misc: change VFIO group ownership and permissions in vfctl script

This is missing step to allow runing VPP unpriviledged with AVF driver. Type: improvement Change-Id: I37dfad9236691c1a8e2837a5811536170c65d7bc Signed-off-by: Damjan Marion <damarion@cisco.com>
author: Damjan Marion <damarion@cisco.com> 2021-05-12 11:51:08 +0200
committer: Damjan Marion <dmarion@me.com> 2021-05-12 16:53:25 +0000
commit: 742a5039b0c1985ad90a4be6690fe75b6757d177 (patch)
tree: a45cab4aca3942ddca2cd4b078ae1397cf48f3d9
parent: 8b4d474abd62c623502ad9a4a279a9b4535ca0c1 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/extras/scripts/vfctl b/extras/scripts/vfctl
index 9fe6c8b02e7..d3eefa9a565 100755
--- a/extras/scripts/vfctl
+++ b/extras/scripts/vfctl
@@ -96,12 +96,16 @@ function create () {
 	mac_prefix=$(cat ${netdev_path}/address | cut -d: -f1,3,4,5,6 )
 	for vf_path in ${path}/virtfn*; do
 		vf=$(basename $(readlink ${vf_path}))
+		iommu_group=$(basename $(readlink ${vf_path}/iommu_group))
 		vfid=$(basename ${vf_path//virtfn/})
 		mac="${mac_prefix}:$(printf "%02x" ${vfid})"
 		sudo ip link set dev ${netdev} vf ${vfid} mac ${mac}
 		sudo ip link set dev ${netdev} vf ${vfid} trust on
 		sudo ip link set dev ${netdev} vf ${vfid} spoofchk off
 		pci-bind ${vf} vfio-pci
+		sudo chmod g+rw /dev/vfio/${iommu_group}
+		sudo chgrp sudo /dev/vfio/${iommu_group}
+		echo "VFIO group ${iommu_group} group ownership changed to sudo, group permissions changed to rw"
 	done
 
 	[ $(cat ${path}/sriov_numvfs) -gt 0 ] && show_vfs ${path} ${netdev}
author	Damjan Marion <damarion@cisco.com>	2021-05-12 11:51:08 +0200
committer	Damjan Marion <dmarion@me.com>	2021-05-12 16:53:25 +0000
commit	742a5039b0c1985ad90a4be6690fe75b6757d177 (patch)
tree	a45cab4aca3942ddca2cd4b078ae1397cf48f3d9
parent	8b4d474abd62c623502ad9a4a279a9b4535ca0c1 (diff)