You skipped a step or two in your podman setup I think. Look up the rootless instructions, and make absolutely sure you have installed the right uid/gid packages for your distro.
You have an EFI bootloader, so your BIOS should be able to detect your Windows partition and just boot it off it’s still in good working order. Go into your BIOS boot menu and see if you can boot to Windows from there as a first test.
Secure your network. Worry less about escalations in your containers. You’re thinking too deeply about what is essentially a rabbit hole with a dead end for the most part, and if you don’t understand why in the first place, you should read more to understand exactly what you’re afraid of.
If you’re thinking that on your personal home network (which should be reasonably secured anyway) that someone will get physical access, then get on your network and start scanning everything, then find the ports you have open on every host, then identify the specific versions of the http servers hosting your software, then run exploits to get past any authentication which should be there, THEN have superhax ready to escalate privileges on the container runtimes so they can run remote executions…that’s all they’ll be able to do unless you have volume mounts allowing access to your stuff everywhere in said containers.
If you live in fear of everything, you’ll get nothing done.
There are still a number of clock sync issues with the Zen4 chips. I’ve had issues on 6.4/5/6 with similar sounding audio/video that I’ve been able to somewhat mitigate by getting my amd_pstate settings to stop competing with other power tuning tools. Turn off EVERYTHING you have running dealing with cpufreq management, and just let the kernel amd_pstate do it’s thing. No TLP, no desktop tuning tools, just the upstate.
Also, double check that your memory frequencies aren’t bouncing all over the place, and consider under locking in the BIOS to exactly match the channel freq for CPU/mem.
Does anyone use this? I’ve yet to find a defining feature list of why anyone should use it aside from cosmetic differences. Does it even have a defining feature set?