Hi, here are a few data points here: 1. This happens on Debian too: https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=1110512
2. I can reproduce the bug except I don't see any AppArmor denial. I haven't tried to reproduce with AppArmor disabled for libvirt. 3. At least in Debian, the libvirt-qemu abstraction is shipped by the libvirt-daemon-driver-qemu package, not AppArmor. ** Bug watch added: Debian Bug tracker #1110512 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110512 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2121832 Title: after recent apt upgrade apparmdenies or virtio graphics access to PCI GPU device Status in apparmor package in Ubuntu: Confirmed Status in libvirt package in Ubuntu: Confirmed Bug description: after an apt update && apt upgrade this morning, a libvirt linux guest that uses virtio gl graphics no longer starts. it appears to trace back to messages logged when the vm is started: [ 831.675127] audit: type=1400 audit(1756755746.150:506): apparmor="DENIED" operation="open" class="file" profile="libvirt-bab34a3b-a169-4d55-af9b-3d36935aa471" name="/sys/devices/pci0000:00/0000:00:08.1/0000:66:00.0/drm/" pid=7954 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 [ 831.675133] audit: type=1400 audit(1756755746.150:507): apparmor="DENIED" operation="open" class="file" profile="libvirt-bab34a3b-a169-4d55-af9b-3d36935aa471" name="/sys/devices/pci0000:00/0000:00:08.1/0000:66:00.0/drm/" pid=7954 comm="qemu-system-x86" requested_mask="r" denied_mask="r" fsuid=64055 ouid=0 [ 831.703052] qemu-system-x86[7954]: segfault at 0 ip 00007e17da469370 sp 00007fff00a2c4f0 error 4 in ui-spice-core.so[a370,7e17da465000+7000] likely on CPU 16 (core 8, socket 0) [ 831.703071] Code: 84 c0 74 26 48 8b 05 07 6c 00 00 80 38 00 74 1a 83 bb 10 01 00 00 00 74 11 80 bb 14 01 00 00 00 75 3e 0f 1f 84 00 00 00 00 00 <8b> 04 25 00 00 00 00 0f 0b 48 8b 05 d0 6b 00 00 66 83 38 00 74 b7 [ 831.732226] audit: type=1400 audit(1756755746.208:508): apparmor="DENIED" operation="mknod" class="file" profile="libvirt-bab34a3b-a169-4d55-af9b-3d36935aa471" name="/core.7954" pid=7954 comm="qemu-system-x86" requested_mask="c" denied_mask="c" fsuid=64055 ouid=64055 prior to this upgrade, the vm started properly on this machine running kubuntu 25.10 ProblemType: Bug DistroRelease: Ubuntu 25.10 Package: apparmor 5.0.0~alpha1-0ubuntu4 ProcVersionSignature: Ubuntu 6.16.0-16.16-generic 6.16.0 Uname: Linux 6.16.0-16-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia zfs ApportVersion: 2.33.1-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: KDE Date: Mon Sep 1 12:46:47 2025 ProcKernelCmdline: root=zfs:zroot/ROOT/ubuntu loglevel=4 spl.spl_hostid=0x00bab10c SourcePackage: apparmor UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2121832/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
