Net Namespace Awareness for IB Devices
The RDMA core now assigns a device’s network namespace at allocation time, inheriting it from the associated devlink instance after a devlink reload. The IPoIB driver has also been updated to be namespace-aware, creating its interfaces in the same namespace as the parent RDMA device.
In addition, several patches ensure CAP_NET_RAW checks are enforced within user namespaces for multiple RDMA operations, including counters, QP modification, DevX creation, and flow creation. These changes are included starting in Linux kernel 6.17.
The following table lists the patches required for bare-metal Net Namespace Awareness for IB Devices support.
LKML Discussion | Git Commit | Git Description | Minimum Linux Kernel Release |
https://lore.kernel.org/all/68e2064e72e94558a576fdbbb987681a64f6fea8.1750963874.git.leon@kernel.org/ | 449728196d65 | RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters | 6.17 |
https://lore.kernel.org/all/20250812173432.562314636@linuxfoundation.org/ | 28ea058a2979 | RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify | 6.17 |
https://lore.kernel.org/all/20250812173432.525606824@linuxfoundation.org/ | bd82467f17e0 | RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create | 6.17 |
https://lore.kernel.org/all/3914ef9702b01de8843a391ce397fca67d0fc7af.1750963874.git.leon@kernel.org/ | 4b527c23c92d | RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create | 6.17 |
https://lore.kernel.org/all/20250812173432.417207302@linuxfoundation.org/ | 0498c2d9984e | RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create | 6.17 |
https://lore.kernel.org/all/20250812173432.369412273@linuxfoundation.org/ | 14957e8125e7 | RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create | 6.17 |
https://lore.kernel.org/all/20250812173432.330183501@linuxfoundation.org/ | 95a89ec304c3 | RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create | 6.17 |
https://lore.kernel.org/all/20250812173432.293396619@linuxfoundation.org/ | f458ccd2aa2c | RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create | 6.17 |
https://lore.kernel.org/all/20250812173432.256100073@linuxfoundation.org/ | f1208b05574f | RDMA/ipoib: Use parent rdma device net namespace | 6.17 |
https://lore.kernel.org/all/bc5112ad4def0b2732edf778f43cd31570ba9ed4.1750149405.git.leon@kernel.org/ | 611d08207d31 | RDMA/mlx5: Allocate IB device with net namespace supplied from core dev | 6.17 |
https://lore.kernel.org/all/e383de8cd1df118e6cc4a0a5c0d27c0118611fe4.1750149405.git.leon@kernel.org/ | 8cffca866ba8 | RDMA/core: Extend RDMA device registration to be net namespace aware | 6.17 |