On a Debian sid host with AppArmor enabled, a guest with virtio-gpu + virgl enabled fails to start with: qemu-system-x86_64: egl: no drm render node available qemu-system-x86_64: Failed to initialize EGL render node for SPICE GL … and I see a bunch of AppArmor denials in the logs. Version-Release number of selected component (if applicable): libvirt 4.10.0-1 on Debian sid To workaround this problem, here's the minimal set of rules I had to add to /etc/apparmor.d/libvirt/TEMPLATE.qemu: /dev/dri/ r, /dev/dri/renderD128 rw, /etc/drirc r, /{etc,usr/share}/glvnd/egl_vendor.d/ r, /{etc,usr/share}/glvnd/egl_vendor.d/*.json r, /sys/devices/pci[0-9]*/**/{device,subsystem_device,subsystem_vendor,uevent,vendor} r, /usr/lib/x86_64-linux-gnu/dri/*_dri.so m, These AppArmor rules should be added automatically by virt-aa-helper when virtio-gpu + virgl are enabled for a guest. If we can assume a recent enough apparmor package, most of these rules can be replaced by using the dri-enumerate and dri-common abstractions instead (they allow a bit more broader access, nothing too scary though). Commit 98931187eefdec6f2dea5cb82ab6d23a3ffa6634 fixed the DAC part of the virtio-gpu + virgl access problem already; it could provide useful inspiration wrt. checking whether these AppArmor rules need to be added for a given guest.
I believe this is fixed by: commit 27a9ebf28183cb3c3c784fcab622e67e978eb3dc Author: Christian Ehrhardt <christian.ehrhardt> AuthorDate: Tue Feb 12 11:12:52 2019 +0100 Commit: Christian Ehrhardt <christian.ehrhardt> CommitDate: Mon Feb 25 08:57:33 2019 +0100 security: aa-helper: generate more rules for gl devices Change fb01e1a44 "virt-aa-helper: generate rules for gl enabled graphics devices" implemented the detection for gl enabled devices in virt-aa-helper. But further testing showed that it will need much more access for the full gl stack to work. Upstream apparmor just recently split those things out and now has two related abstractions at https://gitlab.com/apparmor/apparmor/blob/master: - dri-common at /profiles/apparmor.d/abstractions/dri-common - mesa: at /profiles/apparmor.d/abstractions/mesa If would be great to just include that for the majority of rules, but they are not yet in any distribution so we need to add rules inspired by them based on the testing that we can do. Furthermore qemu with opengl will also probe the backing device of the rendernode for attributes which should be safe as read-only wildcard rules. Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1815452 Acked-by: Jamie Strandboge <jamie> Signed-off-by: Christian Ehrhardt <christian.ehrhardt> And: commit 00fbb9e51678f76effa2d20e78a9be861ad5f484 Author: Christian Ehrhardt <christian.ehrhardt> AuthorDate: Fri Mar 1 07:25:59 2019 +0100 Commit: Christian Ehrhardt <christian.ehrhardt> CommitDate: Wed Mar 6 11:29:55 2019 +0100 security: aa-helper: nvidia rules for gl devices Further testing with different devices showed that we need more rules to drive gl backends with nvidia cards. Related denies look like: apparmor="DENIED" operation="open" name="/usr/share/egl/egl_external_platform.d/" requested_mask="r" apparmor="DENIED" operation="open" name="/proc/modules" requested_mask="r" apparmor="DENIED" operation="open" name="/proc/driver/nvidia/params" requested_mask="r" apparmor="DENIED" operation="mknod" name="/dev/nvidiactl" requested_mask="c" Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1817943 Acked-by: Jamie Strandboge <jamie> Signed-off-by: Christian Ehrhardt <christian.ehrhardt>