[openib-general] Re: [PATCH] RDMA CM: assign port numbers when binding a cm_id to an address
Michael S. Tsirkin
mst at mellanox.co.il
Thu Apr 20 10:22:04 PDT 2006
Quoting r. Sean Hefty <sean.hefty at intel.com>:
> Subject: RE: [PATCH] RDMA CM: assign port numbers when binding a cm_id to an address
>
> >One small note: ipv4 on linux does this:
> > err = -EACCES;
> > if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
> > goto out;
> >
> >disabling bind to ports 1-1023 for non-priveledged users.
> >
> >Do you want to add such a check in CMA, or does it belong in SDP in your
> >opinion?
>
> I would think this check belongs in the kernel ucma, which would require adding
> it to SDP as well.
>
> Which module is the check listed above done in? I want to understand where this
> check is made before adding it.
For ipv4 sockets it's done in net/ipv4/af_inet.c.
grep for CAP_NET_BIND_SERVICE and you'll see it for other protocols.
--
MST
More information about the general
mailing list