From b68b3c543b846da18f9733a3f87399a36e879ca1 Mon Sep 17 00:00:00 2001
From: Evan Lezar <elezar@nvidia.com>
Date: Thu, 7 Jul 2022 11:30:53 +0200
Subject: [PATCH] Use device host path to determine properties

This mirrors what is done in cri-o and allows for devices nodes
from, for example, the driver container to be injected into a
container at /dev instead of <ROOT>/dev

Signed-off-by: Evan Lezar <elezar@nvidia.com>
---
 internal/edits/device.go | 35 +++++++++++++++++++++++++++--------
 internal/edits/edits.go  |  6 +++++-
 2 files changed, 32 insertions(+), 9 deletions(-)

diff --git a/internal/edits/device.go b/internal/edits/device.go
index 4dd6a303..aca095e3 100644
--- a/internal/edits/device.go
+++ b/internal/edits/device.go
@@ -17,32 +17,51 @@
 package edits
 
 import (
+	"fmt"
+
 	"github.com/NVIDIA/nvidia-container-toolkit/internal/discover"
 	"github.com/container-orchestrated-devices/container-device-interface/pkg/cdi"
 	"github.com/container-orchestrated-devices/container-device-interface/specs-go"
+
+	"github.com/opencontainers/runc/libcontainer/devices"
 )
 
 type device discover.Device
 
 // toEdits converts a discovered device to CDI Container Edits.
-func (d device) toEdits() *cdi.ContainerEdits {
+func (d device) toEdits() (*cdi.ContainerEdits, error) {
+	deviceNode, err := d.toSpec()
+	if err != nil {
+		return nil, err
+	}
+
 	e := cdi.ContainerEdits{
 		ContainerEdits: &specs.ContainerEdits{
-			DeviceNodes: []*specs.DeviceNode{d.toSpec()},
+			DeviceNodes: []*specs.DeviceNode{deviceNode},
 		},
 	}
-	return &e
+	return &e, nil
 }
 
 // toSpec converts a discovered Device to a CDI Spec Device. Note
 // that missing info is filled in when edits are applied by querying the Device node.
-func (d device) toSpec() *specs.DeviceNode {
-	// NOTE: We may want to mirror what is done in cri-o w.r.t src (Host) and dst (Container) paths
-	// to ensure that the right permissions are included.
+func (d device) toSpec() (*specs.DeviceNode, error) {
+	// NOTE: This mirrors what cri-o does.
 	// https://github.com/cri-o/cri-o/blob/ca3bb80a3dda0440659fcf8da8ed6f23211de94e/internal/config/device/device.go#L93
+	// This can be removed once https://github.com/container-orchestrated-devices/container-device-interface/issues/72 is addressed
+	dev, err := devices.DeviceFromPath(d.HostPath, "rwm")
+	if err != nil {
+		return nil, fmt.Errorf("failed to query device node %v: %v", d.HostPath, err)
+	}
 	s := specs.DeviceNode{
-		Path: d.Path,
+		Path:     d.Path,
+		Type:     string(dev.Type),
+		Major:    dev.Major,
+		Minor:    dev.Minor,
+		FileMode: &dev.FileMode,
+		UID:      &dev.Uid,
+		GID:      &dev.Gid,
 	}
 
-	return &s
+	return &s, nil
 }
diff --git a/internal/edits/edits.go b/internal/edits/edits.go
index 4f4ee150..14e79b7b 100644
--- a/internal/edits/edits.go
+++ b/internal/edits/edits.go
@@ -51,7 +51,11 @@ func NewSpecEdits(logger *logrus.Logger, d discover.Discover) (oci.SpecModifier,
 
 	c := cdi.ContainerEdits{}
 	for _, d := range devices {
-		c.Append(device(d).toEdits())
+		edits, err := device(d).toEdits()
+		if err != nil {
+			return nil, fmt.Errorf("failed to created container edits for device: %v", err)
+		}
+		c.Append(edits)
 	}
 
 	for _, m := range mounts {