QEMU seccomp_sandbox prevents local SDL graphic from working
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
qemu (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Trusty |
Fix Committed
|
Medium
|
Unassigned |
Bug Description
SRU Justification:
Impact: cannot use local SDL graphics
Fix: add 3 sysvipc functions to the seccomp whitelist.
Steps to reproduce:
1) Set "seccomp_sandbox = 1" in /etc/libvirt/
2) stop libvirt-bin; start libvirt-bin
3) Define a VM using SDL graphic. Example XML extract:
<graphics type='sdl' display=':0' xauth='
<video>
<model type='vmvga' vram='9216' heads='1'/>
</video>
4) xhost +SI:localgroup:kvm
5) Start the VM
Expected behavior: should display a usable SDL window
Problematic behavior: displays an empty SDL window
Workaround: don't use QEMU's seccomp_sandbox
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libvirt-bin 1.2.2-0ubuntu13
ProcVersionSign
Uname: Linux 3.13.0-73-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.19
Architecture: amd64
CurrentDesktop: Unity
Date: Fri Dec 11 20:39:00 2015
InstallationDate: Installed on 2014-01-26 (684 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Alpha amd64 (20140124)
KernLog:
SourcePackage: libvirt
UpgradeStatus: No upgrade log present (probably fresh install)
modified.
description: | updated |
affects: | libvirt (Ubuntu Trusty) → qemu (Ubuntu Trusty) |
Changed in qemu (Ubuntu Trusty): | |
status: | New → Fix Committed |
Nothing special shows in QEMU's log (attached). It just hangs until I shutdown the VM by closing the black/empty SDL window.