Use device host path to determine properties

This mirrors what is done in cri-o and allows for devices nodes from, for example, the driver container to be injected into a container at /dev instead of <ROOT>/dev Signed-off-by: Evan Lezar <elezar@nvidia.com>
2025-06-26 18:18:24 +00:00 · 2022-07-07 11:30:53 +02:00 · 2022-07-07 11:30:53 +02:00 · b68b3c543b
commit b68b3c543b
parent aea1a85bb4
2 changed files with 32 additions and 9 deletions
--- a/internal/edits/device.go
+++ b/internal/edits/device.go
@ -17,32 +17,51 @@
 package edits

 import (
+	"fmt"
+
 	"github.com/NVIDIA/nvidia-container-toolkit/internal/discover"
 	"github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
 	"github.com/container-orchestrated-devices/container-device-interface/specs-go"
+
+	"github.com/opencontainers/runc/libcontainer/devices"
 )

 type device discover.Device

 // toEdits converts a discovered device to CDI Container Edits.
-func (d device) toEdits() *cdi.ContainerEdits {
+func (d device) toEdits() (*cdi.ContainerEdits, error) {
+	deviceNode, err := d.toSpec()
+	if err != nil {
+		return nil, err
+	}
+
 	e := cdi.ContainerEdits{
 		ContainerEdits: &specs.ContainerEdits{
-			DeviceNodes: []*specs.DeviceNode{d.toSpec()},
+			DeviceNodes: []*specs.DeviceNode{deviceNode},
 		},
 	}
-	return &e
+	return &e, nil
 }

 // toSpec converts a discovered Device to a CDI Spec Device. Note
 // that missing info is filled in when edits are applied by querying the Device node.
-func (d device) toSpec() *specs.DeviceNode {
-	// NOTE: We may want to mirror what is done in cri-o w.r.t src (Host) and dst (Container) paths
-	// to ensure that the right permissions are included.
+func (d device) toSpec() (*specs.DeviceNode, error) {
+	// NOTE: This mirrors what cri-o does.
 	// https://github.com/cri-o/cri-o/blob/ca3bb80a3dda0440659fcf8da8ed6f23211de94e/internal/config/device/device.go#L93
+	// This can be removed once https://github.com/container-orchestrated-devices/container-device-interface/issues/72 is addressed
+	dev, err := devices.DeviceFromPath(d.HostPath, "rwm")
+	if err != nil {
+		return nil, fmt.Errorf("failed to query device node %v: %v", d.HostPath, err)
+	}
 	s := specs.DeviceNode{
-		Path: d.Path,
+		Path:     d.Path,
+		Type:     string(dev.Type),
+		Major:    dev.Major,
+		Minor:    dev.Minor,
+		FileMode: &dev.FileMode,
+		UID:      &dev.Uid,
+		GID:      &dev.Gid,
 	}

-	return &s
+	return &s, nil
 }
--- a/internal/edits/edits.go
+++ b/internal/edits/edits.go
@ -51,7 +51,11 @@ func NewSpecEdits(logger *logrus.Logger, d discover.Discover) (oci.SpecModifier,

 	c := cdi.ContainerEdits{}
 	for _, d := range devices {
-		c.Append(device(d).toEdits())
+		edits, err := device(d).toEdits()
+		if err != nil {
+			return nil, fmt.Errorf("failed to created container edits for device: %v", err)
+		}
+		c.Append(edits)
 	}

 	for _, m := range mounts {