From 81eabd8de9f4695c3caf796f7d41fcfe1762de10 Mon Sep 17 00:00:00 2001
From: jgoutin <jgoutin@accelize.com>
Date: Fri, 27 Aug 2021 11:13:53 +0200
Subject: [PATCH] Add option to allow others instead of group in udev rules

---
 sdk/README.md                      |  1 +
 sdk/userspace/add_udev_rules.sh    | 32 +++++++++++++++++++++++++++++-
 sdk_setup.sh                       |  1 +
 shared/bin/set_common_env_vars.sh  |  3 ++-
 shared/bin/set_common_functions.sh |  4 ++++
 5 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/sdk/README.md b/sdk/README.md
index b23c3dc4a..c246d831e 100644
--- a/sdk/README.md
+++ b/sdk/README.md
@@ -38,6 +38,7 @@ $ sudo apt-get install build-essential
 
 SDK supports granting access to FPGA resources and AFI management tools to users other than root. The SDK setup will create a group and make all the device resources members of this group. The user will be added to this group. Variables below help control this feature
 * AWS_FPGA_ALLOW_NON_ROOT when set, will turn on the feature.
+* AWS_FPGA_SDK_OTHERS when set, will allow all users to use FPGA, else only the group specified by AWS_FPGA_SDK_GROUP.
 * AWS_FPGA_SDK_GROUP specifies group that will have access to FPGA and AFI tools. The setup will create the group and add user to this group. User must switch or relogin to have this group membership effective. If unspecified, this will default to "fpgauser".
 * AWS_FPGA_SDK_OVERRIDE_GROUP specifies to add user to already existing group specified by AWS_FPGA_SDK_GROUP. If this is unset and AWS_FPGA_SDK_GROUP evaluates to an  existing group, setup will fail.
 
diff --git a/sdk/userspace/add_udev_rules.sh b/sdk/userspace/add_udev_rules.sh
index fb64fc4b4..1ab23524a 100755
--- a/sdk/userspace/add_udev_rules.sh
+++ b/sdk/userspace/add_udev_rules.sh
@@ -19,6 +19,36 @@ set -x
 source /tmp/sdk_root_env.exp
 set +x
 rm -f /tmp/sdk_root_env.exp
+
+mkdir -p /opt/aws/bin
+
+if [[ $AWS_FPGA_SDK_OTHERS ]]; then
+# Allow all users
+
+# Make a script that will be run to change permissions everytime
+# udev rule for the DBDF is matched
+echo "Installing permission fix script for udev"
+cat >/opt/aws/bin/change-fpga-perm.sh<<EF
+#!/bin/bash
+set -x
+setperm () {
+  chmod g=u \$1
+  chmod a=u \$1
+}
+setfpgaperm () {
+  for f in \$1/*; do
+    setperm \$f;
+  done
+}
+
+devicePath=/sys/bus/pci/devices/\$1
+grep -q "0x058000" \$devicePath/class && setfpgaperm "\$devicePath"
+setperm /sys/bus/pci/rescan all
+EF
+
+else
+# Allow group only
+
 echo "Creating group ${AWS_FPGA_SDK_GROUP}"
 getent group ${AWS_FPGA_SDK_GROUP} >/dev/null 2>&1
 if [[ $? -eq 0 ]] ; then
@@ -49,7 +79,6 @@ fi
 
 # Fail on any unsucessful command
 set -e
-mkdir -p /opt/aws/bin
 # Make a script that will be run to change permissions everytime
 # udev rule for the DBDF is matched
 echo "Installing permission fix script for udev"
@@ -76,6 +105,7 @@ devicePath=/sys/bus/pci/devices/\$1
 grep -q "0x058000" \$devicePath/class && setfpgaperm "\$devicePath"
 setperm /sys/bus/pci/rescan all
 EF
+fi
 chmod 544 /opt/aws/bin/change-fpga-perm.sh
 
 DBDFs=`lspci -Dn |  grep -Ew "1d0f:1042|1d0f:1041" | awk '{print $1}' | sed ':x;N;$!bx;s/\n/ /g'`
diff --git a/sdk_setup.sh b/sdk_setup.sh
index 06f2853be..8275a4b24 100644
--- a/sdk_setup.sh
+++ b/sdk_setup.sh
@@ -33,6 +33,7 @@ source $script_dir/shared/bin/set_common_env_vars.sh
 sudo rm -f /tmp/sdk_root_env.exp
 typeset -f allow_non_root > /tmp/sdk_root_env.exp
 echo "export AWS_FPGA_SDK_GROUP=${AWS_FPGA_SDK_GROUP}" >> /tmp/sdk_root_env.exp
+echo "export AWS_FPGA_SDK_OTHERS=${AWS_FPGA_SDK_OTHERS}" >> /tmp/sdk_root_env.exp
 echo "export SDK_NON_ROOT_USER=${SDK_NON_ROOT_USER}" >> /tmp/sdk_root_env.exp
 echo "export AWS_FPGA_SDK_OVERRIDE_GROUP=${AWS_FPGA_SDK_OVERRIDE_GROUP}" >> /tmp/sdk_root_env.exp
 sudo chown root:root /tmp/sdk_root_env.exp
diff --git a/shared/bin/set_common_env_vars.sh b/shared/bin/set_common_env_vars.sh
index 52a078156..93ab8565c 100644
--- a/shared/bin/set_common_env_vars.sh
+++ b/shared/bin/set_common_env_vars.sh
@@ -34,8 +34,9 @@ unset HDK_SHELL_DIR
 unset HDK_SHELL_DESIGN_DIR
 
 export -f allow_non_root
+export -f allow_others
 
-if  allow_non_root  ; then
+if  allow_non_root && allow_others ; then
 	export AWS_FPGA_SDK_GROUP=${AWS_FPGA_SDK_GROUP:-"fpgauser"}
 	export SDK_NON_ROOT_USER=$(whoami)
   info_msg "Allowing group ${AWS_FPGA_SDK_GROUP} access to FPGA management tools and resources"
diff --git a/shared/bin/set_common_functions.sh b/shared/bin/set_common_functions.sh
index a54ddf66c..172c7a24f 100644
--- a/shared/bin/set_common_functions.sh
+++ b/shared/bin/set_common_functions.sh
@@ -308,3 +308,7 @@ function patch_AR73068 {
 function allow_non_root {
        [ ! -z ${AWS_FPGA_ALLOW_NON_ROOT} ]
 }
+
+function allow_others {
+       [ ! -z ${AWS_FPGA_SDK_OTHERS} ]
+}