Ubuntu
libvirt package

Merge ~paelzer/ubuntu/+source/libvirt:lp-1972075-JAMMY into ubuntu/+source/libvirt:ubuntu/jammy-devel

  1. Git
  2. lp:~paelzer/ubuntu/+source/libvirt
  3. lp-1972075-JAMMY
  4. Merge into ubuntu/jammy-devel
Proposed by Christian Ehrhardt 
Status: Merged
Merge reported by: Christian Ehrhardt 
Merged at revision: 318812ebc6d2c2405a325c1bcd1acaa83d73ccf6
Proposed branch: ~paelzer/ubuntu/+source/libvirt:lp-1972075-JAMMY
Merge into: ubuntu/+source/libvirt:ubuntu/jammy-devel
Diff against target: 75 lines (+53/-0)
3 files modified
debian/changelog (+7/-0)
debian/patches/series (+1/-0)
debian/patches/ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch (+45/-0)
Reviewer Review Type Date Requested Status
Sergio Durigan Junior (community) Approve
Canonical Server Pending
git-ubuntu import Pending
Review via email: mp+422941@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

PPA: https://launchpad.net/~paelzer/+archive/ubuntu/lp-1972075-libvirt-gl

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI - once merged upstream for real I'll update the commit hash

~paelzer/ubuntu/+source/libvirt:lp-1972075-JAMMY updated
5f88cf0... by Christian Ehrhardt 

d/p/u/lp-1972075: set final upstream commit

Signed-off-by: Christian Ehrhardt <email address hidden>

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI: Updated to final commit hash

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks for the MP, Christian.

Pretty much the same MP as the one for Kinetic, so the comments here are the same (including the suggestion to link to gitlab.com).

LGTM, but let's see how the autopkgtests perform.

review: Approve
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

All tests passed:

Results from https://autopkgtest.ubuntu.com/results/autopkgtest-jammy-paelzer-lp-1972075-libvirt-gl/?format=plain:
  libvirt @ amd64:
    20.05.22 18:33:19 Log 🗒️ ✅ Triggers: ['libvirt/8.0.0-1ubuntu7.1~jammyppa1']
  libvirt @ arm64:
    20.05.22 18:46:31 Log 🗒️ ✅ Triggers: ['libvirt/8.0.0-1ubuntu7.1~jammyppa1']
  libvirt @ armhf:
    20.05.22 18:40:40 Log 🗒️ ✅ Triggers: ['libvirt/8.0.0-1ubuntu7.1~jammyppa1']
  libvirt @ ppc64el:
    20.05.22 18:31:33 Log 🗒️ ✅ Triggers: ['libvirt/8.0.0-1ubuntu7.1~jammyppa1']
  libvirt @ s390x:
    20.05.22 18:28:11 Log 🗒️ ✅ Triggers: ['libvirt/8.0.0-1ubuntu7.1~jammyppa1']

~paelzer/ubuntu/+source/libvirt:lp-1972075-JAMMY updated
318812e... by Christian Ehrhardt 

d/p/ubuntu-aa/0035-apparmor-separate-swtpm-rules.patch: fix upstream URL

Signed-off-by: Christian Ehrhardt <email address hidden>

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks, I have updated the headers accordingly (as suggested int he other MP).

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

FYI: uploaded for jammy waiting for the SRU Team

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 21d2520..b568750 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,10 @@
6+libvirt (8.0.0-1ubuntu7.1) jammy; urgency=medium
7+
8+ * d/p/u/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch:
9+ apparmor allow new paths used for GL accelerated video (LP: #1972075)
10+
11+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 19 May 2022 08:14:48 +0200
12+
13 libvirt (8.0.0-1ubuntu7) jammy; urgency=medium
14
15 * d/p/ubuntu-aa/0035-apparmor-separate-swtpm-rules.patch: Patch the libvirtd
16diff --git a/debian/patches/series b/debian/patches/series
17index b54e08b..722d026 100644
18--- a/debian/patches/series
19+++ b/debian/patches/series
20@@ -32,3 +32,4 @@ ubuntu-aa/0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch
21 ubuntu-aa/lp-1815910-allow-vhost-hotplug.patch
22 ubuntu/swtpm-by-swtpm-user.patch
23 ubuntu-aa/0035-apparmor-separate-swtpm-rules.patch
24+ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch
25diff --git a/debian/patches/ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch b/debian/patches/ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch
26new file mode 100644
27index 0000000..59faa28
28--- /dev/null
29+++ b/debian/patches/ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch
30@@ -0,0 +1,45 @@
31+From 28d88786af8699fb780f9c4238828afd4332d6d1 Mon Sep 17 00:00:00 2001
32+From: Max Goodhart <c@chromakode.com>
33+Date: Wed, 11 May 2022 15:08:39 -0700
34+Subject: [PATCH] Allow VM to read sysfs PCI config, revision files
35+
36+This fixes a blank screen when viewing a VM with virtio graphics and
37+gl-accelerated Spice display on Ubuntu 22.04 / libvirt 8.0.0 / qemu 6.2.
38+
39+Without these AppArmor permissions, the libvirt error log contains
40+repetitions of:
41+
42+qemu_spice_gl_scanout_texture: failed to get fd for texture
43+
44+This appears to be similar to this GNOME Boxes issue:
45+https://gitlab.gnome.org/GNOME/gnome-boxes/-/issues/586
46+
47+Fixes: https://launchpad.net/bugs/1972075
48+
49+Signed-off-by: Max Goodhart <c@chromakode.com>
50+Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
51+
52+Origin: upstream, https://gitlab.com/libvirt/libvirt/-/commit/42cb548045
53+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1972075
54+Last-Update: 2022-05-19
55+
56+---
57+ src/security/virt-aa-helper.c | 2 +-
58+ 1 file changed, 1 insertion(+), 1 deletion(-)
59+
60+diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
61+index 1f1cce8b3d..b314d2a059 100644
62+--- a/src/security/virt-aa-helper.c
63++++ b/src/security/virt-aa-helper.c
64+@@ -1316,7 +1316,7 @@ get_files(vahControl * ctl)
65+ virBufferAddLit(&buf, " \"/dev/nvidiactl\" rw,\n");
66+ virBufferAddLit(&buf, " # Probe DRI device attributes\n");
67+ virBufferAddLit(&buf, " \"/dev/dri/\" r,\n");
68+- virBufferAddLit(&buf, " \"/sys/devices/**/{uevent,vendor,device,subsystem_vendor,subsystem_device}\" r,\n");
69++ virBufferAddLit(&buf, " \"/sys/devices/**/{uevent,vendor,device,subsystem_vendor,subsystem_device,config,revision}\" r,\n");
70+ virBufferAddLit(&buf, " # dri libs will trigger that, but t is not requited and DAC would deny it anyway\n");
71+ virBufferAddLit(&buf, " deny \"/var/lib/libvirt/.cache/\" w,\n");
72+ }
73+--
74+2.36.0
75+

Subscribers

People subscribed via source and target branches