diff --git a/cmd/nvidia-cdi-hook/cudacompat/container-root.go b/cmd/nvidia-cdi-hook/cudacompat/container-root.go deleted file mode 100644 index 8bb3b3c8..00000000 --- a/cmd/nvidia-cdi-hook/cudacompat/container-root.go +++ /dev/null @@ -1,76 +0,0 @@ -/** -# Copyright (c) 2025, NVIDIA CORPORATION. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -**/ - -package cudacompat - -import ( - "os" - "path/filepath" - - "github.com/moby/sys/symlink" -) - -// A containerRoot represents the root filesystem of a container. -type containerRoot string - -// hasPath checks whether the specified path exists in the root. -func (r containerRoot) hasPath(path string) bool { - resolved, err := r.resolve(path) - if err != nil { - return false - } - if _, err := os.Stat(resolved); err != nil && os.IsNotExist(err) { - return false - } - return true -} - -// globFiles matches the specified pattern in the root. -// The files that match must be regular files. -func (r containerRoot) globFiles(pattern string) ([]string, error) { - patternPath, err := r.resolve(pattern) - if err != nil { - return nil, err - } - matches, err := filepath.Glob(patternPath) - if err != nil { - return nil, err - } - var files []string - for _, match := range matches { - info, err := os.Lstat(match) - if err != nil { - return nil, err - } - // Ignore symlinks. - if info.Mode()&os.ModeSymlink != 0 { - continue - } - // Ignore directories. - if info.IsDir() { - continue - } - files = append(files, match) - } - return files, nil -} - -// resolve returns the absolute path including root path. -// Symlinks are resolved, but are guaranteed to resolve in the root. -func (r containerRoot) resolve(path string) (string, error) { - absolute := filepath.Clean(filepath.Join(string(r), path)) - return symlink.FollowSymlinkInScope(absolute, string(r)) -} diff --git a/cmd/nvidia-cdi-hook/cudacompat/cudacompat.go b/cmd/nvidia-cdi-hook/cudacompat/cudacompat.go index 0cecd6c1..ae5357a2 100644 --- a/cmd/nvidia-cdi-hook/cudacompat/cudacompat.go +++ b/cmd/nvidia-cdi-hook/cudacompat/cudacompat.go @@ -25,6 +25,7 @@ import ( "github.com/urfave/cli/v2" + "github.com/NVIDIA/nvidia-container-toolkit/cmd/nvidia-cdi-hook/utils" "github.com/NVIDIA/nvidia-container-toolkit/internal/logger" "github.com/NVIDIA/nvidia-container-toolkit/internal/oci" ) @@ -107,8 +108,9 @@ func (m command) run(_ *cli.Context, cfg *options) error { if err != nil { return fmt.Errorf("failed to determined container root: %w", err) } + containerRoot := utils.ContainerRoot(containerRootDir) - containerForwardCompatDir, err := m.getContainerForwardCompatDir(containerRoot(containerRootDir), cfg.hostDriverVersion) + containerForwardCompatDir, err := m.getContainerForwardCompatDir(containerRoot, cfg.hostDriverVersion) if err != nil { return fmt.Errorf("failed to get container forward compat directory: %w", err) } @@ -116,24 +118,24 @@ func (m command) run(_ *cli.Context, cfg *options) error { return nil } - return m.createLdsoconfdFile(containerRoot(containerRootDir), cudaCompatLdsoconfdFilenamePattern, containerForwardCompatDir) + return m.createLdsoconfdFile(containerRoot, cudaCompatLdsoconfdFilenamePattern, containerForwardCompatDir) } -func (m command) getContainerForwardCompatDir(containerRoot containerRoot, hostDriverVersion string) (string, error) { +func (m command) getContainerForwardCompatDir(containerRoot utils.ContainerRoot, hostDriverVersion string) (string, error) { if hostDriverVersion == "" { m.logger.Debugf("Host driver version not specified") return "", nil } - if !containerRoot.hasPath(cudaCompatPath) { + if !containerRoot.HasPath(cudaCompatPath) { m.logger.Debugf("No CUDA forward compatibility libraries directory in container") return "", nil } - if !containerRoot.hasPath("/etc/ld.so.cache") { + if !containerRoot.HasPath("/etc/ld.so.cache") { m.logger.Debugf("The container does not have an LDCache") return "", nil } - libs, err := containerRoot.globFiles(filepath.Join(cudaCompatPath, "libcuda.so.*.*")) + libs, err := containerRoot.GlobFiles(filepath.Join(cudaCompatPath, "libcuda.so.*.*")) if err != nil { m.logger.Warningf("Failed to find CUDA compat library: %w", err) return "", nil @@ -172,13 +174,13 @@ func (m command) getContainerForwardCompatDir(containerRoot containerRoot, hostD // createLdsoconfdFile creates a file at /etc/ld.so.conf.d/ in the specified root. // The file is created at /etc/ld.so.conf.d/{{ .pattern }} using `CreateTemp` and // contains the specified directories on each line. -func (m command) createLdsoconfdFile(in containerRoot, pattern string, dirs ...string) error { +func (m command) createLdsoconfdFile(in utils.ContainerRoot, pattern string, dirs ...string) error { if len(dirs) == 0 { m.logger.Debugf("No directories to add to /etc/ld.so.conf") return nil } - ldsoconfdDir, err := in.resolve("/etc/ld.so.conf.d") + ldsoconfdDir, err := in.Resolve("/etc/ld.so.conf.d") if err != nil { return err } diff --git a/cmd/nvidia-cdi-hook/cudacompat/cudacompat_test.go b/cmd/nvidia-cdi-hook/cudacompat/cudacompat_test.go index 0422fe76..84930d74 100644 --- a/cmd/nvidia-cdi-hook/cudacompat/cudacompat_test.go +++ b/cmd/nvidia-cdi-hook/cudacompat/cudacompat_test.go @@ -24,6 +24,8 @@ import ( testlog "github.com/sirupsen/logrus/hooks/test" "github.com/stretchr/testify/require" + + "github.com/NVIDIA/nvidia-container-toolkit/cmd/nvidia-cdi-hook/utils" ) func TestCompatLibs(t *testing.T) { @@ -130,7 +132,7 @@ func TestCompatLibs(t *testing.T) { c := command{ logger: logger, } - containerForwardCompatDir, err := c.getContainerForwardCompatDir(containerRoot(containerRootDir), tc.hostDriverVersion) + containerForwardCompatDir, err := c.getContainerForwardCompatDir(utils.ContainerRoot(containerRootDir), tc.hostDriverVersion) require.NoError(t, err) require.EqualValues(t, tc.expectedContainerForwardCompatDir, containerForwardCompatDir) }) @@ -160,7 +162,7 @@ func TestUpdateLdconfig(t *testing.T) { c := command{ logger: logger, } - err := c.createLdsoconfdFile(containerRoot(containerRootDir), cudaCompatLdsoconfdFilenamePattern, tc.folders...) + err := c.createLdsoconfdFile(utils.ContainerRoot(containerRootDir), cudaCompatLdsoconfdFilenamePattern, tc.folders...) require.NoError(t, err) matches, err := filepath.Glob(filepath.Join(containerRootDir, "/etc/ld.so.conf.d/00-compat-*.conf")) diff --git a/cmd/nvidia-cdi-hook/utils/container-root.go b/cmd/nvidia-cdi-hook/utils/container-root.go index ec5000ac..4117245e 100644 --- a/cmd/nvidia-cdi-hook/utils/container-root.go +++ b/cmd/nvidia-cdi-hook/utils/container-root.go @@ -26,6 +26,36 @@ import ( // A ContainerRoot represents the root filesystem of a container. type ContainerRoot string +// GlobFiles matches the specified pattern in the container root. +// The files that match must be regular files. +func (r ContainerRoot) GlobFiles(pattern string) ([]string, error) { + patternPath, err := r.Resolve(pattern) + if err != nil { + return nil, err + } + matches, err := filepath.Glob(patternPath) + if err != nil { + return nil, err + } + var files []string + for _, match := range matches { + info, err := os.Lstat(match) + if err != nil { + return nil, err + } + // Ignore symlinks. + if info.Mode()&os.ModeSymlink != 0 { + continue + } + // Ignore directories. + if info.IsDir() { + continue + } + files = append(files, match) + } + return files, nil +} + // HasPath checks whether the specified path exists in the root. func (r ContainerRoot) HasPath(path string) bool { resolved, err := r.Resolve(path)