diff --git a/NVIDIA.md b/NVIDIA.md new file mode 100644 index 000000000..a854bfdac --- /dev/null +++ b/NVIDIA.md @@ -0,0 +1,6 @@ +install: +dkms +linux-headers-$(uname-r) + +then run: +https://us.download.nvidia.com/XFree86/aarch64/580.119.02/NVIDIA-Linux-aarch64-580.119.02.run diff --git a/build/README.md b/build/README.md new file mode 100644 index 000000000..e69de29bb diff --git a/build/dpkg-deps/nonfree.depends b/build/dpkg-deps/nonfree.depends index 0662c811e..a154dcfb5 100644 --- a/build/dpkg-deps/nonfree.depends +++ b/build/dpkg-deps/nonfree.depends @@ -5,7 +5,3 @@ + firmware-libertas + firmware-misc-nonfree + firmware-realtek -+ libnvidia-container-tools -+ libnvidia-container1 -+ nvidia-container-toolkit -+ nvidia-driver \ No newline at end of file diff --git a/core/src/lxc/gpu_config b/core/src/lxc/gpu_config new file mode 100644 index 000000000..8bc383540 --- /dev/null +++ b/core/src/lxc/gpu_config @@ -0,0 +1,20 @@ + +# NVIDIA Devices Spe +lxc.cgroup2.devices.allow: c 235:* rwm + +# DRM devices +lxc.mount.entry: /dev/dri dev/dri none bind,optional,create=di + +# Device IDs for /dev/dri, check `ls -l /dev/dri` +lxc.cgroup2.devices.allow: c 226:* rwm + +# Nvidia nodes +lxc.mount.entry: /dev/nvidia0 dev/nvidia0 none bind,optional,create=file +lxc.mount.entry: /dev/nvidiactl dev/nvidiactl none bind,optional,create=file +lxc.mount.entry: /dev/nvidia-uvm dev/nvidia-uvm none bind,optional,create=file +lxc.mount.entry: /dev/nvidia-modeset dev/nvidia-modeset none bind,optional,create=file + +# Device IDs for /dev/nvidia*, check `ls -l /dev/nvidia*` +lxc.cgroup2.devices.allow: c 195:* rwm +lxc.cgroup2.devices.allow: c 500:* rwm +lxc.cgroup2.devices.allow: c 503:* rwm diff --git a/core/src/lxc/mod.rs b/core/src/lxc/mod.rs index 8091577d2..02b46f5e7 100644 --- a/core/src/lxc/mod.rs +++ b/core/src/lxc/mod.rs @@ -174,11 +174,11 @@ impl LxcContainer { let machine_id = hex::encode(rand::random::<[u8; 16]>()); let container_dir = Path::new(LXC_CONTAINER_DIR).join(&*guid); tokio::fs::create_dir_all(&container_dir).await?; - tokio::fs::write( - container_dir.join("config"), - format!(include_str!("./config.template"), guid = &*guid), - ) - .await?; + let mut config_str = format!(include_str!("./config.template"), guid = &*guid); + if config.gpu_acceleration { + config_str += include_str!("./gpu_config"); + } + tokio::fs::write(container_dir.join("config"), config_str).await?; // TODO: append config let rootfs_dir = container_dir.join("rootfs"); let rootfs = OverlayGuard::mount( @@ -414,7 +414,10 @@ impl Drop for LxcContainer { } #[derive(Default, Serialize)] -pub struct LxcConfig {} +pub struct LxcConfig { + pub gpu_acceleration: bool, +} + pub async fn connect(ctx: &RpcContext, container: &LxcContainer) -> Result { use axum::extract::ws::Message; diff --git a/core/src/s9pk/v2/compat.rs b/core/src/s9pk/v2/compat.rs index 2b0edd8fa..1439968ac 100644 --- a/core/src/s9pk/v2/compat.rs +++ b/core/src/s9pk/v2/compat.rs @@ -251,6 +251,10 @@ impl TryFrom for Manifest { git_hash: value.git_hash, os_version: value.eos_version, sdk_version: None, + gpu_acceleration: match value.main { + PackageProcedure::Docker(d) => d.gpu_acceleration, + PackageProcedure::Script(_) => false, + }, }) } } diff --git a/core/src/s9pk/v2/manifest.rs b/core/src/s9pk/v2/manifest.rs index 23e518422..1037773be 100644 --- a/core/src/s9pk/v2/manifest.rs +++ b/core/src/s9pk/v2/manifest.rs @@ -62,6 +62,8 @@ pub struct Manifest { pub dependencies: Dependencies, #[serde(default)] pub hardware_requirements: HardwareRequirements, + #[serde(default)] + pub gpu_acceleration: bool, pub git_hash: Option, #[serde(default = "current_version")] #[ts(type = "string")] diff --git a/core/src/service/persistent_container.rs b/core/src/service/persistent_container.rs index e2faf0a8c..8c8131b48 100644 --- a/core/src/service/persistent_container.rs +++ b/core/src/service/persistent_container.rs @@ -96,7 +96,9 @@ impl PersistentContainer { .join("logs") .join(&s9pk.as_manifest().id), ), - LxcConfig::default(), + LxcConfig { + gpu_acceleration: s9pk.manifest.gpu_acceleration, + }, ) .await?; let rpc_client = lxc_container.connect_rpc(Some(RPC_CONNECT_TIMEOUT)).await?;