modif: private-dev: keep /dev/kfd unless no3d is used (#6380)

Apparently hashcat needs access to this device for hardware acceleration on AMD gpus and `private-dev` currently breaks that (see #6364). It seems to be used by the "amdgpu" and "amdkfd" Linux kernel drivers and as with /dev/dri/renderD128, this file is owned by the "render" group. Relevant udev rules from /usr/lib/udev/rules.d/50-udev-default.rules: SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="render", MODE="0666" SUBSYSTEM=="kfd", GROUP="render", MODE="0666" SUBSYSTEM=="accel", GROUP="render", MODE="0666" Environment: udev 255.6-1 on Artix Linux. Reported-by: @schrotthaufen
author: Kelvin M. Klann <kmk3.code@protonmail.com> 2024-06-15 15:58:33 +0000
committer: GitHub <noreply@github.com> 2024-06-15 15:58:33 +0000
commit: b89ec818926b4bcd3a58bb4e2a67b68a8090ba1c (patch)
tree: 46ea791cc17c2af87adc7c44bf3b0b02b2e04a8e
parent: profiles: claws-mail: note no3d issue with "fancy" plugin (#6383) (diff)
download: firejail-b89ec818926b4bcd3a58bb4e2a67b68a8090ba1c.tar.gz
firejail-b89ec818926b4bcd3a58bb4e2a67b68a8090ba1c.tar.zst
firejail-b89ec818926b4bcd3a58bb4e2a67b68a8090ba1c.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c
index fa88bbe12..e8e486f12 100644
--- a/src/firejail/fs_dev.c
+++ b/src/firejail/fs_dev.c
@@ -52,7 +52,8 @@ typedef struct {
 static DevEntry dev[] = {
        {"/dev/snd", RUN_DEV_DIR "/snd", DEV_SOUND},    // sound device
-        {"/dev/dri", RUN_DEV_DIR "/dri", DEV_3D},               // 3d device
+        {"/dev/dri", RUN_DEV_DIR "/dri", DEV_3D},               // 3d devices
+        {"/dev/kfd", RUN_DEV_DIR "/kfd", DEV_3D},
        {"/dev/nvidia0", RUN_DEV_DIR "/nvidia0", DEV_3D},
        {"/dev/nvidia1", RUN_DEV_DIR "/nvidia1", DEV_3D},
        {"/dev/nvidia2", RUN_DEV_DIR "/nvidia2", DEV_3D},
author	Kelvin M. Klann <kmk3.code@protonmail.com>	2024-06-15 15:58:33 +0000
committer	GitHub <noreply@github.com>	2024-06-15 15:58:33 +0000
commit	b89ec818926b4bcd3a58bb4e2a67b68a8090ba1c (patch)
tree	46ea791cc17c2af87adc7c44bf3b0b02b2e04a8e
parent	profiles: claws-mail: note no3d issue with "fancy" plugin (#6383) (diff)
download	firejail-b89ec818926b4bcd3a58bb4e2a67b68a8090ba1c.tar.gz firejail-b89ec818926b4bcd3a58bb4e2a67b68a8090ba1c.tar.zst firejail-b89ec818926b4bcd3a58bb4e2a67b68a8090ba1c.zip

diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index fa88bbe12..e8e486f12 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c
@@ -52,7 +52,8 @@ typedef struct {
52		52
53	static DevEntry dev[] = {	53	static DevEntry dev[] = {
54	{"/dev/snd", RUN_DEV_DIR "/snd", DEV_SOUND}, // sound device	54	{"/dev/snd", RUN_DEV_DIR "/snd", DEV_SOUND}, // sound device
55	{"/dev/dri", RUN_DEV_DIR "/dri", DEV_3D}, // 3d device	55	{"/dev/dri", RUN_DEV_DIR "/dri", DEV_3D}, // 3d devices
		56	{"/dev/kfd", RUN_DEV_DIR "/kfd", DEV_3D},
56	{"/dev/nvidia0", RUN_DEV_DIR "/nvidia0", DEV_3D},	57	{"/dev/nvidia0", RUN_DEV_DIR "/nvidia0", DEV_3D},
57	{"/dev/nvidia1", RUN_DEV_DIR "/nvidia1", DEV_3D},	58	{"/dev/nvidia1", RUN_DEV_DIR "/nvidia1", DEV_3D},
58	{"/dev/nvidia2", RUN_DEV_DIR "/nvidia2", DEV_3D},	59	{"/dev/nvidia2", RUN_DEV_DIR "/nvidia2", DEV_3D},