From 9af510872124863fa5db7280d892ed0ce8a60e09 Mon Sep 17 00:00:00 2001 From: Otto Bittner Date: Mon, 5 Feb 2024 10:35:02 +0000 Subject: [PATCH] enable CC mode Co-authored-by: Malte Poll --- pkg/abi/nvgpu/uvm.go | 10 ++++++++++ pkg/sentry/devices/nvproxy/seccomp_filters.go | 4 ++++ pkg/sentry/devices/nvproxy/uvm_mmap.go | 7 ++++--- pkg/sentry/devices/nvproxy/version.go | 1 + 4 files changed, 19 insertions(+), 3 deletions(-) diff --git a/pkg/abi/nvgpu/uvm.go b/pkg/abi/nvgpu/uvm.go index 626a322f1..1811ba2c4 100644 --- a/pkg/abi/nvgpu/uvm.go +++ b/pkg/abi/nvgpu/uvm.go @@ -40,6 +40,7 @@ const ( UVM_REGISTER_GPU = 37 UVM_UNREGISTER_GPU = 38 UVM_PAGEABLE_MEM_ACCESS = 39 + UVM_SET_PREFERRED_LOCATION = 42 UVM_DISABLE_READ_DUPLICATION = 45 UVM_MAP_DYNAMIC_PARALLELISM_REGION = 65 UVM_ALLOC_SEMAPHORE_POOL = 68 @@ -188,6 +189,15 @@ type UVM_PAGEABLE_MEM_ACCESS_PARAMS struct { RMStatus uint32 } +// +marshal +type UVM_SET_PREFERRED_LOCATION_PARAMS struct { + RequestedBase uint64 + Length uint64 + NvProcessorUUID [16]uint8 + RMStatus uint32 + Pad0 [4]byte +} + // +marshal type UVM_DISABLE_READ_DUPLICATION_PARAMS struct { RequestedBase uint64 diff --git a/pkg/sentry/devices/nvproxy/seccomp_filters.go b/pkg/sentry/devices/nvproxy/seccomp_filters.go index 0d5cfa880..080323247 100644 --- a/pkg/sentry/devices/nvproxy/seccomp_filters.go +++ b/pkg/sentry/devices/nvproxy/seccomp_filters.go @@ -156,6 +156,10 @@ func Filters() seccomp.SyscallRules { seccomp.NonNegativeFD{}, seccomp.EqualTo(nvgpu.UVM_PAGEABLE_MEM_ACCESS), }, + seccomp.PerArg{ + seccomp.NonNegativeFD{}, + seccomp.EqualTo(nvgpu.UVM_SET_PREFERRED_LOCATION), + }, seccomp.PerArg{ seccomp.NonNegativeFD{}, seccomp.EqualTo(nvgpu.UVM_DISABLE_READ_DUPLICATION), diff --git a/pkg/sentry/devices/nvproxy/uvm_mmap.go b/pkg/sentry/devices/nvproxy/uvm_mmap.go index 7235d8aad..6c11e4880 100644 --- a/pkg/sentry/devices/nvproxy/uvm_mmap.go +++ b/pkg/sentry/devices/nvproxy/uvm_mmap.go @@ -29,9 +29,10 @@ func (fd *uvmFD) ConfigureMMap(ctx context.Context, opts *memmap.MMapOpts) error // UVM_VALIDATE_VA_RANGE, and probably other ioctls, expect that // application mmaps of /dev/nvidia-uvm are immediately visible to the // driver. - if opts.PlatformEffect < memmap.PlatformEffectPopulate { - opts.PlatformEffect = memmap.PlatformEffectPopulate - } + // if opts.PlatformEffect < memmap.PlatformEffectPopulate { + // opts.PlatformEffect = memmap.PlatformEffectPopulate + // } + opts.PlatformEffect = memmap.PlatformEffectCommit return vfs.GenericConfigureMMap(&fd.vfsfd, fd, opts) } diff --git a/pkg/sentry/devices/nvproxy/version.go b/pkg/sentry/devices/nvproxy/version.go index 938acc32d..a6c28a831 100644 --- a/pkg/sentry/devices/nvproxy/version.go +++ b/pkg/sentry/devices/nvproxy/version.go @@ -190,6 +190,7 @@ func Init() { nvgpu.UVM_REGISTER_GPU: uvmIoctlHasRMCtrlFD[nvgpu.UVM_REGISTER_GPU_PARAMS], nvgpu.UVM_UNREGISTER_GPU: uvmIoctlSimple[nvgpu.UVM_UNREGISTER_GPU_PARAMS], nvgpu.UVM_PAGEABLE_MEM_ACCESS: uvmIoctlSimple[nvgpu.UVM_PAGEABLE_MEM_ACCESS_PARAMS], + nvgpu.UVM_SET_PREFERRED_LOCATION: uvmIoctlSimple[nvgpu.UVM_SET_PREFERRED_LOCATION_PARAMS], nvgpu.UVM_DISABLE_READ_DUPLICATION: uvmIoctlSimple[nvgpu.UVM_DISABLE_READ_DUPLICATION_PARAMS], nvgpu.UVM_MAP_DYNAMIC_PARALLELISM_REGION: uvmIoctlSimple[nvgpu.UVM_MAP_DYNAMIC_PARALLELISM_REGION_PARAMS], nvgpu.UVM_ALLOC_SEMAPHORE_POOL: uvmIoctlSimple[nvgpu.UVM_ALLOC_SEMAPHORE_POOL_PARAMS],