Ubuntu
libvirt package

  1. Bug #1817943
  2. Activity log

Activity log for bug #1817943

Date Who What changed Old value New value Message
2019-02-27 17:45:07 Bryan Quigley bug added bug
2019-02-27 17:45:07 Bryan Quigley attachment added virt xml https://bugs.launchpad.net/bugs/1817943/+attachment/5242088/+files/disco.xml
2019-02-27 17:45:28 Bryan Quigley attachment added default_PPA_denies.log https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1817943/+attachment/5242089/+files/default_PPA_denies.log
2019-02-27 17:45:49 Bryan Quigley attachment added my_attemped_workaround.log https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1817943/+attachment/5242090/+files/my_attemped_workaround.log
2019-02-28 09:32:10 Christian Ehrhardt  libvirt (Ubuntu): status New Incomplete
2019-02-28 16:29:07 Bryan Quigley attachment added nvidia_deniest.log https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1817943/+attachment/5242372/+files/nvidia_deniest.log
2019-03-01 06:05:57 Christian Ehrhardt  libvirt (Ubuntu): status Incomplete Triaged
2019-03-01 06:46:54 Bryan Quigley description Based on 1815452, specifically the PPA from in Comment #17. First, trying gives me these apparmor denied entries (complete log in default_PPA_denies.log): Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.289:191): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/proc/modules" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/bus/pci/devices/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.429:192): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/proc/modules" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.429:193): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/bus/pci/devices/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/usr/share/egl/egl_external_platform.d/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.509:194): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/usr/share/egl/egl_external_platform.d/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.509:195): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Worked around them (or so I think) by adding to local/abstractions/libvirt-qemu: /proc/modules r, /proc/driver/nvidia/ r, /proc/driver/nvidia/** r, /usr/share/egl/ r, /usr/share/egl/** r, /sys/devices/** r, /sys/devices/ r, /dev/nvidiactl rw, This doesn't give anymore AppArmor denials, but does result in (full log in my_attempted_workaround.log): Feb 27 09:40:16 desktop libvirtd[1468]: Unable to read from monitor: Connection reset by peer Feb 27 09:40:16 desktop libvirtd[1468]: internal error: qemu unexpectedly closed the monitor: qemu-system-x86_64: ../src/gallium/drivers/llvmpipe/lp_texture.c:499: llvmpipe_resource_get_handle: Assertion `lpr->dt' failed. Other relevant bits: I'm using the nvidia 415 driver from the graphics-driver ppa. Based on 1815452, specifically the PPA from in Comment #17. First, trying gives me these apparmor denied entries (complete log in default_PPA_denies.log): Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.289:191): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/proc/modules" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/bus/pci/devices/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.429:192): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/proc/modules" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.429:193): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/bus/pci/devices/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/usr/share/egl/egl_external_platform.d/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop audit[14553]: AVC apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.509:194): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/usr/share/egl/egl_external_platform.d/" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Feb 27 09:32:18 desktop kernel: audit: type=1400 audit(1551288738.509:195): apparmor="DENIED" operation="open" profile="libvirt-26480e4e-9d51-476e-b329-657b2012c151" name="/sys/devices/pci0000:00/0000:00:03.1/0000:1c:00.0/uevent" pid=14553 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 Worked around them (or so I think) by adding to local/abstractions/libvirt-qemu:   /proc/modules r,   /proc/driver/nvidia/ r,   /proc/driver/nvidia/** r,   /usr/share/egl/ r,   /usr/share/egl/** r,   /sys/devices/** r,   /sys/devices/ r,   /dev/nvidiactl rw, This doesn't give anymore AppArmor denials, but fails to run and shows the following error (full log in my_attempted_workaround.log): Feb 27 09:40:16 desktop libvirtd[1468]: Unable to read from monitor: Connection reset by peer Feb 27 09:40:16 desktop libvirtd[1468]: internal error: qemu unexpectedly closed the monitor: qemu-system-x86_64: ../src/gallium/drivers/llvmpipe/lp_texture.c:499: llvmpipe_resource_get_handle: Assertion `lpr->dt' failed. Other relevant bits: I'm using the nvidia 415 driver from the graphics-driver ppa.
2019-03-06 14:30:13 Launchpad Janitor libvirt (Ubuntu): status Triaged Fix Released