I set up a Xenial on arm64.
I created a working guest like:
<domain type='kvm' id='1'>
<name>b1</name>
<uuid>1f776433-dc84-43ac-9e60-b8e571ae22ff</uuid>
<metadata>
<uvt:ssh_known_hosts
xmlns:uvt="https://launchpad.net/uvtool/libvirt/1";>ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQCWcGghaCsAwBh0VauPNnnRshKfGD6uXqHEQb9djUlSQ/wKjgNCemAamaVTZjHJoT+Q5whAtv0SkRc6Vj9mlODBtBeBPqZS00HbM1TqH6HkX44SG52IhO9zVnNU1uc6SanhCqd7mEuz5PpWnTWl1zzXJnaFJUKf25gTOdms85jBKEx2hyL6YBSuACVN6nmhhPGlpq1IAyzz4wK9WdYjYHkHtJubvqRu/6eXZOoQRcf3RciHC4Monicq2d95H9qTD7mZpyk/LwA3gFXbsVzzL5o4o0k0WdrUq9Ic+Dt81AjzhakQrcdTLwhh6Pv7cDFLMpLkgYsSaq7fHbNY0nFJRZMZ
root@localhost
ssh-dss
AAAAB3NzaC1kc3MAAACBANiaS3GwkeTyoQevH1IPIUARdFKECFYH7G7XAru+R52nVy3C670aSuNtcYhXv4U418n8kZWE9TEypICC9o9cDo55EQRMr+een1CepHgXCRRwFv52koFq7E0Hse6/v6i+oNvM2tV+R9RoPOPI3KgW4nvkfKcKH91taeEa4SENZYHhAAAAFQD6h2G43Re8FNw4Y/hz5hmxONyGhwAAAIEAlnBjI2FRDbk4CwkNk7FQdo2D9dAjrGtVG6yzMVq7cOfwo7V/rVYlUOxzwUFi/1LJDquE12NzxQgLnYBkNtzO+xx3KrNwyNE4weOTqfZvrl+HGSTOmjLGKa1tGHsBJFC4uN6mo08Vl7fOvMCsDSqsXTGpNHedU5KssM7GvizikAMAAACAIKqIaYn4kL3VgXaRyX7foJLxduJ0L+kruzic51+qFSS6fWrqgDH6Dz4pQnIK4+TJB6ZQd4ebj/EmTlVodMghjf871kx3kenA9T4cLDhvKF1/XsfVbbU3n1OcKhiTjDlhK7U8DdW7fmKWqdpc8zPidgkbzdbgCZIOm4MFasYI1U4=
root@localhost
ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPA6IYS9nG9a2J04SE5cueII8NQDJgqfVxYapr9lAU12GJUQ2MIRVXlHkoWXRn5B+RzfdAxncdjQ2eiZS5tSNdQ=
root@localhost
ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIK8YgP8eYAJTSTVhEh0NVBFCyT2JZPLbUQ6DV8q6HKmA
root@localhost
</uvt:ssh_known_hosts>
</metadata>
<memory unit='KiB'>524288</memory>
<currentMemory unit='KiB'>524288</currentMemory>
<vcpu placement='static'>1</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='aarch64' machine='virt'>hvm</type>
<loader readonly='yes' type='pflash'>/usr/share/AAVMF/AAVMF_CODE.fd</loader>
<nvram
template='/usr/share/AAVMF/AAVMF_CODE.fd'>/var/lib/libvirt/qemu/nvram/b1_VARS.fd</nvram>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
<pae/>
<gic version='3'/>
</features>
<cpu mode='custom' match='exact'>
<model fallback='allow'>host</model>
</cpu>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/bin/kvm</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/var/lib/uvtool/libvirt/images/b1.qcow'/>
<backingStore type='file' index='1'>
<format type='qcow2'/>
<source
file='/var/lib/uvtool/libvirt/images/x-uvt-b64-Y29tLnVidW50dS5jbG91ZC5kYWlseTpzZXJ2ZXI6MTguMDQ6YXJtNjQgMjAxODA1MTg='/>
<backingStore/>
</backingStore>
<target dev='vda' bus='virtio'/>
<alias name='virtio-disk0'/>
<address type='virtio-mmio'/>
</disk>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/var/lib/uvtool/libvirt/images/b1-ds.qcow'/>
<backingStore/>
<target dev='vdb' bus='virtio'/>
<alias name='virtio-disk1'/>
<address type='virtio-mmio'/>
</disk>
<controller type='pci' index='0' model='pcie-root'>
<alias name='pcie.0'/>
</controller>
<controller type='pci' index='1' model='dmi-to-pci-bridge'>
<model name='i82801b11-bridge'/>
<alias name='pci.1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01'
function='0x0'/>
</controller>
<controller type='pci' index='2' model='pci-bridge'>
<model name='pci-bridge'/>
<target chassisNr='2'/>
<alias name='pci.2'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x01'
function='0x0'/>
</controller>
<interface type='network'>
<mac address='52:54:00:d4:69:79'/>
<source network='default' bridge='virbr0'/>
<target dev='vnet0'/>
<model type='virtio'/>
<alias name='net0'/>
<address type='virtio-mmio'/>
</interface>
<serial type='pty'>
<source path='/dev/pts/1'/>
<target port='0'/>
<alias name='serial0'/>
</serial>
<console type='pty' tty='/dev/pts/1'>
<source path='/dev/pts/1'/>
<target type='serial' port='0'/>
<alias name='serial0'/>
</console>
</devices>
<seclabel type='dynamic' model='apparmor' relabel='yes'>
<label>libvirt-1f776433-dc84-43ac-9e60-b8e571ae22ff</label>
<imagelabel>libvirt-1f776433-dc84-43ac-9e60-b8e571ae22ff</imagelabel>
</seclabel>
</domain>
This is with
ii libvirt-bin 1.3.1-1ubuntu10.23 arm64 programs for
the libvirt library
ii libvirt0:arm64 1.3.1-1ubuntu10.23 arm64 library for
interfacing with different virtualization systems
ii qemu-block-extra:arm64 1:2.5+dfsg-5ubuntu10.29 arm64 extra block
backend modules for qemu-system and qemu-utils
ii qemu-efi 0~20160408.ffea0a2c-2 all UEFI firmware
for virtual machines
ii qemu-kvm 1:2.5+dfsg-5ubuntu10.29 arm64 QEMU Full
virtualization
ii qemu-system-arm 1:2.5+dfsg-5ubuntu10.29 arm64 QEMU full
system emulation binaries (arm)
ii qemu-system-common 1:2.5+dfsg-5ubuntu10.29 arm64 QEMU full
system emulation binaries (common files)
ii qemu-utils 1:2.5+dfsg-5ubuntu10.29 arm64 QEMU utilities
This works just fine for me, so lets try to find what exactly is different in
your case.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1772538
Title:
Can't start arm64 VM due to apparmor error.
Status in apparmor package in Ubuntu:
New
Status in libvirt package in Ubuntu:
New
Bug description:
I can create an aarch64 VM but when I go to start the VM I see this
error:
$ virsh start legal-coyote
error: Failed to start domain legal-coyote
error: internal error: cannot load AppArmor profile
'libvirt-9728b707-1f47-4cd7-a4ca-6eddf5d98d04'
This was on a brand new ubuntu 16.04.4 install. Below are the steps
that were executed, including what produced there error as well as
some system information.
1. $ sudo apt update && sudo apt upgrade && sudo apt install emacs
libvirt-bin qemu-system-arm qemu-efi
2. Created a VM with MAAS.
3. $ virsh list --all
Id Name State
----------------------------------------------------
- legal-coyote shut off
4. $ virsh dumpxml legal-coyote
<domain type='kvm'>
<name>legal-coyote</name>
<uuid>9728b707-1f47-4cd7-a4ca-6eddf5d98d04</uuid>
<memory unit='KiB'>1048576</memory>
<currentMemory unit='KiB'>1048576</currentMemory>
<vcpu placement='static'>1</vcpu>
<os>
<type arch='aarch64' machine='virt'>hvm</type>
<loader readonly='yes' type='pflash'>
/usr/share/AAVMF/AAVMF_CODE.fd
</loader>
<nvram>/usr/share/AAVMF/AAVMF_VARS.fd</nvram>
<boot dev='network'/>
<boot dev='hd'/>
</os>
<features>
<gic version='3'/>
</features>
<cpu mode='host-passthrough'/>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
<emulator>/usr/bin/qemu-system-aarch64</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='raw'/>
<source
file='/var/lib/libvirt/maas-images/796e5e0f-ab62-4e44-8189-bbc754635e0b'/>
<target dev='vda' bus='virtio'/>
<address type='virtio-mmio'/>
</disk>
<controller type='pci' index='0' model='pcie-root'/>
<controller type='pci' index='1' model='dmi-to-pci-bridge'>
<model name='i82801b11-bridge'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01'
function='0x0'/>
</controller>
<controller type='pci' index='2' model='pci-bridge'>
<model name='pci-bridge'/>
<target chassisNr='2'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x01'
function='0x0'/>
</controller>
<interface type='network'>
<mac address='52:54:00:42:7e:02'/>
<source network='default'/>
<model type='virtio'/>
<address type='virtio-mmio'/>
</interface>
<serial type='pty'>
<target port='0'/>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
</devices>
</domain>
5. $ virsh start legal-coyote
error: Failed to start domain legal-coyote
error: internal error: cannot load AppArmor profile
'libvirt-9728b707-1f47-4cd7-a4ca-6eddf5d98d04'
6. Checking dmesg...
[ 726.425389] virbr0: $ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.4 LTS
Release: 16.04
Codename: xenialport 1(virbr0-nic) entered listening state
[ 726.425419] virbr0: port 1(virbr0-nic) entered listening state
[ 727.959553] virbr0: port 1(virbr0-nic) entered disabled state
[ 896.933127] audit: type=1400 audit(1526946784.127:18): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/proc/9083/auxv" pid=9083 comm="virt-aa-helper" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
[ 896.933169] audit: type=1400 audit(1526946784.127:19): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/proc/9083/auxv" pid=9083 comm="virt-aa-helper" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
[ 896.933846] audit: type=1400 audit(1526946784.127:20): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/proc/9083/auxv" pid=9083 comm="virt-aa-helper" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
[ 896.933890] audit: type=1400 audit(1526946784.127:21): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/proc/9083/auxv" pid=9083 comm="virt-aa-helper" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
[ 896.937130] audit: type=1400 audit(1526946784.131:22): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/var/lib/libvirt/maas-images/796e5e0f-ab62-4e44-8189-bbc754635e0b"
pid=9083 comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
[ 943.086388] audit: type=1400 audit(1526946830.280:23): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/proc/9174/auxv" pid=9174 comm="virt-aa-helper" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
[ 943.086429] audit: type=1400 audit(1526946830.280:24): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/proc/9174/auxv" pid=9174 comm="virt-aa-helper" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
[ 943.087171] audit: type=1400 audit(1526946830.280:25): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/proc/9174/auxv" pid=9174 comm="virt-aa-helper" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
[ 943.087214] audit: type=1400 audit(1526946830.280:26): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/proc/9174/auxv" pid=9174 comm="virt-aa-helper" requested_mask="r"
denied_mask="r" fsuid=0 ouid=0
[ 943.090417] audit: type=1400 audit(1526946830.284:27): apparmor="DENIED"
operation="open" profile="/usr/lib/libvirt/virt-aa-helper"
name="/var/lib/libvirt/maas-images/796e5e0f-ab62-4e44-8189-bbc754635e0b"
pid=9174 comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
7. $ dpkg -l | grep libvirt
ii libvirt-bin 1.3.1-1ubuntu10.23
arm64 programs for the libvirt library
ii libvirt0:arm64 1.3.1-1ubuntu10.23
arm64 library for interfacing with different virtualization systems
8. $ dpkg -l | grep qemu
ii ipxe-qemu 1.0.0+git-20150424.a25a16d-1ubuntu1.2
all PXE boot firmware - ROM images for qemu
ii qemu-block-extra:arm64 1:2.5+dfsg-5ubuntu10.29
arm64 extra block backend modules for qemu-system and qemu-utils
ii qemu-efi 0~20160408.ffea0a2c-2
all UEFI firmware for virtual machines
ii qemu-system-arm 1:2.5+dfsg-5ubuntu10.29
arm64 QEMU full system emulation binaries (arm)
ii qemu-system-common 1:2.5+dfsg-5ubuntu10.29
arm64 QEMU full system emulation binaries (common files)
ii qemu-utils 1:2.5+dfsg-5ubuntu10.29
arm64 QEMU utilities
9. $ dpkg -l | grep apparmor
ii apparmor 2.10.95-0ubuntu2.9
arm64 user-space parser utility for AppArmor
ii libapparmor-perl 2.10.95-0ubuntu2.9
arm64 AppArmor library Perl bindings
ii libapparmor1:arm64 2.10.95-0ubuntu2.9
arm64 changehat AppArmor library
10. $ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.4 LTS
Release: 16.04
Codename: xenial
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1772538/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
