GPU passthrough /dev/dri/ group owner

trumee · April 6, 2019, 10:31pm

Hello,

I want to use the GPU in an archlinux container. On the archlinux host (lxc version 3.10) the permissions show up like this:

$ ls -la /dev/dri/
total 0
drwxr-xr-x  3 root root        120 Apr  6 12:37 .
drwxr-xr-x 23 root root       4480 Apr  6 12:48 ..
drwxr-xr-x  2 root root        100 Apr  6 12:37 by-path
crw-rw----  1 root video  226,   0 Apr  6 12:37 card0
crw-rw----  1 root video  226,   1 Apr  6 12:37 card1
crw-rw-rw-  1 root render 226, 128 Apr  6 12:37 renderD128

However, in the container the “video” group is no longer used,

# ls -la /dev/dri/
total 2
drwxr-xr-x  2 root root      120 Apr  6 17:23 .
drwxr-xr-x 12 root root      640 Apr  6 17:23 ..
crw-rw----  1 root root 226,   0 Apr  6 17:23 card0
crw-rw----  1 root root 226,   1 Apr  6 17:23 card1
crw-rw----  1 root root 226,   0 Apr  6 17:23 controlD64
crw-rw-rw-  1 root root 226, 128 Apr  6 17:23 renderD128

How can i get card to be owned by “video” like on the host?

The container config is as follows:

$ lxc config show plexserver
architecture: x86_64
config:
  image.architecture: amd64
  image.description: Archlinux current amd64 (20190406_04:18)
  image.os: Archlinux
  image.release: current
  image.serial: "20190406_04:18"
  nvidia.runtime: "true"
  volatile.base_image: de43692c92c19e78d99b1168955f629129529599e00adca4256b858473a330e9
  volatile.eth0.name: eth0
  volatile.idmap.base: "0"
  volatile.idmap.next: '[{"Isuid":true,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.idmap: '[{"Isuid":true,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.power: RUNNING
devices:
  eth0:
    host_name: vethplexserver
    nictype: bridged
    parent: vlan300br
    type: nic
  gpu:
    type: gpu
  sharemedia:
    path: /mnt/media
    source: /mnt/media
    type: disk
ephemeral: false
profiles:
- default
stateful: false
description: ""

stgraber · April 6, 2019, 10:39pm

Set the gid property on the gpu device to the ID of the video group in the container.

rosmul · June 4, 2019, 1:03am

How do you know ahead of time what the gid is going to be for the video group? Don’t the maprange etc settings make the gid unpredictable before the container is created?

stgraber · June 4, 2019, 11:07pm

You can create the container, get the gid and add the device then. The gid should remain constant from that point on.