Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Permission problem with vfio-pci
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
rabcor
Apprentice
Apprentice


Joined: 05 Apr 2012
Posts: 200

PostPosted: Sun Jun 01, 2014 1:26 pm    Post subject: Permission problem with vfio-pci Reply with quote

I am trying to run a qemu virtual machine with a VGA Passthrough setup.

In short, I enabled pci-stub to claim my graphics card on boot, then using the kernel "vfio-pci" module I run the following script

Code:
#!/bin/bash

modprobe vfio-pci

for dev in "$@"; do
        vendor=$(cat /sys/bus/pci/devices/$dev/vendor)
        device=$(cat /sys/bus/pci/devices/$dev/device)
        if [ -e /sys/bus/pci/devices/$dev/driver ]; then
                echo $dev > /sys/bus/pci/devices/$dev/driver/unbind
        fi
        echo $vendor $device > /sys/bus/pci/drivers/vfio-pci/new_id
done


To bind the GPU to vfio. Then I launch qemu with these commands to bind the card to my VM:
Code:
-device vfio-pci,host=02:00.0,bus=root.1,addr=00.0,multifunction=on,x-vga=on -device vfio-pci,host=02:00.1,bus=root.1,addr=00.1


It executes just fine as root, but if I run it as a user it fails and gives me a permission error:
Code:
qemu-system-x86_64: -device vfio-pci,host=02:00.0,bus=root.1,addr=00.0,multifunction=on,x-vga=on: vfio: error opening /dev/vfio/13: Permission denied
qemu-system-x86_64: -device vfio-pci,host=02:00.0,bus=root.1,addr=00.0,multifunction=on,x-vga=on: vfio: failed to get group 13
qemu-system-x86_64: -device vfio-pci,host=02:00.0,bus=root.1,addr=00.0,multifunction=on,x-vga=on: Device initialization failed.
qemu-system-x86_64: -device vfio-pci,host=02:00.0,bus=root.1,addr=00.0,multifunction=on,x-vga=on: Device 'vfio-pci' could not be initialized


For more info here are my groups:
Code:
$ groups
disk wheel audio video kvm users plugdev rabcor


What would you think is the safest way to solve that? (Running a VM as root is not something I would consider safe)
_________________
This picture was my biggest reason for ever trying Gentoo <3
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sun Jun 01, 2014 2:20 pm    Post subject: Re: Permission problem with vfio-pci Reply with quote

rabcor ... I can't answer your specific problem, but I'd suggest the following improvements to your script:

Code:
#!/bin/sh

modprobe vfio-pci

for dev in "$@"; do
    read -r vendor </sys/bus/pci/devices/$dev/vendor
    read -r device </sys/bus/pci/devices/$dev/device
    if [ -e /sys/bus/pci/devices/$dev/driver ]; then
        echo $dev > /sys/bus/pci/devices/$dev/driver/unbind
    fi
    echo $vendor $device > /sys/bus/pci/drivers/vfio-pci/new_id
done
Back to top
View user's profile Send private message
rabcor
Apprentice
Apprentice


Joined: 05 Apr 2012
Posts: 200

PostPosted: Sun Jun 01, 2014 3:36 pm    Post subject: Reply with quote

Thanks 8) I have no idea how that's an improvement though, isn't it just a different way to achieve the same result?
_________________
This picture was my biggest reason for ever trying Gentoo <3
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Sun Jun 01, 2014 6:34 pm    Post subject: Reply with quote

rabcor wrote:
Thanks 8) I have no idea how that's an improvement though, isn't it just a different way to achieve the same result?

rabcor ... you're welcome ... well, yes, it achieves the same result, but 'read' is a shell builtin whereas 'cat' isn't (so, a UUoC).

The reason we have various shell builtins is to make tasks like the above easy, and so that rather than call an external command, we can use the shell itself (which, generally, will make our code less resource intensive).

best ... khay
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum