Skip to content

hm2_eth: don't abort board load when SIOCSARP is denied#4112

Open
grandixximo wants to merge 1 commit into
LinuxCNC:masterfrom
grandixximo:feature/siocsarp-rootless
Open

hm2_eth: don't abort board load when SIOCSARP is denied#4112
grandixximo wants to merge 1 commit into
LinuxCNC:masterfrom
grandixximo:feature/siocsarp-rootless

Conversation

@grandixximo
Copy link
Copy Markdown
Contributor

@grandixximo grandixximo commented Jun 3, 2026

Follow-up to #3964, addressing a point @jepler raised in that review.

hm2_eth pins a permanent ARP entry for the board with SIOCSARP, which needs CAP_NET_ADMIN. On a rootless install without make setcap the ioctl fails with EPERM, and the old code treated that as fatal: it returned -errno, so the board would not load at all.

That is inconsistent with the rest of the rootless work in #3964, where the firewall setup degrades gracefully (skip with a warning) when the capability is missing. This one ioctl made the whole "run without setcap" mode unusable for ethernet boards.

What changed

  • SIOCSARP failure is now best-effort instead of fatal. On failure the driver warns, clears ATF_PERM, and continues. The kernel falls back to dynamic ARP, which works; the only cost is an occasional transmit delay when the cache entry expires and is refreshed, as @jepler noted.
  • The warning points the user at sudo make setcap (or setuid) to restore the pinned entry.
  • Clearing ATF_PERM keeps the SIOCDARP teardown in close_board() from trying to remove an entry that was never installed.

Installs that run with setcap or setuid are unaffected: the ioctl succeeds as before and the static entry is pinned.

Tested

Configured --with-realtime=uspace and built; hm2_eth compiles and links clean. Not hardware-tested, I do not have a Mesa ethernet card.

cc @jepler, @hdiethelm

@grandixximo grandixximo mentioned this pull request Jun 3, 2026
Merged
@hdiethelm
Copy link
Copy Markdown
Contributor

hdiethelm commented Jun 3, 2026

Tested, works!

@hdiethelm
Copy link
Copy Markdown
Contributor

hdiethelm commented Jun 3, 2026
edited
Loading

Note: This is an issue created long ago:
d2e4742
hm2_eth probably never worked without suid. Due to you set CAP_NET_ADMIN, it works also with setcap.
Anyway, it's an improvement, so you can run it also without cap / suid now.

But it might also generate issues if someone does not notice that he has no real time at all. The warning is not well visible, especially if you only start the GUI. But this is a general issue, not connected to hm2_eth. Might be a big red popup in the gui if you don't run real time.

I would merge this and think about a good way to warn a user if he runs linuxcnc without any real time kernel. This can happen by accident if you boot the wrong kernel and then wonder why you mill just crashed.

@hdiethelm
Copy link
Copy Markdown
Contributor

hdiethelm commented Jun 3, 2026

I created a new issue to address the non-realtime trap: #4118

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@grandixximo @hdiethelm