Ubuntu
libvirt package

  1. Bug #545795
  2. Comment #1

Comment 1 for bug 545795

Revision history for this message
Jamie Strandboge (jdstrand) wrote : Re: virt-manager allows selection of PCI devices for a VM but apparmor is not configured to allow access to the PCI device

Thank you for using Ubuntu and reporting a bug. This is a known issue and a limitation of the AppArmor driver. For now, you need to adjust /etc/apparmor.d/abstractions/libvirt-qemu to allow access to host hardware. For usb devices (hostdev), adjust this:
  # WARNING: uncommenting these gives the guest direct access to host hardware.
  # This is required for USB pass through but is a security risk. You have been
  # warned.
  #/sys/bus/usb/devices/ r,
  #/sys/devices/*/*/usb[0-9]*/** r,
  #/dev/bus/usb/*/[0-9]* rw,

To be:
  # WARNING: uncommenting these gives the guest direct access to host hardware.
  # This is required for USB pass through but is a security risk. You have been
  # warned.
  /sys/bus/usb/devices/ r,
  /sys/devices/*/*/usb[0-9]*/** r,
  /dev/bus/usb/*/[0-9]* rw,

You will have to add similar entries for PCI devices (pcidev).