meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
vm:proxmox:lxc:devices_access [2023/06/20 19:10] niziakvm:proxmox:lxc:devices_access [2023/06/20 21:19] (current) niziak
Line 39: Line 39:
  
 ====== DRI forward ====== ====== DRI forward ======
 +
  
 Host system (Proxmox): Host system (Proxmox):
  
 +<code bash>
 +$ls -ln /dev/dri
 +
 +crw-rw---- 1 0  44 226,   0 03-26 11:53 card0
 +crw-rw---- 1 0 103 226, 128 03-26 11:53 renderD128
 +</code>
 +
 +In unprivileged PCT GIDs and UIDs are shifted +100000, so if guest wants to access device with GID=44, from host point of view it is accessing it as GID=100044. 
 +So now is needed to do shift GID 44 and GID 103. 
 +Idea is to define ranges of GID mappings to map all other GID to be shifted by +100000:
 +
 +^ Container GID         ^ Host GID          ^  count  ^
 +| 0..43                 | 100000..100043    | 44      | 
 +| 44                    | 44                | 1       |
 +| 45..102               | 100045..100102    | 58      |
 +| 103                   | 103               | 1       |
 +| 104..65535            | 100104..165535    | 65431   |
 +
 +
 +Here is a tool [[https://github.com/ddimick/proxmox-lxc-idmapper|Proxmox unprivileged container/host uid/gid mapping syntax tool]]
 +
 +
 +Allow LXC (running as root) to map GID 44 and 103 to new ones:
 +
 +<file /etc/subgid>
 +root:100000:65536
 +root:44:1
 +root:103:1
 +</file>
 +
 +
 +PCT config file:
 +<file ini /etc/pve/lxc/303.conf>
 +lxc.cgroup2.devices.allow: a
 +lxc.cap.drop:
 +lxc.cgroup2.devices.allow: c 226:0 rwm
 +lxc.cgroup2.devices.allow: c 226:128 rwm
 +lxc.mount.entry: /dev/dri dev/dri none bind,optional,create=dir
 +lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file
 +lxc.mount.entry: /dev/dri/card0 dev/dri/card0 none bind,optional,create=file
 +lxc.idmap: u 0 100000 65536
 +lxc.idmap: g 0 100000 44
 +lxc.idmap: g 44 44 1
 +lxc.idmap: g 45 100045 58
 +lxc.idmap: g 103 103 1
 +lxc.idmap: g 104 100104 65431
 +</file>
  
 Guest system: Guest system:
Line 52: Line 100:
 </code> </code>
  
 +====== TODO - check ======
 +
 +  * [[https://forum.proxmox.com/threads/terramaster-f2-423-proxmox-n5095-igpu-passthrough-issue.123144/#post-536224]]
 +  * [[https://forum.proxmox.com/threads/plex-hw-transcoding-lxc-and-jasper-lake-igpu-passthru.116163/#post-556945]]