Ubuntu
apparmor package

  1. Bug #1895967
  2. Comment #4

Comment 4 for bug 1895967

Revision history for this message
Christian Ehrhardt  (paelzer) wrote : Re: 3.0.0~beta1-0ubuntu1 in Groovy breaks Libvirt/Qemu/KVM

Need to check the init of the bunch in qemuSecurityInit and qemuSecurityNew.
But that happens at daemon start and not later when probing caps.

virQEMUDriverConfigLoadSecurityEntry load this from config and it includes apparmor in both:
/etc/libvirt/qemu.conf:# security_driver = [ "selinux", "apparmor" ]

So the initialization must go wrong in the bad case.

virSecurityManagerNew loooks up the driver via virSecurityDriverLookup(name, virtDriver);
Then it calls virSecurityManagerNewDriver

Already differs here:
bad:
Thread 17 "daemon-init" hit Breakpoint 1, virSecurityManagerNew (name=name@entry=0x0, virtDriver=virtDriver@entry=0x7fffea6ae1b2 "QEMU", flags=flags@entry=10)
    at ../../../src/security/security_manager.c:180
180 ../../../src/security/security_manager.c: No such file or directory.
(gdb) c
Continuing.

Thread 17 "daemon-init" hit Breakpoint 2, virSecurityDriverLookup (name=name@entry=0x0, virtDriver=virtDriver@entry=0x7fffea6ae1b2 "QEMU") at ../../../src/security/security_driver.c:50
50 ../../../src/security/security_driver.c: No such file or directory.
(gdb) c
Continuing.

Thread 17 "daemon-init" hit Breakpoint 3, virSecurityManagerNewDriver (drv=0x7ffff7fad4c0 <virSecurityDriverNop>, virtDriver=virtDriver@entry=0x7fffea6ae1b2 "QEMU", flags=8)
    at ../../../src/security/security_manager.c:78
78 ../../../src/security/security_manager.c: No such file or directory.
(gdb) c
Continuing.

Thread 17 "daemon-init" hit Breakpoint 3, virSecurityManagerNewDriver (drv=0x7ffff7fad640 <virSecurityDriverStack>, virtDriver=0x7fffea6ae1b2 "QEMU", flags=flags@entry=8)
    at ../../../src/security/security_manager.c:78
78 in ../../../src/security/security_manager.c

Good:
Thread 17 "daemon-init" hit Breakpoint 1, virSecurityManagerNew (name=name@entry=0x0, virtDriver=virtDriver@entry=0x7f694365e1b2 "QEMU", flags=flags@entry=10)
    at ../../../src/security/security_manager.c:180
180 ../../../src/security/security_manager.c: No such file or directory.
(gdb) c
Continuing.

Thread 17 "daemon-init" hit Breakpoint 2, virSecurityDriverLookup (name=name@entry=0x0, virtDriver=virtDriver@entry=0x7f694365e1b2 "QEMU") at ../../../src/security/security_driver.c:50
50 ../../../src/security/security_driver.c: No such file or directory.
(gdb) c
Continuing.

Thread 17 "daemon-init" hit Breakpoint 3, virSecurityManagerNewDriver (drv=0x7f694ff5cae0 <virAppArmorSecurityDriver>, virtDriver=virtDriver@entry=0x7f694365e1b2 "QEMU", flags=10)
    at ../../../src/security/security_manager.c:78
78 ../../../src/security/security_manager.c: No such file or directory.
(gdb) c
Continuing.

Thread 17 "daemon-init" hit Breakpoint 3, virSecurityManagerNewDriver (drv=0x7f694ff5c640 <virSecurityDriverStack>, virtDriver=0x7f694365e1b2 "QEMU", flags=flags@entry=10)
    at ../../../src/security/security_manager.c:78
78 in ../../../src/security/security_manager.c

P.S. I might need a debug build going further yet I'm unsure if installing that might change the bug conditions.