Ubuntu
libvirt package

Bug #1990499
Comment #5

Comment 5 for bug 1990499

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2022-09-27:

I can recreate the same with these simple steps in Jammy (independent to the add-loader or not):

$ wget https://cdimage.ubuntu.com/releases/22.04.1/release/ubuntu-22.04.1-preinstalled-server-riscv64+unmatched.img.xz
$ mv ubuntu-22.04.1-preinstalled-server-riscv64+unmatched.img /var/lib/libvirt/images/
$ cat << EoF > riscv-guest.xml
<domain type='qemu'>
    <name>ubuntu22.10-riscv64</name>
    <os>
        <type arch='riscv64' machine='virt'>hvm</type>
<kernel>/usr/lib/u-boot/qemu-riscv64_smode/uboot.elf</kernel>
<loader readonly="yes" type="rom">/usr/lib/riscv64-linux-gnu/opensbi/generic/fw_jump.elf</loader>
    </os>
    <memory unit="GiB">2</memory>
    <vcpu placement="static">4</vcpu>
    <devices>
        <emulator>usr/bin/qemu-system-riscv64</emulator>
        <disk type='file' device='disk' cache='none'>
          <driver name='qemu' type='raw'/>
   <source file='/var/lib/libvirt/images/ubuntu-22.04.1-preinstalled-server-riscv64+unmatched.img'/>
          <target dev='sda' bus='scsi'/>
        </disk>
<controller type='scsi' model='virtio-scsi'/>
        <interface type='network'>
            <source network='default'/>
            <target dev='vnet0'/>
        </interface>
        <console type='pty'>
            <target type='serial' port='0'/>
        </console>
    </devices>
</domain>
EOF
$ virsh define riscv-guest.xml
$ virsh start ubuntu22.10-riscv64
error: Failed to start domain 'ubuntu22.10-riscv64'
error: internal error: cannot load AppArmor profile 'libvirt-e4089ffc-671d-4d28-9fa5-d0d52dc2d67f'

And in the journal I pick up the mentioned error:
internal error: Child process (LIBVIRT_LOG_OUTPUTS=3:stderr /usr/lib/libvirt/virt-aa-helper -c -u libvirt-e4089ffc-671d-4d28-9fa5-d0d52dc2d67f) unexpected exit status 1: virt-aa-helper: error: /usr/lib/u-boot/qemu-riscv64_smode/uboot.elf
virt-aa-helper: error: skipped restricted file
virt-aa-helper: error: invalid VM definition
internal error: cannot load AppArmor profile 'libvirt-e4089ffc-671d-4d28-9fa5-d0d52dc2d67f'

P.S. when bypassing apparmor I realized I'd still need to munge the disc a bit to be able to boot, but that problem is for another day.

I can recreate the same with these simple steps in Jammy (independent to the add-loader or not):

$ wget https://cdimage.ubuntu.com/releases/22.04.1/release/ubuntu-22.04.1-preinstalled-server-riscv64+unmatched.img.xz
$ mv ubuntu-22.04.1-preinstalled-server-riscv64+unmatched.img /var/lib/libvirt/images/
$ cat << EoF > riscv-guest.xml
<domain type='qemu'>
    <name>ubuntu22.10-riscv64</name>
    <os>
        <type arch='riscv64' machine='virt'>hvm</type>
	<kernel>/usr/lib/u-boot/qemu-riscv64_smode/uboot.elf</kernel>
	<loader readonly="yes" type="rom">/usr/lib/riscv64-linux-gnu/opensbi/generic/fw_jump.elf</loader>
    </os>
    <memory unit="GiB">2</memory>
    <vcpu placement="static">4</vcpu>
    <devices>
        <emulator>usr/bin/qemu-system-riscv64</emulator>
        <disk type='file' device='disk' cache='none'>
          <driver name='qemu' type='raw'/>
	  <source file='/var/lib/libvirt/images/ubuntu-22.04.1-preinstalled-server-riscv64+unmatched.img'/>
          <target dev='sda' bus='scsi'/>
        </disk>
	<controller type='scsi' model='virtio-scsi'/>
        <interface type='network'>
            <source network='default'/>
            <target dev='vnet0'/>
        </interface>
        <console type='pty'>
            <target type='serial' port='0'/>
        </console>
    </devices>
</domain>
EOF
$ virsh define riscv-guest.xml
$ virsh start ubuntu22.10-riscv64
error: Failed to start domain 'ubuntu22.10-riscv64'
error: internal error: cannot load AppArmor profile 'libvirt-e4089ffc-671d-4d28-9fa5-d0d52dc2d67f'

And in the journal I pick up the mentioned error:
internal error: Child process (LIBVIRT_LOG_OUTPUTS=3:stderr /usr/lib/libvirt/virt-aa-helper -c -u libvirt-e4089ffc-671d-4d28-9fa5-d0d52dc2d67f) unexpected exit status 1: virt-aa-helper: error: /usr/lib/u-boot/qemu-riscv64_smode/uboot.elf
                 virt-aa-helper: error: skipped restricted file
                 virt-aa-helper: error: invalid VM definition
internal error: cannot load AppArmor profile 'libvirt-e4089ffc-671d-4d28-9fa5-d0d52dc2d67f'

P.S. when bypassing apparmor I realized I'd still need to munge the disc a bit to be able to boot, but that problem is for another day.

Ubuntulibvirt package

Comment 5 for bug 1990499

Ubuntu
libvirt package