Hi, thanks for the excellent guide. I like your elegant libvirt hook solutions and it's all super clear and easy to follow.
I'm having one small problem though and hope you might give me a clue. I can't get hugepages working. It appears to conflict with apparmor.
Host is kubuntu 21.10
Using library: libvirt 7.6.0
Using API: QEMU 7.6.0
Running hypervisor: QEMU 6.0.0
I have to run qemu as my login (aka user 1000) in qemu.conf in order to get qemu-audio working apparently due to other similar apparmor conflicts, this may be part of the issue.
When I add <hugepages/> to the vm's xml section
`
<access mode="shared"/>
`
Then start the VM, memfd backed hugepages generates a Permission Denied error from apparmor that looks like this:
fubar-1
commented
2 years ago
Hi, thanks for the excellent guide. I like your elegant libvirt hook solutions and it's all super clear and easy to follow.
I'm having one small problem though and hope you might give me a clue. I can't get hugepages working. It appears to conflict with apparmor.
Host is kubuntu 21.10 Using library: libvirt 7.6.0 Using API: QEMU 7.6.0 Running hypervisor: QEMU 6.0.0 I have to run qemu as my login (aka user 1000) in qemu.conf in order to get qemu-audio working apparently due to other similar apparmor conflicts, this may be part of the issue.
When I add
<hugepages/>to the vm's xml section ``
Then start the VM, memfd backed hugepages generates a Permission Denied error from apparmor that looks like this:
` 11 22:05:25 hexy audit[14630]: AVC apparmor="DENIED" operation="open" profile="libvirt-15de3735-d0a2-482b-95ce-42ab775ceaa7" name="/proc/sys/dev/i915/perf_stream_paranoid" pid=14630 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Nov 11 22:05:25 hexy kernel: audit: type=1400 audit(1636697125.209:59): apparmor="DENIED" operation="open" profile="libvirt-15de3735-d0a2-482b-95ce-42ab775ceaa7" name="/proc/sys/dev/i915/perf_stream_paranoid" pid=14630 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Nov 11 22:05:25 hexy audit[14630]: AVC apparmor="DENIED" operation="open" profile="libvirt-15de3735-d0a2-482b-95ce-42ab775ceaa7" name="/etc/pulse/client.conf.d/" pid=14630 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Nov 11 22:05:25 hexy audit[14630]: AVC apparmor="DENIED" operation="truncate" profile="libvirt-15de3735-d0a2-482b-95ce-42ab775ceaa7" name="/" pid=14630 comm="qemu-system-x86" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000
Nov 11 22:05:25 hexy kernel: audit: type=1400 audit(1636697125.213:60): apparmor="DENIED" operation="open" profile="libvirt-15de3735-d0a2-482b-95ce-42ab775ceaa7" name="/etc/pulse/client.conf.d/" pid=14630 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[...]
Nov 11 22:05:25 hexy libvirtd[2866]: internal error: qemu unexpectedly closed the monitor: 2021-11-12T06:05:25.217933Z qemu-system-x86_64: failed to resize memfd to 4294967296: Permission denied
Nov 11 22:05:25 hexy systemd[1]: machine-qemu\x2d3\x2dwork.scope: Deactivated successfully. `
Do you have any ideas or suggestions to try?