I'm trying to read a memory mapped register on a Zynq running linux. I'm using python but I'm pretty sure my issue is system related. Outside of docker I can open /dev/mem and mmap the appropriate segment but when I try and access it using docker-compose I'm getting permission issues. I've added the container user to kmem and I've tried running the container as root. I've run with and without privileged: true I've used volume and device mounts (volumes: "/dev/mem:/dev/mem" and devices: "/dev/mem"),
I'm using O_RDONLY|O_SYNC to open /dev/mem and MAP_SHARED, PROT_READ to mmap it but I always get a permission denied. Even dd if=/dev/mem skip=0x80100000 count=16 gives a permission issue. I'm running containerd as root.
There must be some permission issue I'm missing, any ideas?
look at this :Docker Access to Raspberry Pi GPIO Pins access /dev/mem is same to access gpio sysfs:
Running Docker with the "--privileged" option
Starting a container like this will give the container full access to the host's devices, including /dev/mem:
$ docker run --privileged -d whatever
Check the Docker documentation(https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) on this option. It might not be the best choice depending on how tight your security requirements are.
Only assign /dev/mem device to docker by "--device" option
Rather than exposing all of the host's devices to the container, you can be specific and only expose the /dev/mem device to the container at runtime.
$ docker run --device /dev/mem -d whatever