is represented as a character device with root read-write access. Root processes can grant users special privileges by allowing access to these character devices (e.g., using chown). ”h]”(hŒ paragraph”“”)”}”(hŒúUser CAPabilities (UCAPs) provide fine-grained control over specific firmware features in Infiniband (IB) devices. This approach offers more granular capabilities than the existing Linux capabilities, which may be too generic for certain FW features.”h]”hŒúUser CAPabilities (UCAPs) provide fine-grained control over specific firmware features in Infiniband (IB) devices. This approach offers more granular capabilities than the existing Linux capabilities, which may be too generic for certain FW features.”…””}”(hhÓh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´KhhÍubhÒ)”}”(hŒËEach user capability is represented as a character device with root read-write access. Root processes can grant users special privileges by allowing access to these character devices (e.g., using chown).”h]”hŒËEach user capability is represented as a character device with root read-write access. Root processes can grant users special privileges by allowing access to these character devices (e.g., using chown).”…””}”(hháh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´K hhÍubeh}”(h]”h ]”h"]”h$]”h&]”uh1hËh³hÊh´Khh·h²hubh¶)”}”(hhh]”(h»)”}”(hŒUsage”h]”hŒUsage”…””}”(hhøh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhhõh²hh³hÊh´KubhÌ)”}”(hXJUCAPs allow control over specific features of an IB device using file descriptors of UCAP character devices. Here is how a user enables specific features of an IB device: * A root process grants the user access to the UCAP files that represents the capabilities (e.g., using chown). * The user opens the UCAP files, obtaining file descriptors. * When opening an IB device, include an array of the UCAP file descriptors as an attribute. * The ib_uverbs driver recognizes the UCAP file descriptors and enables the corresponding capabilities for the IB device. ”h]”(hÒ)”}”(hŒªUCAPs allow control over specific features of an IB device using file descriptors of UCAP character devices. Here is how a user enables specific features of an IB device:”h]”hŒªUCAPs allow control over specific features of an IB device using file descriptors of UCAP character devices. Here is how a user enables specific features of an IB device:”…””}”(hj h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´KhjubhÌ)”}”(hX‰* A root process grants the user access to the UCAP files that represents the capabilities (e.g., using chown). * The user opens the UCAP files, obtaining file descriptors. * When opening an IB device, include an array of the UCAP file descriptors as an attribute. * The ib_uverbs driver recognizes the UCAP file descriptors and enables the corresponding capabilities for the IB device. ”h]”hŒ bullet_list”“”)”}”(hhh]”(hŒ list_item”“”)”}”(hŒmA root process grants the user access to the UCAP files that represents the capabilities (e.g., using chown).”h]”hÒ)”}”(hŒmA root process grants the user access to the UCAP files that represents the capabilities (e.g., using chown).”h]”hŒmA root process grants the user access to the UCAP files that represents the capabilities (e.g., using chown).”…””}”(hj'h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´Khj#ubah}”(h]”h ]”h"]”h$]”h&]”uh1j!hjubj")”}”(hŒ:The user opens the UCAP files, obtaining file descriptors.”h]”hÒ)”}”(hj=h]”hŒ:The user opens the UCAP files, obtaining file descriptors.”…””}”(hj?h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´Khj;ubah}”(h]”h ]”h"]”h$]”h&]”uh1j!hjubj")”}”(hŒYWhen opening an IB device, include an array of the UCAP file descriptors as an attribute.”h]”hÒ)”}”(hŒYWhen opening an IB device, include an array of the UCAP file descriptors as an attribute.”h]”hŒYWhen opening an IB device, include an array of the UCAP file descriptors as an attribute.”…””}”(hjVh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´KhjRubah}”(h]”h ]”h"]”h$]”h&]”uh1j!hjubj")”}”(hŒxThe ib_uverbs driver recognizes the UCAP file descriptors and enables the corresponding capabilities for the IB device. ”h]”hÒ)”}”(hŒwThe ib_uverbs driver recognizes the UCAP file descriptors and enables the corresponding capabilities for the IB device.”h]”hŒwThe ib_uverbs driver recognizes the UCAP file descriptors and enables the corresponding capabilities for the IB device.”…””}”(hjnh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´Khjjubah}”(h]”h ]”h"]”h$]”h&]”uh1j!hjubeh}”(h]”h ]”h"]”h$]”h&]”Œbullet”Œ*”uh1jh³hÊh´Khjubah}”(h]”h ]”h"]”h$]”h&]”uh1hËh³hÊh´Khjubeh}”(h]”h ]”h"]”h$]”h&]”uh1hËh³hÊh´Khhõh²hubeh}”(h]”Œusage”ah ]”h"]”Œusage”ah$]”h&]”uh1hµhh·h²hh³hÊh´Kubh¶)”}”(hhh]”(h»)”}”(hŒCreating UCAPs”h]”hŒCreating UCAPs”…””}”(hj¡h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhjžh²hh³hÊh´KubhÌ)”}”(hXçTo create a new UCAP, drivers must first define a type in the rdma_user_cap enum in rdma/ib_ucaps.h. The name of the UCAP character device should be added to the ucap_names array in drivers/infiniband/core/ucaps.c. Then, the driver can create the UCAP character device by calling the ib_create_ucap API with the UCAP type. A reference count is stored for each UCAP to track creations and removals of the UCAP device. If multiple creation calls are made with the same type (e.g., for two IB devices), the UCAP character device is created during the first call and subsequent calls increment the reference count. The UCAP character device is created under /dev/infiniband, and its permissions are set to allow root read and write access only. ”h]”(hÒ)”}”(hXBTo create a new UCAP, drivers must first define a type in the rdma_user_cap enum in rdma/ib_ucaps.h. The name of the UCAP character device should be added to the ucap_names array in drivers/infiniband/core/ucaps.c. Then, the driver can create the UCAP character device by calling the ib_create_ucap API with the UCAP type.”h]”hXBTo create a new UCAP, drivers must first define a type in the rdma_user_cap enum in rdma/ib_ucaps.h. The name of the UCAP character device should be added to the ucap_names array in drivers/infiniband/core/ucaps.c. Then, the driver can create the UCAP character device by calling the ib_create_ucap API with the UCAP type.”…””}”(hj³h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´K hj¯ubhÒ)”}”(hXA reference count is stored for each UCAP to track creations and removals of the UCAP device. If multiple creation calls are made with the same type (e.g., for two IB devices), the UCAP character device is created during the first call and subsequent calls increment the reference count.”h]”hXA reference count is stored for each UCAP to track creations and removals of the UCAP device. If multiple creation calls are made with the same type (e.g., for two IB devices), the UCAP character device is created during the first call and subsequent calls increment the reference count.”…””}”(hjÁh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´K'hj¯ubhÒ)”}”(hŒThe UCAP character device is created under /dev/infiniband, and its permissions are set to allow root read and write access only.”h]”hŒThe UCAP character device is created under /dev/infiniband, and its permissions are set to allow root read and write access only.”…””}”(hjÏh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´K-hj¯ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hËh³hÊh´K hjžh²hubeh}”(h]”Œcreating-ucaps”ah ]”h"]”Œcreating ucaps”ah$]”h&]”uh1hµhh·h²hh³hÊh´Kubh¶)”}”(hhh]”(h»)”}”(hŒRemoving UCAPs”h]”hŒRemoving UCAPs”…””}”(hjîh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhjëh²hh³hÊh´K1ubhÌ)”}”(hŒ£Each removal decrements the reference count of the UCAP. The UCAP character device is removed from the filesystem only when the reference count is decreased to 0. ”h]”hÒ)”}”(hŒ¢Each removal decrements the reference count of the UCAP. The UCAP character device is removed from the filesystem only when the reference count is decreased to 0.”h]”hŒ¢Each removal decrements the reference count of the UCAP. The UCAP character device is removed from the filesystem only when the reference count is decreased to 0.”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´K3hjüubah}”(h]”h ]”h"]”h$]”h&]”uh1hËh³hÊh´K3hjëh²hubeh}”(h]”Œremoving-ucaps”ah ]”h"]”Œremoving ucaps”ah$]”h&]”uh1hµhh·h²hh³hÊh´K1ubh¶)”}”(hhh]”(h»)”}”(hŒ/dev and /sys/class files”h]”hŒ/dev and /sys/class files”…””}”(hjh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hºhjh²hh³hÊh´K8ubhÌ)”}”(hX^The class:: /sys/class/infiniband_ucaps is created when the first UCAP character device is created. The UCAP character device is created under /dev/infiniband. For example, if mlx5_ib adds the rdma_user_cap RDMA_UCAP_MLX5_CTRL_LOCAL with name "mlx5_perm_ctrl_local", this will create the device node:: /dev/infiniband/mlx5_perm_ctrl_local ”h]”(hÒ)”}”(hŒ The class::”h]”hŒ The class:”…””}”(hj1h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´K:hj-ubhŒ literal_block”“”)”}”(hŒ/sys/class/infiniband_ucaps”h]”hŒ/sys/class/infiniband_ucaps”…””}”hjAsbah}”(h]”h ]”h"]”h$]”h&]”Œ xml:space”Œpreserve”uh1j?h³hÊh´Khj-ubhÒ)”}”(hŒ;The UCAP character device is created under /dev/infiniband.”h]”hŒ;The UCAP character device is created under /dev/infiniband.”…””}”(hj_h²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´K@hj-ubhÒ)”}”(hŒFor example, if mlx5_ib adds the rdma_user_cap RDMA_UCAP_MLX5_CTRL_LOCAL with name "mlx5_perm_ctrl_local", this will create the device node::”h]”hŒFor example, if mlx5_ib adds the rdma_user_cap RDMA_UCAP_MLX5_CTRL_LOCAL with name “mlx5_perm_ctrl_localâ€, this will create the device node:”…””}”(hjmh²hh³Nh´Nubah}”(h]”h ]”h"]”h$]”h&]”uh1hÑh³hÊh´KBhj-ubj@)”}”(hŒ$/dev/infiniband/mlx5_perm_ctrl_local”h]”hŒ$/dev/infiniband/mlx5_perm_ctrl_local”…””}”hj{sbah}”(h]”h ]”h"]”h$]”h&]”jOjPuh1j?h³hÊh´KFhj-ubeh}”(h]”h ]”h"]”h$]”h&]”uh1hËh³hÊh´K:hjh²hubeh}”(h]”Œdev-and-sys-class-files”ah ]”h"]”Œ/dev and /sys/class files”ah$]”h&]”uh1hµhh·h²hh³hÊh´K8ubeh}”(h]”Œ!infiniband-userspace-capabilities”ah ]”h"]”Œ!infiniband userspace capabilities”ah$]”h&]”uh1hµhhh²hh³hÊh´Kubeh}”(h]”h ]”h"]”h$]”h&]”Œsource”hÊuh1hŒcurrent_source”NŒ current_line”NŒsettings”Œdocutils.frontend”ŒValues”“”)”}”(hºNŒ generator”NŒ datestamp”NŒ source_link”NŒ source_url”NŒ toc_backlinks”Œentry”Œfootnote_backlinks”KŒ sectnum_xform”KŒstrip_comments”NŒstrip_elements_with_classes”NŒ strip_classes”NŒ report_level”KŒ halt_level”KŒexit_status_level”KŒdebug”NŒwarning_stream”NŒ traceback”ˆŒinput_encoding”Œ utf-8-sig”Œinput_encoding_error_handler”Œstrict”Œoutput_encoding”Œutf-8”Œoutput_encoding_error_handler”jÂŒerror_encoding”Œutf-8”Œerror_encoding_error_handler”Œbackslashreplace”Œ language_code”Œen”Œrecord_dependencies”NŒconfig”NŒ id_prefix”hŒauto_id_prefix”Œid”Œ dump_settings”NŒdump_internals”NŒdump_transforms”NŒdump_pseudo_xml”NŒexpose_internals”NŒstrict_visitor”NŒ_disable_config”NŒ_source”hÊŒ _destination”NŒ _config_files”]”Œ7/var/lib/git/docbuild/linux/Documentation/docutils.conf”aŒfile_insertion_enabled”ˆŒ raw_enabled”KŒline_length_limit”M'Œpep_references”NŒ pep_base_url”Œhttps://peps.python.org/”Œpep_file_url_template”Œpep-%04d”Œrfc_references”NŒ rfc_base_url”Œ&https://datatracker.ietf.org/doc/html/”Œ tab_width”KŒtrim_footnote_reference_space”‰Œsyntax_highlight”Œlong”Œ smart_quotes”ˆŒsmartquotes_locales”]”Œcharacter_level_inline_markup”‰Œdoctitle_xform”‰Œ docinfo_xform”KŒsectsubtitle_xform”‰Œ image_loading”Œlink”Œembed_stylesheet”‰Œcloak_email_addresses”ˆŒsection_self_link”‰Œenv”NubŒreporter”NŒindirect_targets”]”Œsubstitution_defs”}”Œsubstitution_names”}”Œrefnames”}”Œrefids”}”Œnameids”}”(jœj™j›j˜jèjåjjj”j‘uŒ nametypes”}”(jœ‰j›‰jè‰j‰j”‰uh}”(j™h·j˜hõjåjžjjëj‘juŒ footnote_refs”}”Œ citation_refs”}”Œ autofootnotes”]”Œautofootnote_refs”]”Œsymbol_footnotes”]”Œsymbol_footnote_refs”]”Œ footnotes”]”Œ citations”]”Œautofootnote_start”KŒsymbol_footnote_start”KŒ id_counter”Œ collections”ŒCounter”“”}”…”R”Œparse_messages”]”Œtransform_messages”]”Œ transformer”NŒ include_log”]”Œ decoration”Nh²hub.