David Marchand <david.march...@redhat.com> writes: > On Tue, Aug 31, 2021 at 5:27 PM Kamaraj P <pkama...@gmail.com> wrote: >> >> Hi Thomas, >> We are trying with the IGB_UIO driver in our DPDK application. > > Running with igb-uio as a non priviledged user is not possible (or, at > best, makes little sense). > > >> Is there any documentation where we need to start to run a DPDK >> application with minimal system capability? >> Also please let us know if there is any known dependency with DPDK >> versions (dpdk application with 18, 19.11 versions etc) when we run >> with sys capabilit. >> >> Hi David, >> Can you please share with us the pointer for OVS integration(DPDK running as >> non-privileged mode ?) > > I don't have a full list, here is what I have in mind. > > For non mellanox devices, you'll have to rely on vfio-pci bound > devices and setup access to those fds. > https://github.com/openvswitch/ovs/blob/master/rhel/usr_lib_udev_rules.d_91-vfio.rules > > For mellanox devices and some parts of dpdk, you need (quite) some > capabilities: > https://github.com/openvswitch/ovs/blob/master/lib/daemon-unix.c#L812 > > There are also hugepages accesses to consider: > https://github.com/openvswitch/ovs/blob/master/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in#L20 > > There are selinux considerations too.
See: https://github.com/openvswitch/ovs/tree/master/selinux Additionally, you might need to do some additional work for whatever LSM you use. For example, AppArmor, etc.
