Ubuntu
libvirt package

systemd presents hugetblfs at /dev/hugepages

Bug #1524737 reported by James Page
22
This bug affects 4 people
Affects Status Importance Assigned to Milestone
libvirt (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

==============================================
SRU Justification
Impact: libvirt unable to grant access to hugepages
Fix: add an apparmor rule to allow libvirt to access hugepages at the path which systemd uses
Test case: boot a vm with hugepages enabled.
Regression potential: We already have an allow rule for the old hugepages mount path, we are only allowing access to the path which systemd uses. So there should be no regressions.
==============================================

If a system is configured to allocate hugepages on boot, systemd will automatically present a hugetblfs at /dev/hugepages

This is not compatible with the current apparmor profile which expects presentation at /var/run/hugepages.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: libvirt-bin 1.2.21-2ubuntu1
ProcVersionSignature: Ubuntu 4.3.0-2.11-generic 4.3.0
Uname: Linux 4.3.0-2-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.19.2-0ubuntu9
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Dec 10 11:16:28 2015
EcryptfsInUse: Yes
InstallationDate: Installed on 2014-11-25 (379 days ago)
InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Alpha amd64 (20141124)
SourcePackage: libvirt
UpgradeStatus: Upgraded to xenial on 2015-11-02 (38 days ago)
modified.conffile..etc.libvirt.qemu.conf: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu.conf']
modified.conffile..etc.libvirt.qemu.networks.default.xml: [inaccessible: [Errno 13] Permission denied: '/etc/libvirt/qemu/networks/default.xml']

See original description
Revision history for this message
James Page (james-page) wrote :
summary: - systemd presented hugetblfs at /dev/hugepages
+ systemd presents hugetblfs at /dev/hugepages
Revision history for this message
James Page (james-page) wrote :

Note that '/dev/hugepages/libvirt/qemu' appeared to be auto-created.

Revision history for this message
Chris J Arges (arges) wrote :

Did this happen after upgrading to 1.2.21-2ubuntu1, or was this present in earlier versions?

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libvirt - 1.2.21-2ubuntu3

---------------
libvirt (1.2.21-2ubuntu3) xenial; urgency=medium

  * Fix build-test autopkgtest: it now expects to run with the current
    directory set to the root of the unpacked source package, writes to
    $ADTTMP rather than to the source package, and declares dependencies on
    build-essential and pkg-config.

 -- Colin Watson <email address hidden> Mon, 28 Dec 2015 05:25:54 +0000

Changed in libvirt (Ubuntu):
status: New → Fix Released
Serge Hallyn (serge-hallyn)
description: updated
Serge Hallyn (serge-hallyn)
no longer affects: libvirt (Ubuntu Vivid)
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libvirt (Ubuntu Wily):
status: New → Confirmed
Revision history for this message
Thiago Martins (martinx) wrote :

I'm seeing this problem while trying to launch an Instance on OpenStack Ocata on Ubuntu 16.04, here is the error message on nova-compute.log:

---
2017-04-07 20:13:18.504 3996 ERROR nova.compute.manager [instance: fbbb7bde-763e-40d3-8987-fb3a6c568ad8] libvirtError: internal error: process exited while connecting to monitor: 2017-04-07T20:13:17.764939Z qemu-system-x86_64: -object memory-backend-file,id=ram-node0,prealloc=yes,mem-path=/dev/hugepages-1048576/libvirt/qemu,share=yes,size=4294967296,host-nodes=0,policy=bind: can't open backing store /dev/hugepages-1048576/libvirt/qemu for guest RAM: Permission denied
---

At syslog:

---
Apr 7 20:13:17 expert-jennet kernel: [ 1535.437956] audit: type=1400 audit(1491595997.759:23): apparmor="DENIED" operation="mknod" profile="libvirt-fbbb7bde-763e-40d3-8987-fb3a6c568ad8" name="/dev/hugepages-1048576/libvirt/qemu/qemu_back_mem._objects_ram-node0.BFNx2W" pid=8341 comm="qemu-system-x86" requested_mask="c" denied_mask="c" fsuid=64055 ouid=64055
---

Any idea about how to fix it?

Revision history for this message
Nish Aravamudan (nacc) wrote :

FWIW, this bug is never going to be fixed in Wily, afaict, I'm deleting the task.

no longer affects: libvirt (Ubuntu Wily)
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

And for the remaining bug that Thiago reported Nish was so kind to file it separately for better tracking as bug 1680956

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Uh that was even Thiago, but Nish was the one who sent me a mail to read through - thank you both!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.