From 5cc498c6aa3dbd98c76c75c7e34b78fd7d37794d Mon Sep 17 00:00:00 2001 From: Chris Freehill Date: Mon, 27 Jan 2020 19:08:09 -0600 Subject: [PATCH] Make rdcd run as user "rdc" The rdc account will be created on installation if it does not already exist. It will be a system account with no home directory. rdcd will be started as a systemd service, but change to user "rdc". The rdc user will drop all priviliges except CAP_DAC_OVERRIDE, permitted. This means the default mode will have no special privileges, but have the ability to gain write access (e.g., to sysfs) when needed. rdc tests were being inadvertantly added to the installation. This was adversely impacting the new functionality, so it was corrected in this commit. Also included are a few small formatting changes. Change-Id: I9c6bb132fee28119fd3960594dfb97bd2e7b282a --- CMakeLists.txt | 57 ++++++++++++----- DEBIAN/control | 8 +-- DEBIAN/postinst | 19 ------ DEBIAN/prerm | 2 +- RPM/rpm_post | 2 - RPM/rpm_postun | 2 +- client/CMakeLists.txt | 14 +++-- server/CMakeLists.txt | 18 +++--- server/include/rdc/rdc_server_utils.h | 30 +++++++++ server/rdc.service | 9 +++ server/src/rdc_admin_service.cc | 4 +- server/src/rdc_server_main.cc | 78 ++++++++++++++++------- server/src/rdc_server_utils.cc | 89 +++++++++++++++++++++++++++ src/DEBIAN_postinst.in | 33 ++++++++++ src/RPM_rpm_post.in | 10 +++ tests/rdc_tests/CMakeLists.txt | 20 ++---- tests/rdc_tests/run_build.sh | 20 ------ 17 files changed, 303 insertions(+), 112 deletions(-) delete mode 100755 DEBIAN/postinst delete mode 100755 RPM/rpm_post create mode 100755 server/include/rdc/rdc_server_utils.h create mode 100755 server/src/rdc_server_utils.cc create mode 100755 src/DEBIAN_postinst.in create mode 100755 src/RPM_rpm_post.in delete mode 100755 tests/rdc_tests/run_build.sh diff --git a/CMakeLists.txt b/CMakeLists.txt index e118177e7f..93a8b9a294 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -28,6 +28,14 @@ cmake_minimum_required(VERSION 3.5.0) set(RSMI_INC_DIR ${ROCM_DIR}/rocm_smi/include) set(RSMI_LIB_DIR ${ROCM_DIR}/rocm_smi/lib) +if (NOT DEFINED RDC_CLIENT_ROOT_PATH) + set(RDC_CLIENT_ROOT_PATH "/opt/rocm/") +endif() + +if (NOT DEFINED RDC_SERVER_ROOT_PATH) + set(RDC_SERVER_ROOT_PATH "/") +endif() + ## Set default module path if(NOT DEFINED CMAKE_MODULE_PATH) set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake_modules/") @@ -36,7 +44,6 @@ endif() include(utils) set(RDC "rdc") -set(RDC_TARGET "${RDC}64") ################# Determine the library version ######################### ## Setup the package version based on git tags. @@ -64,12 +71,12 @@ set(CPACK_PACKAGING_INSTALL_PREFIX "/" CACHE STRING "Default packaging prefix.") set(CPACK_GENERATOR "DEB;RPM" CACHE STRING "Default packaging generators.") -project(${RDC_TARGET}) +project(${RDC}) # Create a configure file to get version info from within library configure_file( - "${PROJECT_SOURCE_DIR}/src/${RDC_TARGET}Config.in" - "${PROJECT_SOURCE_DIR}/include/rdc/${RDC_TARGET}Config.h") + "${PROJECT_SOURCE_DIR}/src/${RDC}64Config.in" + "${PROJECT_SOURCE_DIR}/include/rdc/${RDC}64Config.h") if (NOT DEFINED CPACK_PACKAGE_VENDOR) set(CPACK_PACKAGE_VENDOR "AMD") @@ -115,7 +122,7 @@ foreach(file ${PROTOB_DEF_SRC_FILES}) execute_process(COMMAND protoc --proto_path=${PROTOB_SRC_DIR} --grpc_out=${PROTOB_OUT_DIR} - --plugin=protoc-gen-grpc=${GRPC_PLUGIN} ${file} + --plugin=protoc-gen-grpc=${GRPC_PLUGIN} ${file} WORKING_DIRECTORY ${PROJECT_SOURCE_DIR} RESULT_VARIABLE PROTOB_RESULT OUTPUT_VARIABLE PROTOB_OUT_VAR) @@ -123,25 +130,46 @@ foreach(file ${PROTOB_DEF_SRC_FILES}) endforeach() +# define all the install component labels to install +set(SERVER_CTRL_COMPONENT "server_ctrl") +set(SERVER_BIN_COMPONENT "server_bin") +set(CLIENT_LIB_COMPONENT "client_lib") +set(CLIENT_HEADER_COMPONENT "client_header") +set(GTEST_COMPONENT "rdc_gtest") +set(EXAMPLE_COMPONENT "rdc_example") + add_subdirectory("server") add_subdirectory("client") -add_subdirectory("tests/example") -add_subdirectory("tests/rdc_tests") + +# Turn on cmake "component install" +set(CPACK_ARCHIVE_COMPONENT_INSTALL ON) +set(CPACK_COMPONENTS_ALL ${SERVER_CTRL_COMPONENT} + ${SERVER_BIN_COMPONENT} ${CLIENT_LIB_COMPONENT} ${CLIENT_HEADER_COMPONENT}) + + +configure_file( + "${PROJECT_SOURCE_DIR}/src/DEBIAN_postinst.in" + "${PROJECT_SOURCE_DIR}/DEBIAN/postinst") +configure_file( + "${PROJECT_SOURCE_DIR}/src/RPM_rpm_post.in" + "${PROJECT_SOURCE_DIR}/RPM/rpm_post") + + # TODO set(CPACK_DEBIAN_PACKAGE_HOMEPAGE ) set(CPACK_DEBIAN_PACKAGE_CONTROL_EXTRA "${CMAKE_CURRENT_SOURCE_DIR}/DEBIAN/postinst; - ${CMAKE_CURRENT_SOURCE_DIR}/DEBIAN/prerm") -set (CPACK_DEBIAN_PACKAGE_NAME ${RDC_PACKAGE}) -set (CPACK_DEBIAN_PACKAGE_VERSION ${PKG_VERSION_STR}) + ${CMAKE_CURRENT_SOURCE_DIR}/DEBIAN/prerm") +set(CPACK_DEBIAN_PACKAGE_NAME ${RDC_PACKAGE}) +set(CPACK_DEBIAN_PACKAGE_VERSION ${PKG_VERSION_STR}) # RPM package specific variables set(CPACK_RPM_PRE_INSTALL_SCRIPT_FILE - "${CMAKE_CURRENT_SOURCE_DIR}/RPM/rpm_post") + "${CMAKE_CURRENT_SOURCE_DIR}/RPM/rpm_post") set(CPACK_RPM_POST_UNINSTALL_SCRIPT_FILE - "${CMAKE_CURRENT_SOURCE_DIR}/RPM/rpm_postun") -set (CPACK_RPM_PACKAGE_NAME ${RDC_PACKAGE}) -set (CPACK_RPM_PACKAGE_VERSION ${PKG_VERSION_STR}) + "${CMAKE_CURRENT_SOURCE_DIR}/RPM/rpm_postun") +set(CPACK_RPM_PACKAGE_NAME ${RDC_PACKAGE}) +set(CPACK_RPM_PACKAGE_VERSION ${PKG_VERSION_STR}) # Generate Doxygen documentation find_package(Doxygen) @@ -158,3 +186,4 @@ endif(DOXYGEN_FOUND) ## Add the packaging directives include (CPack) + diff --git a/DEBIAN/control b/DEBIAN/control index 9b5ef4e5d6..df1ab8796c 100644 --- a/DEBIAN/control +++ b/DEBIAN/control @@ -1,9 +1,9 @@ -Package: rocm_smi_lib +Package: rdc Architecture: amd64 Maintainer: Advanced Micro Devices Inc. Priority: optional Version: MODULE_VERSION -Depends: -Homepage: https://github.com/RadeonOpenCompute/rocm_smi_lib -Description: System Management Interface Library for ROCm +Depends: +Homepage: +Description: Radeon Data Center (RDC) Tools diff --git a/DEBIAN/postinst b/DEBIAN/postinst deleted file mode 100755 index 011d291974..0000000000 --- a/DEBIAN/postinst +++ /dev/null @@ -1,19 +0,0 @@ -#/bin/bash - -set -e - -do_ldconfig() { - echo /opt/rocm/rocm_smi/lib > /etc/ld.so.conf.d/x86_64-librocm_smi_lib.conf && ldconfig -} - -case "$1" in - configure) - do_ldconfig - ;; - abort-upgrade|abort-remove|abort-deconfigure) - echo "$1" - ;; - *) - exit 0 - ;; -esac diff --git a/DEBIAN/prerm b/DEBIAN/prerm index 9b38307ae0..66d0a0b601 100755 --- a/DEBIAN/prerm +++ b/DEBIAN/prerm @@ -3,7 +3,7 @@ set -e rm_ldconfig() { - rm -f /etc/ld.so.conf.d/x86_64-librocm_smi_lib.conf && ldconfig + rm -f /etc/ld.so.conf.d/x86_64-librdc_client.conf && ldconfig } case "$1" in diff --git a/RPM/rpm_post b/RPM/rpm_post deleted file mode 100755 index 4045596578..0000000000 --- a/RPM/rpm_post +++ /dev/null @@ -1,2 +0,0 @@ -echo -e "/opt/rocm/rocm_smi/lib\n/opt/rocm/rocm_smi/lib64" > /etc/ld.so.conf.d/x86_64-librocm_smi_lib.conf && ldconfig - diff --git a/RPM/rpm_postun b/RPM/rpm_postun index 80a0da7b5d..3622b8b74a 100755 --- a/RPM/rpm_postun +++ b/RPM/rpm_postun @@ -1,3 +1,3 @@ if [ $1 -eq 0 ]; then - rm -f /etc/ld.so.conf.d/x86_64-librocm_smi_lib.conf && ldconfig + rm -f /etc/ld.so.conf.d/x86_64-librdc_client.conf && ldconfig fi diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt index 44db3b46ca..4dc0612585 100755 --- a/client/CMakeLists.txt +++ b/client/CMakeLists.txt @@ -88,10 +88,10 @@ message("SOVERSION: ${SO_VERSION_STRING}") ## RDC_lib-dev set(SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR} CACHE STRING "Location of RDC client library source code.") -# set(CMAKE_INSTALL_PREFIX "/opt/rocm" -# CACHE STRING "Default installation directory.") -# set(CPACK_PACKAGING_INSTALL_PREFIX "/opt/rocm" -# CACHE STRING "Default packaging prefix.") +set(CMAKE_INSTALL_PREFIX ${RDC_CLIENT_ROOT_PATH} + CACHE STRING "Default installation directory.") +set(CPACK_PACKAGING_INSTALL_PREFIX ${RDC_CLIENT_ROOT_PATH} + CACHE STRING "Default packaging prefix.") set(CPACK_GENERATOR "DEB;RPM" CACHE STRING "Default packaging generators.") if (NOT DEFINED CPACK_PACKAGE_VENDOR) @@ -159,9 +159,11 @@ endif () ## Add the install directives for the runtime library. install(TARGETS ${CLIENT_LIB} - LIBRARY DESTINATION opt/rocm/rdc/lib COMPONENT ${CLIENT_LIB_COMPONENT}) + LIBRARY DESTINATION ${RDC_CLIENT_ROOT_PATH}${RDC}/lib + COMPONENT ${CLIENT_LIB_COMPONENT}) install(FILES ${SOURCE_DIR}/client/include/rdc/rdc_client.h - DESTINATION opt/rocm/rdc/include/rdc) + DESTINATION ${RDC_CLIENT_ROOT_PATH}${RDC}/include/rdc + COMPONENT ${CLIENT_HEADER_COMPONENT}) message("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&") message(" Finished Cmake Client Lib ") diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt index 221bdfe840..3f64586c9f 100755 --- a/server/CMakeLists.txt +++ b/server/CMakeLists.txt @@ -73,6 +73,7 @@ include_directories(${CMAKE_CURRENT_SOURCE_DIR}/include set(SERVER_SRC_LIST "${SRC_DIR}/rdc_rsmi_service.cc") set(SERVER_SRC_LIST ${SERVER_SRC_LIST} "${SRC_DIR}/rdc_admin_service.cc") set(SERVER_SRC_LIST ${SERVER_SRC_LIST} "${SRC_DIR}/rdc_server_main.cc") +set(SERVER_SRC_LIST ${SERVER_SRC_LIST} "${SRC_DIR}/rdc_server_utils.cc") set(SERVER_SRC_LIST ${SERVER_SRC_LIST} "${PROTOBUF_GENERATED_SRCS}") message("SERVER_SRC_LIST=${SERVER_SRC_LIST}") @@ -85,14 +86,17 @@ add_executable(${SERVER_DAEMON_EXE} "${SERVER_SRC_LIST}") # target_include_directories(${SERVER_DAEMON_EXE} PUBLIC ${RSMI_INC_DIR}) target_link_libraries(${SERVER_DAEMON_EXE} pthread rt grpc grpc++ - grpc++_reflection dl protobuf rocm_smi64) + cap grpc++_reflection dl protobuf rocm_smi64) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${SERVER_DAEMON_EXE} - PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ - DESTINATION usr/sbin) + PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE GROUP_READ + GROUP_EXECUTE WORLD_READ WORLD_EXECUTE + DESTINATION ${RDC_SERVER_ROOT_PATH}usr/sbin + COMPONENT ${SERVER_BIN_COMPONENT}) install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/${SERVICE_FILE_NAME} - DESTINATION lib/systemd/system) + DESTINATION ${RDC_SERVER_ROOT_PATH}lib/systemd/system + COMPONENT ${SERVER_CTRL_COMPONENT}) -message("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&") -message(" Finished Cmake Server ") -message("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&") +message("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&") +message(" Finished Cmake Server ") +message("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&") diff --git a/server/include/rdc/rdc_server_utils.h b/server/include/rdc/rdc_server_utils.h new file mode 100755 index 0000000000..705e96d1af --- /dev/null +++ b/server/include/rdc/rdc_server_utils.h @@ -0,0 +1,30 @@ +/* +Copyright (c) 2020 - present Advanced Micro Devices, Inc. All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. +*/ +#ifndef SERVER_INCLUDE_RDC_RDC_SERVER_UTILS_H_ +#define SERVER_INCLUDE_RDC_RDC_SERVER_UTILS_H_ + +#include + +int GetCapability(cap_value_t cap, cap_flag_t cap_type, bool *enabled); +int ModifyCapability(cap_value_t cap, cap_flag_t cap_type, bool enable); + +#endif // SERVER_INCLUDE_RDC_RDC_SERVER_UTILS_H_ \ No newline at end of file diff --git a/server/rdc.service b/server/rdc.service index 713f8d10c8..7e6fb8890f 100755 --- a/server/rdc.service +++ b/server/rdc.service @@ -13,8 +13,14 @@ After=network.target #Requires= [Service] +User=rdc +Group=rdc + Type=simple +CapabilityBoundingSet=CAP_DAC_OVERRIDE +AmbientCapabilities=CAP_DAC_OVERRIDE + # If we need to start anything before rdcd, use this # ExecStartPre= @@ -33,5 +39,8 @@ ExecStop=/bin/kill -15 $MAINPID #ExecStartPost= #ExecStopPost= +# StandardOutput=journal +# StandardError=inherit + [Install] WantedBy= multi-user.target diff --git a/server/src/rdc_admin_service.cc b/server/src/rdc_admin_service.cc index 30b3d2020e..5c6fb23372 100755 --- a/server/src/rdc_admin_service.cc +++ b/server/src/rdc_admin_service.cc @@ -51,5 +51,5 @@ RDCAdminServiceImpl::VerifyConnection(::grpc::ServerContext* context, return ::grpc::Status::OK; } -} // rdc -} // amd +} // namespace rdc +} // namespace amd diff --git a/server/src/rdc_server_main.cc b/server/src/rdc_server_main.cc index 0a5b95143b..398fe5e2f9 100755 --- a/server/src/rdc_server_main.cc +++ b/server/src/rdc_server_main.cc @@ -28,6 +28,7 @@ THE SOFTWARE. #include #include #include +#include #include #include @@ -38,6 +39,7 @@ THE SOFTWARE. #include "rocm_smi/rocm_smi.h" #include "rdc/rdc_server_main.h" #include "rdc/rdc_rsmi_service.h" +#include "rdc/rdc_server_utils.h" static bool sShutDownServer = false; static bool sRestartServer = false; @@ -88,13 +90,13 @@ RDCServer::Run() { // std::unique_ptr<::grpc::Server> server(builder.BuildAndStart()); server_ = builder.BuildAndStart(); - std::cerr << "Server listening on " << server_address_.c_str() << std::endl; + std::cout << "Server listening on " << server_address_.c_str() << std::endl; server_->Wait(); } static void HandleSignal(int sig) { - std::cerr << "Caught signal " << sig << std::endl; + std::cout << "Caught signal " << sig << std::endl; // For most signals, we will want to exit, so make that the default case // Handle the other signals specifically. @@ -142,13 +144,13 @@ static void * ProcessSignalLoop(void *server_ptr) { while (1) { if (sShutDownServer) { - std::cerr << "Shutting down RDC Server." << std::endl; + std::cout << "Shutting down RDC Server." << std::endl; server->ShutDown(); // We will need to add shutdown of any completion queues // here, when/if we add them break; } else if (sRestartServer) { - std::cerr << "Re-starting RDC Server." << std::endl; + std::cout << "Re-starting RDC Server." << std::endl; // We will need to add shutdown of any completion queues // here, when/if we add them server->ShutDown(); @@ -184,7 +186,7 @@ static void ExitIfAlreadyRunning(void) { static void MakeDaemon() { - int fd0, fd1, fd2; + int fd0; struct rlimit max_files; // RSMI, for one thing, will need to be able to read/write files @@ -230,21 +232,15 @@ MakeDaemon() { if (max_files.rlim_max > 1024) { max_files.rlim_max = 1024; } - for (uint32_t i = 0; i < max_files.rlim_max; i++) { + close(0); // close stdin; leave stdout and stderr open + for (uint32_t i = 3; i < max_files.rlim_max; i++) { close(i); } - // Direct stdin, stdout, stdout to /dev/null. - + // Direct stdin to /dev/null. fd0 = open("/dev/null", O_RDWR); - fd1 = dup(0); - fd2 = dup(0); - - // Set up log file - // openlog(kDaemonName, LOG_CONS|LOG_PID, LOG_DAEMON); - if (fd0 != 0 || fd1 != 1 || fd2 != 2) { - std::cerr << "unexpected fildes: " << fd0 << " " << fd1 << - " " << fd2 << std::endl; + if (fd0 != 0) { + std::cerr << "unexpected fildes: " << fd0 << std::endl; exit(1); } @@ -255,6 +251,7 @@ MakeDaemon() { int main(int argc, char** argv) { RDCServer rdc_server; + int err; (void)argc; // Ignore for now (void)argv; @@ -263,6 +260,49 @@ int main(int argc, char** argv) { rdc_server.Initialize(); + bool cap_enabled; + + err = GetCapability(CAP_DAC_OVERRIDE, CAP_EFFECTIVE, &cap_enabled); + if (err) { + std::cerr << "Failed to get capability" << std::endl; + return 1; + } + if (!cap_enabled) { + std::cerr << + "Expected CAP_DAC_OVERRIDE CAP_EFFECTIVE to be enabled, but it not." << + std::endl; + return 1; + } + + err = GetCapability(CAP_DAC_OVERRIDE, CAP_PERMITTED, &cap_enabled); + if (err) { + std::cerr << "Failed to get capability" << std::endl; + return 1; + } + if (!cap_enabled) { + std::cerr << + "Expected CAP_DAC_OVERRIDE CAP_PERMITTED to be enabled, but it not." << + std::endl; + return 1; + } + + // Don't allow rwx access to all files to ever be inheritable. We may need + // relax this restriction if some new feature requires it. + err = ModifyCapability(CAP_DAC_OVERRIDE, CAP_INHERITABLE, false); + if (err) { + std::cerr << "Failed to disable CAP_DAC_OVERRIDE, CAP_INHERITABLE" << + std::endl; + return 1; + } + + // By default, disable CAP_DAC_OVERRIDE. Turn on, when needed. + err = ModifyCapability(CAP_DAC_OVERRIDE, CAP_EFFECTIVE, false); + if (err) { + std::cerr << "Failed to disable CAP_DAC_OVERRIDE, CAP_EFFECTIVE" << + std::endl; + return 1; + } + // Create a thread to handle signals to shutdown gracefully pthread_t sig_listen_thread; int thr_ret = pthread_create(&sig_listen_thread, NULL, @@ -272,7 +312,6 @@ int main(int argc, char** argv) { std::cerr << "Failed to create ProcessSignalLoop. pthread_create() returned " << thr_ret; - return 1; } @@ -280,13 +319,10 @@ int main(int argc, char** argv) { rdc_server.set_start_rsmi_service(true); rdc_server.set_start_rdc_admin_service(true); - // rdc_server.set_secure_communications(false); - // rdc_server.set_address("0.0.0.0:50051") - rdc_server.Run(); if (sShutDownServer) { - std::cerr << "RDC server successfully shut down." << std::endl; + std::cout << "RDC server successfully shut down." << std::endl; return 0; } else { std::cerr << "RDC server failed to start." << std::endl; diff --git a/server/src/rdc_server_utils.cc b/server/src/rdc_server_utils.cc new file mode 100755 index 0000000000..42ba50dac9 --- /dev/null +++ b/server/src/rdc_server_utils.cc @@ -0,0 +1,89 @@ +/* +Copyright (c) 2020 - present Advanced Micro Devices, Inc. All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. +*/ + +#include +#include +#include + +int GetCapability(cap_value_t cap, cap_flag_t cap_type, bool *enabled) { + cap_t caps; + + assert(enabled != nullptr); + + if (enabled == nullptr) { + return -1; + } + + // Get process's current capabilities + caps = cap_get_proc(); + if (caps == nullptr) { + return errno; + } + + cap_flag_value_t val; + + if (cap_get_flag(caps, cap, cap_type, &val) == -1) { + int ret = errno; + cap_free(caps); + return ret; + } + + if (cap_free(caps) == -1) { + return errno; + } + + *enabled = (val == CAP_SET ? true : false); + + return 0; +} + +// !enable means disable; +int ModifyCapability(cap_value_t cap, cap_flag_t cap_type, bool enable) { + cap_t caps; + cap_value_t cap_list[1]; + + // Get process's current capabilities + caps = cap_get_proc(); + if (caps == nullptr) { + return errno; + } + + // the 1 in the call below is the size of the cap_list array + cap_list[0] = cap; + if (cap_set_flag(caps, cap_type, 1, cap_list, enable ? CAP_SET : CAP_CLEAR) + == -1) { + int ret = errno; + cap_free(caps); + return ret; + } + + if (cap_set_proc(caps) == -1) { + int ret = errno; + cap_free(caps); + return ret; + } + + if (cap_free(caps) == -1) { + return errno; + } + return 0; +} diff --git a/src/DEBIAN_postinst.in b/src/DEBIAN_postinst.in new file mode 100755 index 0000000000..b3d6ea3d72 --- /dev/null +++ b/src/DEBIAN_postinst.in @@ -0,0 +1,33 @@ +#/bin/bash + +RDC_LIB_DIR=@RDC_CLIENT_ROOT_PATH@rdc/lib + +# This will return 0 if an id is created and non-zero if +# it already exists +do_create_rdc_user() { + useradd -r -s /bin/nologin rdc +} + +# librdc_client.so +do_ldconfig() { + echo $RDC_LIB_DIR > /etc/ld.so.conf.d/x86_64-librdc_client.conf && ldconfig + + do_create_rdc_user + + # Make sure this doesn't return non-zero if an id already exists + return 0 +} + +case "$1" in + configure) + do_ldconfig + exit 0 + ;; + abort-upgrade|abort-remove|abort-deconfigure) + echo "$1" + ;; + *) + exit 0 + ;; +esac + diff --git a/src/RPM_rpm_post.in b/src/RPM_rpm_post.in new file mode 100755 index 0000000000..75afa1bf35 --- /dev/null +++ b/src/RPM_rpm_post.in @@ -0,0 +1,10 @@ +#!/bin/bash + +RDC_LIB_DIR=@RDC_CLIENT_ROOT_PATH@/rdc/lib +do_create_rdc_user() { + useradd -r -s /bin/nologin rdc +} + +do_create_rpc_user +echo -e "${RDC_LIB_DIR}\n${RDC_LIB_DIR}64" > /etc/ld.so.conf.d/x86_64-librdc_client.conf && ldconfig + diff --git a/tests/rdc_tests/CMakeLists.txt b/tests/rdc_tests/CMakeLists.txt index 7601156cd0..8238671a0f 100755 --- a/tests/rdc_tests/CMakeLists.txt +++ b/tests/rdc_tests/CMakeLists.txt @@ -24,11 +24,8 @@ cmake_minimum_required(VERSION 3.5.0) # 2) Cd into build folder # 3) Run "cmake .." # 4) Run "make" -# - # # Currently support for Windows platform is not present -# ############################# # COMMON AREA @@ -45,7 +42,7 @@ endif() # Required Defines first: set(RDC_INC_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../../client/include) -set(RDC_LIB_DIR ${CMAKE_CURRENT_SOURCE_DIR}/../../rdc/lib) +set(RDC_LIB_DIR ${RDC_BUILD_DIR}/client) set(RSMI_INC_DIR ${ROCM_DIR}/rocm_smi/include) @@ -123,7 +120,6 @@ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wextra") if(ISDEBUG) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -ggdb -O0") endif() -MESSAGE("ISDEBUG STEP:Done") set(RDCTST_ROOT ${CMAKE_CURRENT_SOURCE_DIR}) @@ -137,8 +133,8 @@ set(GOOGLE_TEST_FRWK_NAME "gtest") add_subdirectory(${RDCTST_ROOT}/gtest "${PROJECT_BINARY_DIR}/gtest") set (RDCTST_LIBS ${RDCTST_LIBS} ${GOOGLE_TEST_FRWK_NAME}) -# -# +set(RDCTST_LIBS ${RDCTST_LIBS} ${GOOGLE_TEST_FRWK_NAME}) + # Other source directories aux_source_directory(${RDCTST_ROOT}/functional functionalSources) @@ -146,7 +142,7 @@ aux_source_directory(${RDCTST_ROOT}/functional functionalSources) # Specify the directory containing various libraries of ROCR # to be linked against for building ROC Perf applications # -LINK_DIRECTORIES(${RDC_LIB_DIR}) +link_directories(${RDC_LIB_DIR}) # # Source files for building rocrtst # @@ -156,16 +152,10 @@ aux_source_directory(${RDCTST_ROOT} rdctstSources) add_executable(${RDCTST} ${rdctstSources} ${functionalSources}) # Header file include path -target_include_directories(${RDCTST} PRIVATE ${RDC_INC_DIR} +target_include_directories(${RDCTST} PRIVATE ${RDC_INC_DIR} PRIVATE ${RSMI_INC_DIR} PRIVATE ${RDCTST_ROOT}/.. PRIVATE ${RDCTST_ROOT}/gtest/include) - target_link_libraries(${RDCTST} ${RDCTST_LIBS} c stdc++ pthread) -install(TARGETS ${RDCTST} - ARCHIVE DESTINATION ${PROJECT_BINARY_DIR}/lib - LIBRARY DESTINATION ${PROJECT_BINARY_DIR}/lib - RUNTIME DESTINATION ${PROJECT_BINARY_DIR}/bin) - diff --git a/tests/rdc_tests/run_build.sh b/tests/rdc_tests/run_build.sh deleted file mode 100755 index 158b0f377d..0000000000 --- a/tests/rdc_tests/run_build.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - - - -# these are required: -#ROCM_DIR=/home/cfreehil/github/rocm_smi_lib/build -#ROCM_DIR=/opt/rocm -ROCM_DIR=/opt/rocm -mkdir -p build -cd build - -cmake -DRDCTST_BLD_TYPE=$RDCTST_BLD_TYPE \ - -DROCM_DIR=$ROCM_DIR \ - -DROCRTST_BLD_TYPE="Debug" \ - .. - -echo "Executing \"make\"..." -make - -cd ..