Boinc not detecting GPU when started via systemd

Posted on 5. December 2023

So #boinc didn’t show my GPU on #Fedora #Linux when started via #systemd. I have an #AMDGPU and all the #OpenCL (#ROCr / #ROCM) stuff installed. It only listed the iGPU by Intel on startup:

[---] OpenCL: Intel GPU 0: Intel(R) UHD Graphics 630 (driver version 23.35.27191.9, device version OpenCL 3.0 NEO, 25561MB, 2556>
[---] libc:  version 2.37

This works however fine when I run boinc manually as user (or clinfo for the matter), and not via systemctl start boinc-client, so I guessed it’s some permission issue. journalctl had the context I was looking for and threw this in the middle of the boinc-client startup:

audit[305157]: AVC avc:  denied  { read write } for  pid=305157 comm="boinc" name="kfd" dev="devtmpfs" ino=532 scontext=system_u:system_r:boinc_t:s0 tcontext=system_u:object_r:hsa_device_t:s0 tclass=chr_file permissive=0

This is SELinux’s charming way of telling me that it blocked read and write access to /dev/kfd (the main compute interface shared by all GPUs, according to the ROCm manual) for the boinc process. Nice. So what most users do now is grumble and disable SELinux, which is kinda a bad idea. The more advanced user does this and calls it a day:

sudo ausearch -c 'boinc' --raw | audit2allow -M boinc
sudo semodule -i boinc.pp

This basically prepares an override policy based on any rejected boinc activity that looks in my case like this:

module boinc 1.0;

require {
	type hsa_device_t;
	type random_device_t;
	type boinc_t;
	class chr_file { ioctl map open read write };
}

#============= boinc_t ==============
allow boinc_t hsa_device_t:chr_file { ioctl map open read write };
allow boinc_t random_device_t:chr_file write;

Not today though. It left me befuddled with the following output:

libsemanage.semanage_direct_install_info: Overriding boinc module at lower priority 100 with module at priority 400.
Failed to resolve typeattributeset statement at /var/lib/selinux/targeted/tmp/modules/400/boinc/cil:3
Failed to resolve AST
semodule:  Failed!

…and I have no idea why. I also found nothing on Google Search. So to not be DenverCoder9 (https://xkcd.com/979/) in the future here is what I found out so far:

sudo cat /var/lib/selinux/targeted/tmp/modules/400/boinc/cil | bunzip2 
(typeattributeset cil_gen_require hsa_device_t)
(typeattributeset cil_gen_require random_device_t)
(typeattributeset cil_gen_require boinc_t)
(allow boinc_t hsa_device_t (chr_file (ioctl map open read write)))
(allow boinc_t random_device_t (chr_file (write)))

Apparently it can’t resolve the required typeattributeset boinc_t – which is kinda odd as it exists (see sudo semodule -X 100 --cil -E boinc and the resulting cil file). Frankly this is where SELinux lost me too. I found the man page for boinc_selinux, which is not really known on my Fedora system here, so I may be missing something. It suggests to enable permissive mode for boinc_t (instead of dropping SELinux altogether):

Note: semanage permissive -a boinc_t

can be used to make the process type boinc_t permissive. Permissive process types are not denied access by SELinux. AVC messages will still be generated.
https://linux.die.net/man/8/boinc_selinux

And sure enough on the next restart my AMD GPU became available:

[---] OpenCL: AMD/ATI GPU 0: AMD Radeon RX 6700 XT (driver version 3558.0 (HSA1.1,LC), device version OpenCL 2.0, 12272MB, 12272>
[---] OpenCL: Intel GPU 0: Intel(R) UHD Graphics 630 (driver version 23.35.27191.9, device version OpenCL 3.0 NEO, 25561MB, 2556>
[---] libc:  version 2.37

Happy numbers crunching. Mebbe some fix for SELinux crosses my path in the future so I can update this with the proper solution.

It’s that time of the year again. It’s _cold_ outside and I sit at my PC anyway so let’s crunch some numbers to heat up the place:

> Dez 04 11:31:35 morpheus boinc[20347]: 04-Dec-2023 11:31:35 [World Community Grid] Requesting new tasks for CPU
> Dez 04 11:31:37 morpheus boinc[20347]: 04-Dec-2023 11:31:37 [World Community Grid] Scheduler request failed: HTTP service unavailable

Or not. AGAIN? FFS, how long has this migration been going?

Feels like nothing changed compared to last year.

* DNS works: dig +short scheduler.worldcommunitygrid.org > 199.241.167.118
* HTTP works: curl https://scheduler.worldcommunitygrid.org/boinc/wcg_cgi/fcgi
* The WCG server? Not so much:

<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>

Guess I have to look for another project. My patience run dry like the task list.

USB Hotel

USB hotel almost completely occupied. Something something nature is healing.

Image: A cardboard box filled with empty toilet paper rolls up-cycled as USB / cable holders.

Ick bin im Radio: https://theradio.cc/blog/2023/11/12/ll275-aufstieg-in-fahrtrichtung-opensource/ bei 1:39:40 🤓

Using waxed cloth instead of plastic

Posted on 13. October 2023

Beko Pharm

Trying to eradicate #plastic waste from the household is hard! I mean beside obvious stuff, like soap instead of shampoo, it’s literally everywhere. I was just introduced to a more unexpected solution by ‘Dimicator’, who’s work I’m following closely for some years now. Roland suggests waxed cloth even in the fridge and not just for #livingHistory or #reenactment – a very #medieval solution:

https://exciting-pioneer-6049.ck.page/posts/historical-crafts-natural-raw-materials

He also helpfully explains how to #DIY waxed cloth: https://www.patreon.com/posts/90314554

No first hand experience on this yet but tbf we’re already _not_ wrapping food in _single use_ plastic anyway. It is intriguing though. I mean people did fine without plastic for food supplies for centuries, no? 🤷

Some sort of #fungi floating in a puddle. This thing does usually not see any light because the photo was taken deep down in an old mine. I have no idea what type of #mushroom that is.

Am I doing #BloomScrolling right?

Tätigkeiten, die mir Freude machen II (kajo76.de)

Ideen umsetzen, was das Blog betrifft – gestern z.B. die Simple Lightbox installiert, da die Meow-Lightbox (warum auch immer 🤔) nicht auf Anhieb funktionierte. Gestern abend dann noch nach CSS-Selektoren geschaut, um die Webmentions und das Webmention-Formular dem Theme anzupassen. Heute morgen zusätzliches CSS ins Theme eingefügt und voilá 😊 Hach 🥹 Endlich wieder! Das […]

Ja das ist so richtig schwer :-/ Jedenfalls viel Erfolg bei der Suche!

Apparently #FreeSpace2 Open got a #VR feature and FekLeyrTarg demos it using #Diaspora 🤔

https://www.youtube.com/watch?v=eHVIjbQQbVM

Pretty rad 👍

#BSG #BattleStarGalactica

Another night in the #EliteDangerous verse 🚀

Made some progress on the HUD (I think I need a name for that). It does provide me with some additional informations depending on what I’m doing. The Route Plan e.g. disappears automatically when the destination is reached (yeah yeah the Jump count is off, will fix that eventually).

Same for scan targets – that also reveal bounties (with rewards in Cr so I know if it’s worth the hassle :D).

Really like where this is going.

🌈🎂

Accept cake.

beko.famkos.net

User Slice of beko

Author Archives: Beko Pharm

Boinc not detecting GPU when started via systemd

Using waxed cloth instead of plastic