Cannot blacklist all but one gpu
allanlaal opened this issue · comments
Description
I have 4 gpus. I wanna use the memory of one of them for firefox.
firejail still allows access to GPUs I've blacklisted
Steps to Reproduce
- fill up your pc with gpus
- run xorg
- run any X11 desktop
- run
firejail --blacklist=/sys/module/amdgpu/ --blacklist=/dev/nvidia0 firefox
Expected behavior
amdgpu and the nvidia0 card is not visible to firefox
Actual behavior
firefox sees all 4 of my gpus and chooses the amdgpu, thats running Xorg
Behavior without a profile
nothing changed
Additional context
the list of GPUs firefox discovers is PCI candidate
since firefox's code is still in the era of "no one needs more than 1 gpu", there is no way to set the gpu
it also ignores any combination of these env vars:
CUDA_VISIBLE_DEVICES=1 __VK_LAYER_NV_optimus=NVIDIA_only __NV_PRIME_RENDER_OFFLOAD=1 __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G1 __GLX_VENDOR_LIBRARY_NAME=nvidia DRI_PRIME="pci-0000_61_00_0!" PrefersNonDefaultGPU=true MOZ_WAYLAND_DRM_DEVICE=/dev/dri/by-path/pci-0000:61:00.0-render PRIMUS_VERBOSE=2 firejail --blacklist=/sys/module/amdgpu/ --blacklist=/dev/nvidia0 --noprofile firefox
gpu processing offloading works fine
Environment
- Ubuntu 23.10 Mate desktop 1.26
- Firejail version: 0.9.72
Checklist
- [not sure] The issues is caused by firejail (i.e. running the program by path (e.g.
/usr/bin/vlc
) "fixes" it). - I can reproduce the issue without custom modifications (e.g. globals.local).
- The program has a profile. (If not, request one in
https://github.com/netblue30/firejail/issues/1139
) - The profile (and redirect profile if exists) hasn't already been fixed upstream.
- I have performed a short search for similar issues (to avoid opening a duplicate).
- I'm aware of
browser-allow-drm yes
/browser-disable-u2f no
infirejail.config
to allow DRM/U2F in browsers.
- I'm aware of
- I used
--profile=PROFILENAME
to set the right profile. (Only relevant for AppImages)
Log
log
2024-01-07 04:14:26 allan@S5:~$ firejail --blacklist=/sys/module/amdgpu/ --blacklist=/dev/nvidia0 firefox
Reading profile /etc/firejail/firefox.profile
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Reading profile /etc/firejail/firefox-common.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-proc.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-run-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Warning: networking feature is disabled in Firejail configuration file
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Parent pid 3003657, child pid 3003661
Warning: not remounting /var/lib/docker/overlay2/355faacadd130ed0ef2ff243bd8cf3c23abcac7d61abc8d85a4c43b219e36366/merged
Warning: not remounting /var/lib/docker/overlay2/355faacadd130ed0ef2ff243bd8cf3c23abcac7d61abc8d85a4c43b219e36366/merged
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: NVIDIA card detected, nogroups command ignored
Warning: NVIDIA card detected, nogroups command ignored
Warning: NVIDIA card detected, nogroups command ignored
Warning: NVIDIA card detected, nogroups command ignored
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Warning: NVIDIA card detected, nogroups command ignored
Warning: NVIDIA card detected, nogroups command ignored
Warning: Replacing profile instead of stacking it. It is a legacy behavior that can result in relaxation of the protection. It is here as a temporary measure to unbreak the software that has been broken by switching to the stacking behavior.
Child process initialized in 786.96 ms
** (process:3003658): WARNING **: 04:20:37.839: Error writing credentials to socket: Error sending message: Broken pipe
[GFX1-]: glxtest: ManageChildProcess failed
[GFX1-]: glxtest: libEGL initialize failed
[GFX1-]: glxtest: X error, error_code=2, request_code=152, minor_code=3
[GFX1-]: More than 1 GPU vendor detected via PCI, cannot deduce vendor
[GFX1-]: PCI candidate 0x10de/0x2182
[GFX1-]: PCI candidate 0x10de/0x2204
[GFX1-]: PCI candidate 0x1002/0x67df
[GFX1-]: PCI candidate 0x1a03/0x2000
I have 4 gpus. I wanna use the memory of one of them for firefox.
firejail still allows access to GPUs I've blacklisted
firejail --blacklist=/sys/module/amdgpu/ --blacklist=/dev/nvidia0 firefox
Programs usually do not access kernel modules directly (and firejail already
blacklists /sys/module by default anyway), so the first blacklist is unlikely
to do anything.
I don't know about nvidia, but AMD cards are usually in /dev/dri.
Does it work if you blacklist paths in /dev/dri?