Skip to content

Commit

Permalink
Add option to allow others instead of group in udev rules (#534)
Browse files Browse the repository at this point in the history
  • Loading branch information
JGoutin authored Sep 14, 2021
1 parent 1e17dcb commit 7369ab1
Show file tree
Hide file tree
Showing 5 changed files with 39 additions and 2 deletions.
1 change: 1 addition & 0 deletions sdk/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ $ sudo apt-get install build-essential

SDK supports granting access to FPGA resources and AFI management tools to users other than root. The SDK setup will create a group and make all the device resources members of this group. The user will be added to this group. Variables below help control this feature
* AWS_FPGA_ALLOW_NON_ROOT when set, will turn on the feature.
* AWS_FPGA_SDK_OTHERS when set, will allow all users to use FPGA, else only the group specified by AWS_FPGA_SDK_GROUP.
* AWS_FPGA_SDK_GROUP specifies group that will have access to FPGA and AFI tools. The setup will create the group and add user to this group. User must switch or relogin to have this group membership effective. If unspecified, this will default to "fpgauser".
* AWS_FPGA_SDK_OVERRIDE_GROUP specifies to add user to already existing group specified by AWS_FPGA_SDK_GROUP. If this is unset and AWS_FPGA_SDK_GROUP evaluates to an existing group, setup will fail.

Expand Down
32 changes: 31 additions & 1 deletion sdk/userspace/add_udev_rules.sh
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,36 @@ set -x
source /tmp/sdk_root_env.exp
set +x
rm -f /tmp/sdk_root_env.exp

mkdir -p /opt/aws/bin

if [[ $AWS_FPGA_SDK_OTHERS ]]; then
# Allow all users

# Make a script that will be run to change permissions everytime
# udev rule for the DBDF is matched
echo "Installing permission fix script for udev"
cat >/opt/aws/bin/change-fpga-perm.sh<<EF
#!/bin/bash
set -x
setperm () {
chmod g=u \$1
chmod a=u \$1
}
setfpgaperm () {
for f in \$1/*; do
setperm \$f;
done
}
devicePath=/sys/bus/pci/devices/\$1
grep -q "0x058000" \$devicePath/class && setfpgaperm "\$devicePath"
setperm /sys/bus/pci/rescan all
EF

else
# Allow group only

echo "Creating group ${AWS_FPGA_SDK_GROUP}"
getent group ${AWS_FPGA_SDK_GROUP} >/dev/null 2>&1
if [[ $? -eq 0 ]] ; then
Expand Down Expand Up @@ -49,7 +79,6 @@ fi

# Fail on any unsucessful command
set -e
mkdir -p /opt/aws/bin
# Make a script that will be run to change permissions everytime
# udev rule for the DBDF is matched
echo "Installing permission fix script for udev"
Expand All @@ -76,6 +105,7 @@ devicePath=/sys/bus/pci/devices/\$1
grep -q "0x058000" \$devicePath/class && setfpgaperm "\$devicePath"
setperm /sys/bus/pci/rescan all
EF
fi
chmod 544 /opt/aws/bin/change-fpga-perm.sh

DBDFs=`lspci -Dn | grep -Ew "1d0f:1042|1d0f:1041" | awk '{print $1}' | sed ':x;N;$!bx;s/\n/ /g'`
Expand Down
1 change: 1 addition & 0 deletions sdk_setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ source $script_dir/shared/bin/set_common_env_vars.sh
sudo rm -f /tmp/sdk_root_env.exp
typeset -f allow_non_root > /tmp/sdk_root_env.exp
echo "export AWS_FPGA_SDK_GROUP=${AWS_FPGA_SDK_GROUP}" >> /tmp/sdk_root_env.exp
echo "export AWS_FPGA_SDK_OTHERS=${AWS_FPGA_SDK_OTHERS}" >> /tmp/sdk_root_env.exp
echo "export SDK_NON_ROOT_USER=${SDK_NON_ROOT_USER}" >> /tmp/sdk_root_env.exp
echo "export AWS_FPGA_SDK_OVERRIDE_GROUP=${AWS_FPGA_SDK_OVERRIDE_GROUP}" >> /tmp/sdk_root_env.exp
sudo chown root:root /tmp/sdk_root_env.exp
Expand Down
3 changes: 2 additions & 1 deletion shared/bin/set_common_env_vars.sh
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,9 @@ unset HDK_SHELL_DIR
unset HDK_SHELL_DESIGN_DIR

export -f allow_non_root
export -f allow_others

if allow_non_root ; then
if allow_non_root && allow_others ; then
export AWS_FPGA_SDK_GROUP=${AWS_FPGA_SDK_GROUP:-"fpgauser"}
export SDK_NON_ROOT_USER=$(whoami)
info_msg "Allowing group ${AWS_FPGA_SDK_GROUP} access to FPGA management tools and resources"
Expand Down
4 changes: 4 additions & 0 deletions shared/bin/set_common_functions.sh
Original file line number Diff line number Diff line change
Expand Up @@ -308,3 +308,7 @@ function patch_AR73068 {
function allow_non_root {
[ ! -z ${AWS_FPGA_ALLOW_NON_ROOT} ]
}

function allow_others {
[ ! -z ${AWS_FPGA_SDK_OTHERS} ]
}

0 comments on commit 7369ab1

Please sign in to comment.