Let me clarify better why I'm flagging this as incomplete: 14:20 <rafaeldtinoco> my upstream fix was to qemu 14:20 <rafaeldtinoco> and it fixed the issue by not having the memfd file created 14:20 <rafaeldtinoco> for live migrations.. but there might be cases where there should be one 14:21 <rafaeldtinoco> in those cases, libvirt should be creating the apparmor rule to allow the memfd backing file creation
14:22 <andreas> so the bug is valid for libvirt? 14:22 <andreas> that's question #1 14:22 <andreas> in which case, it's not incomplete, but new, or confirmed, or triaged 14:22 <andreas> question #2 is if it's trusty only 14:22 <rafaeldtinoco> because memfd is not used for all live migration cases we have with openstack 14:22 <rafaeldtinoco> memfd backing file creation was pretty new back then 14:23 <rafaeldtinoco> there was a big discussion whether libvirt should ever touch that 14:23 <rafaeldtinoco> (changing the apparmor to guarantee memfd file creation) 14:24 <rafaeldtinoco> andreas: https://github.com/rafaeldtinoco/work/blob/master/sources/scratch/oldstuff/qemu-idea-patches/0004-vhost-secure-vhost-shared-log-files-using-argv-parem.patch 14:24 <rafaeldtinoco> i tried to create the file through qemu 14:24 <rafaeldtinoco> and there was discussion saying yes and saying no 14:24 <rafaeldtinoco> thats why I think its incomplete 14:24 <rafaeldtinoco> i dont think it was ever decided 14:24 <rafaeldtinoco> and its a corner case not being used 14:24 <andreas> ok -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1613423 Title: Mitaka + Trusty (kernel 3.13) not using apparmor capability by default, when it does, live migration doesn't work (/tmp/memfd-XXX can't be created) To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/1613423/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
