fstab “ignores” /dev/hugepages

Multiple guides for setting up gaming-focused virtual machines mention hugepages, and for good reason; Hugepages harshly cuts down the amount of cache misses, specifically in the translation lookaside buffer. Simply put, for most of the reasons you’d want a VM with a GPU, hugepages will probably improve performance.

That said, in a lot of examples for setting up hugepages, hugetlbfs is mounted at /dev/hugepages, and an entry for this is added to /etc/fstab. This is fine, right up until a restart. hugetlbfs isn’t mounted at boot, and /dev/hugepages is either not suitable for use as a mount point, or isn’t there at all.

This is because /dev is a rather “special” directory (it’s actually an entirely different filesystem), and udev rebuilds it every time the system starts. The solution is to put the hugetlbfs mountpoint elsewhere, such as /hugepages.

One-Click Resize Videos for Discord using ffmpeg

Share videos by dropping them into Discord, like any other file

If you use Discord, you probably know that you can share photos, just by dragging them into a channel or private message. This actually works for any file. You can attach documents, music, and even videos.

As of about a year ago, some video formats will even be embedded, meaning that the video can be viewed from within Discord, without downloading the file and without opening a browser or external program.

While the upload limit for attachments is 8MB, Discord Nitro users enjoy a much roomier 50MB limit. This limit is very well suited for smaller videos, such as game clips generated by GeForce Experience or Plays.tv. That said, these tools are designed around creating high-quality video while adding minimum stress on the computer during a video game. As a result, the video files that these tools create are abnormally large for their length.  For example, at the “Medium” quality preset, GeForce Experience creates a file 60-80MB in size for a 30 second 1080p clip.

While there are plenty of video transcode tools, like Handbrake, that can handle videos in a batch format, I wanted to have a way to click any relatively short (2 minutes or less) video, and have it instantly transcoded to a format that Discord will embed, in a size that meets the limitations. The idea is to be able upload videos to Discord without having to upload them to a third-party website such as YouTube, especially if the clip is only going to be viewed a few times.

What I wound up with was a Windows “shell command”, that transcodes any video, directly from Windows Explorer. It’s really easy to use! Just right click the video, and click “Transcode for Discord”. Wait roughly 10 seconds and drag the result into Discord.

This how-to will walk you through setting up a similar shell command, using the open source video encoding library ffmpeg.

Continue reading

Fixing League of Legends 8.12 on KVM/QEMU

UPDATE 19 JUNE 2018: Riot has released a statement saying, in part, that a patch released today will allow virtualization with a passed through GPU (IOMMU)

Riot recently rolled out a new “anticheat” that prevents the game from running in a VM. Riot released a statement while the feature was in PBE saying that while they were not specifically out to screw over Linux users (bullshit), they also weren’t going to make any effort to make League compatible with Linux.

As of patch 8.12, anybody playing in a virtual machine will not be able to start the game after champ select; they will only see a “Reconnect” button.

To make matters even worse, players running Windows baremetal without any odd 3rd party software are running into issues, and it seems that their support contractor wasn’t informed about the updated “anticheat”. These players are reporting the symptoms of it preventing the game from starting, and they aren’t putting 2 and 2 together. Not even sending users either of the official posts linked above.

Riot’s waxing poetic about the “complex nature of our protection”… but it literally just checks cpuid. You may also need to set kvm=off if you aren’t already doing so for NVIDIA driver compatibility. My Tweet on the fix:

As an example:

-cpu host,-hypervisor,kvm=off,hv_relaxed,hv_spinlocks=0x1fff,hv_vapic,hv_time

For libvirt, add the following stanza inside <cpu>:

<feature policy='disable' name='hypervisor'/>

Just an aside, I’m looking for a new adventure (you know, a job) in Chicago. If this helped you, and your firm could use someone familiar with Linux and KVM, definitely hit me up; [email protected]

Fixing Slow VirtIO Network Performance in Gentoo Linux

tl;dr: It’s the same as with other distros but with a very small twist

Note: These instructions pertain to Gentoo as the hypervisor. They apply to any OS as the guest.

If you’re finding a virtual machine’s network (over VirtIO/netkvm) being limited to roughly 8mbit/s, the accepted fix is to, in the hypervisor, disable certain offloading options for the bridge interface…

~# ethtool -K br0 tso off gro off

In Gentoo, if you emerge sys-apps/ethtool, and then attempt to turn off those options using the tool, you will be presented with errors.

~# ethtool -K br0 tso off gro off
Cannot get device udp-fragmentation-offload settings: Operation not supported
Cannot get device udp-fragmentation-offload settings: Operation not supported

This is because an older version of ethtool is trying to read information relating to an option that has since been removed from the Kernel. The version of ethtool that Portage will normally install is version 4.8, which was released in late 2016. ethtool has since been patched to remove the deprecated function.

The fix is simple; Instruct Portage to use the latest “testing” version of ethtool, by adding this line to your package keywords:

=sys-apps/ethtool-4.15 ~amd64

Emerge ethtool again, and run the above command again. The shackles will immediately be removed from the guest, no restart required.

Short: Cybersecurity and the Castle Doctrine

This shows up in my Twitter feed

No.

Attribution is already a fucking joke. Don’t believe me? All I gotta say is Sony Pictures.

Now we’re proposing allowing Joe Blow to “investigate” who popped him and authorize him to “hack back” whoever he points at? Just… no.

As for adding networks to the castle doctrine, it’s super important to point out that the castle doctrine usually comes with a responsibility to attempt to deescalate the situation without using deadly force. If you discover someone’s popping you right now, not only is hacking them back probably not gonna stop the attack, but if there’s a similar duty to retreat, you’re never gonna get “authorization” to use… whatever the cybersecurity equivalent of deadly force is… when stopping the attack is almost always gonna be possible by removing affected machines from the Internet, or at least walling off your attacker.

On “cheating” League’s Instant Feedback System

UPDATE 15 JUNE 2018: This whole article was slightly out of date, and will be rewritten and reposted soon. If you really want what was here, email me ([email protected]), but I took it down so nobody accidentally use old information (this is a post from April 2017) and lose their account.

But here’s the gist:

1. The IFS is very similar to an email spam filter, in that it scores language and compares the score of a chat log against a threshold

2. A nonzero number of reports causes this scan to be run. 1 report is as good as 9.

3. There are zero tolerance words that, if found twice in a game, result in an instant ban

4. You can totally fool people into saying them and baiting them into getting banned. It’s really fun.

5. Riot Support is actually VMC Consulting, and they aren’t Rioters. They’re two states away from Rioters.

6. VMC wasn’t happy about this article and one of their staffers left a nastygram from their company computer (lol)

7. Riot Tantram can’t stop drinking while driving and I find that concerning

Seizure-causing Tweet could set dangerous precedent

In which Kurt Eichenwald definitely deserved that seizure.

Don’t worry Kurt, it’s not animated

Epileptic journalist is Anti-Trump
Trump supporter sends journalist a strobe gif

So this is just the Internet on a normal day, right? Nothing special, no high crimes, this is just what your normal, reasonable person expects to happen on the Internet. Everyone knows the Internet has trolls, and trolls are gonna troll, right? Apparently not… A Maryland man was arrested today on a federal criminal complaint charging him with cyberstalking after he, among other things, sent an animated picture of a strobe to Newsweek writer Kurt Eichenwald.

John Rayne Rivello, 29, of Salisbury, Maryland, was arrested in Maryland today on a criminal complaint filed in the Northern District of Texas.  The complaint was unsealed today following his initial appearance in the District of Maryland.

According to the allegations in the affidavit filed with the complaint, on Dec. 15, 2016, the victim, who is known to suffer from epilepsy, received a message via Twitter from Rivello.  The tweet contained an animated strobe image embedded with the statement, “You deserve a seizure for your post.”  Upon viewing the flashing strobe image the victim immediately suffered a seizure.

At first glance, it looks an awful lot like somebody just got arrested, by the feds no less, for sending a flashing picture to somebody on the Internet, and nothing else. In fact, the victim even implied as much when he paraded his “victory” on Twitter…  Continue reading

Thought longer than a Tweet

This is presented with great care taken to not show any political affiliation or opinion on any political issue whatsoever. 

Chromecast shows a news article…

Washington Post (Mobile) – ICE nabs young ‘dreamer’ applicant after she speaks out at a news conference
CNN – DREAMer speaks out on immigration, gets arrested by ICE  

tl;dr: After her parents were arrested by ICE a few weeks prior, a person who was part of the DREAM program, who let her visa lapse, and as such was not “legal”, spoke out at an immigration rally, and was arrested by ICE on the way home.

You can have your political affiliation. Either side. You can have your opinion on whether or not DREAM should exist. Hell, I’m not even that familiar with the program. You can have your opinion on whether or not this person should be deported.

But, if I ever found myself in this person’s situation, in a country illegally, and a target for arrest, speaking out at a rally, of any kind, would not be particularly high on my list of things to do. The fact that it was a rally on immigration is just adding insult to injury.

If you’re a target for arrest, for any reason, be it warrants, immigration status, or you’re still holding a murder weapon, making yourself front and center at a protest is probably not the smartest idea. Especially if it’s about the thing you’re being targeted for.

But why should she go into hiding? It’s not going into hiding. It’s common sense. ICE isn’t going to be crawling your college campus nearly as hard as they’ll be crawling a protest specifically related to immigration.

But free speech! She was not arrested for speaking or for the content of her speech. She was arrested for not being in the country legally. Did speaking at an immigration protest put a spotlight on her? Abso-fucking-lutely. If you’re a target for arrest, try to stay away from podiums.