Main Menu

Home New EntryUploadArchive RSS Feeds

Categories

AndroidArmBluetoothFatdog64FatdogArmGeneralLinuxOLPCPuppyLinuxXO

Search

By Title By Content

Latest Entries

Fatdog64 901 Final Is ReleasedFatdog64 900 Final is releasedFatdog 900 Beta is releasedFatdog 900 Alpha and Fatdog 814 Simultaneous ReleaseFatdog64 813 is releasedWho fact-checks the fact-checkers?The Pale Blue DotHow to handle bug reportXdialog ported to GTK+ 3The state of FOSS todayIntroducing aloopd - the ALSA Loop Sound Server

Pages

About Me

Share

Reddit This

Links

Fatdog64FatdogArmArticlesPSIPXannotateXscreenshotXarchiverXdialogsvenzarfyhardinfomdviewNextGen Woof-CE

Latest Comments

What an amazing OS this is! (Pt.2)What an amazing OS this is! (Pt.1)Yes, we have Bible study softwareSo do you have Bible study software on Fatdog64?Thank you!RE: All in one bootloader does not work with some Dell UEFI or QemuFixes #1All in one bootloader does not work with some Dell UEFI or QemuNice articleCoincidence?NoList All Comments

Stats

Users Online: 4
Hits: 3698802 (since Feb 2013).

AMD Catalyst driver patch for CONFIG_USER_NS

As hinted in this post, I have been experimenting with LXC for while. It has been a fruitful journey and I ended up with an LXC-version of Fatdog sandbox which enables one to run a sandbox with full privilege separation (unlike the standard sandbox which only uses chroot), which I will write in another day.

Running lxc requires the lxc userspace tools (which is on the sourceforge.net URL above, or here for the bleeding edge), and requires some kernel compile-only options activated. No, unlike OpenVZ or Linux-VServer, you don't need custom kernels --- all that is needed for lxc have been slowly merged into mainline kernel in the last few years, but you do need to enable these features when you built the kernel.

One of the latest feature is user namespace (CONFIG_USER_NS). This feature, in short, enables uid mapping - a "root" (uid 0) in the container can be just a regular user in the host system (e.g. uid 1000). Without this feature, a root is a root is a root - inside and outside the container and it has the same power (unless you shave its capabilities - but again that's another story). This feature was finally merged in Linux 3.8, however it wasn't really working well because a lot of other kernel components were not adjusted for it (mainly filesystems). In Linux 3.9, the situation is a bit better, only XFS can't handle it. With the hard work from the kernel and XFS team, we'd expect that XFS will be fully compatible with user namespace by the time Linux 3.10 is released.

I have been testing with this feature in Linux 3.9, and found out that the AMD Catalyst driver would not compile. That's a BIG problem. My laptop is well supported by the radeon open-source driver, but I regret to say that while radeon probably trumps out in terms of performance, it is not a winner when it comes to power saving department. My laptop runs a full 20 centigrade hotter using the radeon driver compared to the Catalyst driver. AMD definitely needs to do more work on this! (Are you listening, AMD?)

Anyway, the conclusion is that I need that Catalyst driver to work. Just like any reasonable guy, I looked for some patches on Google but I can't find any :(

So I went on to look at the source on my own. Fortunately, it is not too difficult to fix it, and I have created a patch for it (it is a one-line patch, literally). I tested this against Catalyst 12.8 but it should work for later versions too (up to 13.4).

You can get the patch from here.

Enjoy.

Posted on 27 May 2013, 19:45 - Categories: Linux
Edit - Delete

No comments posted yet.

Add Comment

Title
Author
Content Show Smilies
Security Code	1505350
Mascot of Fatdog64
Password (to protect your identity)

All writings are Copyright © James B 2013-2022 and licensed as CC-SA-NC 3.0
All code and code fragments are licensed as GNU GPL 3 or later
Worldmap uses GeoLite database courtesy of MaxMind Inc.
This blog is powered by SJPPLOG

All timestamps are in GMT+10