© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
I was struggling with HW issues that made my iommu capable system failing, so I'll continue tomorrow.
Some questions for now already.
You mentioned you edited /etc/libvirt/
On vfio terms libvirt/qemu already knows and has access to "/dev/vfio/vfio" by default.
But when you create your new group it will need to be made known as well.
So e.g. if you got /dev/vfio/6 this will have to be added in /etc/libvirt/
at the cgroup_device_acl statement.
Since this is hot add virt-aa-helper fixes wont help as this is brought to the guest
after the initial profile is created.
BTW also while not 100% needed a share of your add_cx3.xml would be nice.
I have other devices anyway but to make sure any options format are the same it might help.
From here I need to sort out:
1. which of the changes is fixing it
1.1 apparmor-profiles not installed? This is a no-op for your case as libvirt brings all the profiles needed and thereby not the fix.
1.2 vfio in apparmor abstractions
1.3 limit in the guest XML
I'll try to do so and get back to you, but answering the questions above will help to not get stuck on missing info.