Ubuntu
libvirt package

Merge ~paelzer/ubuntu/+source/libvirt:lp-1972075-KINETIC into ubuntu/+source/libvirt:ubuntu/kinetic-devel

Git
lp:~paelzer/ubuntu/+source/libvirt
lp-1972075-KINETIC
Merge into ubuntu/kinetic-devel

Proposed by Christian Ehrhardt  on 2022-05-19

Status:

Merged

Merge reported by:

Christian Ehrhardt 

Merged at revision:

aa4b2f4e426c59ed211e97a33fe7e51eb441db75

Proposed branch:

~paelzer/ubuntu/+source/libvirt:lp-1972075-KINETIC

Merge into:

ubuntu/+source/libvirt:ubuntu/kinetic-devel

Diff against target:

75 lines (+53/-0)

3 files modified

debian/changelog (+7/-0)
debian/patches/series (+1/-0)
debian/patches/ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch (+45/-0)

High

Fix Released

Link a bug report

Reviewer	Date Requested	Status
Sergio Durigan Junior (community)	2022-05-19	Approve on 2022-05-20
Canonical Server	2022-05-19	Pending
git-ubuntu import	2022-05-19	Pending
Review via email: mp+422942@code.launchpad.net

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2022-05-19:

PPA: https://launchpad.net/~paelzer/+archive/ubuntu/lp-1972075-libvirt-gl

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2022-05-19:

FYI - once merged upstream for real I'll update the commit hash

~paelzer/ubuntu/+source/libvirt:lp-1972075-KINETIC updated on 2022-05-20

aa4b2f4... by Christian Ehrhardt  on 2022-05-20

d/p/u/lp-1972075: set final upstream commit

Signed-off-by: Christian Ehrhardt <email address hidden>

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2022-05-20:

FYI: Updated to final commit hash

Revision history for this message

Sergio Durigan Junior (sergiodj) wrote on 2022-05-20:

Thanks for the MP, Christian.

The package built fine in the PPA. The change has been reviewed, accepted and pushed upstream, and seems trivial enough that I'm comfortable with it. I noticed that there are not autopkgtest results yet, so I went ahead and triggered them. Let's see how they perform.

I'm suggesting a small change to one of the DEP-3 headers, but otherwise LGTM. +1 assuming that the dep8 tests pass :-).

review: Approve

Revision history for this message

Sergio Durigan Junior (sergiodj) wrote on 2022-05-20:

Most of the dep8 tests are OK, but the arm64 ones have been failing due to an unrelated problem (cyrus-sasl2 was recently updated and hasn't been published on the architecture yet).

~paelzer/ubuntu/+source/libvirt:lp-1972075-KINETIC updated on 2022-05-23

b235550... by Christian Ehrhardt  on 2022-05-23

d/p/ubuntu-aa/0035-apparmor-separate-swtpm-rules.patch: fix upstream URL

Signed-off-by: Christian Ehrhardt <email address hidden>

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2022-05-23:

Thanks, I have updated the headers accordingly.

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2022-05-23:

Uploaded for Kinetic

Uploading libvirt_8.0.0-1ubuntu8.dsc
Uploading libvirt_8.0.0-1ubuntu8.debian.tar.xz
Uploading libvirt_8.0.0-1ubuntu8_source.buildinfo
Uploading libvirt_8.0.0-1ubuntu8_source.changes

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Christian Ehrhardt 

git-ubuntu developers

 diff --git a/debian/changelog b/debian/changelog
 index 21d2520..bac7d3f 100644
 --- a/debian/changelog
 +++ b/debian/changelog
@@ -1,3 +1,10 @@
++libvirt (8.0.0-1ubuntu8) kinetic; urgency=medium
++
++  * d/p/u/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch:
++    apparmor allow new paths used for GL accelerated video (LP: #1972075)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 19 May 2022 08:14:48 +0200
++
  libvirt (8.0.0-1ubuntu7) jammy; urgency=medium
    * d/p/ubuntu-aa/0035-apparmor-separate-swtpm-rules.patch: Patch the libvirtd
 diff --git a/debian/patches/series b/debian/patches/series
 index b54e08b..722d026 100644
 --- a/debian/patches/series
 +++ b/debian/patches/series
@@ -32,3 +32,4 @@ ubuntu-aa/0034-apparmor-virt-aa-helper-access-for-snapped-nova.patch
  ubuntu-aa/lp-1815910-allow-vhost-hotplug.patch
  ubuntu/swtpm-by-swtpm-user.patch
  ubuntu-aa/0035-apparmor-separate-swtpm-rules.patch
++ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch
 diff --git a/debian/patches/ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch b/debian/patches/ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch
 new file mode 100644
 index 0000000..59faa28
 --- /dev/null
 +++ b/debian/patches/ubuntu/lp-1972075-Allow-VM-to-read-sysfs-PCI-config-revision-files.patch
@@ -0,0 +1,45 @@
++From 28d88786af8699fb780f9c4238828afd4332d6d1 Mon Sep 17 00:00:00 2001
++From: Max Goodhart <c@chromakode.com>
++Date: Wed, 11 May 2022 15:08:39 -0700
++Subject: [PATCH] Allow VM to read sysfs PCI config, revision files
++
++This fixes a blank screen when viewing a VM with virtio graphics and
++gl-accelerated Spice display on Ubuntu 22.04 / libvirt 8.0.0 / qemu 6.2.
++
++Without these AppArmor permissions, the libvirt error log contains
++repetitions of:
++
++qemu_spice_gl_scanout_texture: failed to get fd for texture
++
++This appears to be similar to this GNOME Boxes issue:
++https://gitlab.gnome.org/GNOME/gnome-boxes/-/issues/586
++
++Fixes: https://launchpad.net/bugs/1972075
++
++Signed-off-by: Max Goodhart <c@chromakode.com>
++Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
++
++Origin: upstream, https://gitlab.com/libvirt/libvirt/-/commit/42cb548045
++Bug-Ubuntu: https://bugs.launchpad.net/bugs/1972075
++Last-Update: 2022-05-19
++
++---
++ src/security/virt-aa-helper.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
++index 1f1cce8b3d..b314d2a059 100644
++--- a/src/security/virt-aa-helper.c
+++++ b/src/security/virt-aa-helper.c
++@@ -1316,7 +1316,7 @@ get_files(vahControl * ctl)
++         virBufferAddLit(&buf, "  \"/dev/nvidiactl\" rw,\n");
++         virBufferAddLit(&buf, "  # Probe DRI device attributes\n");
++         virBufferAddLit(&buf, "  \"/dev/dri/\" r,\n");
++-        virBufferAddLit(&buf, "  \"/sys/devices/**/{uevent,vendor,device,subsystem_vendor,subsystem_device}\" r,\n");
+++        virBufferAddLit(&buf, "  \"/sys/devices/**/{uevent,vendor,device,subsystem_vendor,subsystem_device,config,revision}\" r,\n");
++         virBufferAddLit(&buf, "  # dri libs will trigger that, but t is not requited and DAC would deny it anyway\n");
++         virBufferAddLit(&buf, "  deny \"/var/lib/libvirt/.cache/\" w,\n");
++     }
++--
++2.36.0
++

Ubuntu
libvirt package

Merge ~paelzer/ubuntu/+source/libvirt:lp-1972075-KINETIC into ubuntu/+source/libvirt:ubuntu/kinetic-devel

Commit message

Description of the change

Preview Diff

Subscribers

Ubuntulibvirt package

Merge ~paelzer/ubuntu/+source/libvirt:lp-1972075-KINETIC into ubuntu/+source/libvirt:ubuntu/kinetic-devel

Commit message

Description of the change

Preview Diff

Subscribers

Ubuntu
libvirt package