Skip to content

nvproxy: don't pass privileged driver caps to nvidia-container-cli#13380

Open
copybara-service[bot] wants to merge 1 commit into
masterfrom
test/cl927404806
Open

nvproxy: don't pass privileged driver caps to nvidia-container-cli#13380
copybara-service[bot] wants to merge 1 commit into
masterfrom
test/cl927404806

Conversation

@copybara-service
Copy link
Copy Markdown

@copybara-service copybara-service Bot commented Jun 5, 2026

nvproxy: don't pass privileged driver caps to nvidia-container-cli

Setting NVIDIA_DRIVER_CAPABILITIES=all with any of the gvisor "privileged" driver capabilities, for example
--nvproxy-allowed-driver-capabilities=all,profiling crashed runsc on startup (exit status 2):

NVIDIAFlags() panicked on CapProfiling, which has no nvidia-container-cli flag

This changes how those flags are parsed by changing NVIDIAFlags() so that "privileged" capabilities (CapProfiling, CapFabricIMEXManagement) are skipped when parsing instead of panicking. I'm also adding a regression test.

FUTURE_COPYBARA_INTEGRATE_REVIEW=#13377 from luiscape:luis/nvidia-driver-capability-bug 27ea194

@luiscape @gvisor-bot
nvproxy: don't pass privileged driver caps to nvidia-container-cli
0b89404 
Setting `NVIDIA_DRIVER_CAPABILITIES=all` with any of the gvisor "privileged" driver capabilities, for example
`--nvproxy-allowed-driver-capabilities=all,profiling` crashed `runsc` on startup (exit status 2):

```
NVIDIAFlags() panicked on CapProfiling, which has no nvidia-container-cli flag
```

This changes how those flags are parsed by changing `NVIDIAFlags()` so that "privileged" capabilities (`CapProfiling`, `CapFabricIMEXManagement`) are skipped when parsing instead of panicking. I'm also adding a regression test.

FUTURE_COPYBARA_INTEGRATE_REVIEW=#13377 from luiscape:luis/nvidia-driver-capability-bug 27ea194
PiperOrigin-RevId: 927404806
@copybara-service copybara-service Bot added the exported Issue was exported automatically label Jun 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

exported Issue was exported automatically

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@luiscape