<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<font size="+1">Update: I've figured it out.<br>
</font><br>
<font size="+1"><font size="+1">The bug here was that, even running
as root, I was getting errors like:</font><br>
<br>
</font><font size="+1"><font size="+1">error :
virQEMUCapsNewForBinaryInternal:4687 : internal error: Failed to
probe QEMU binary with<br>
QMP: libvirt: error : prctl failed to enable 'dac_override' in
the AMBIENT set:<br>
Operation not permitted<br>
</font><br>
The reason is that the host has libcap-ng installed. ./configure
uses it if available,<br>
setting WITH_CAPNG in the code. </font><font size="+1"><font
size="+1">I am unsure if this has something to do with<br>
the libcap-ng configuration in this system I'm using or if there
is something<br>
missing in the Libvirt code, but the spawned QEMU process isn't
inheriting the<br>
capabilities it should have.<br>
<br>
</font>Disabling support of this lib with "--with-capng=no" in
autogen.sh and<br>
rebuilding Libvirt fixed the problem. I was even able to see more
NUMA<br>
nodes than I was before using the system libvirt (which is the
original<br>
bug I am/was investigating).<br>
<br>
<br>
Thanks!<br>
<br>
<br>
<br>
<br>
</font><br>
<div class="moz-cite-prefix">On 2/1/19 4:04 PM, Daniel Henrique
Barboza wrote:<br>
</div>
<blockquote type="cite"
cite="mid:ba55ada0-b24a-e157-2a92-be1086c9faa3@gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<font size="+1">Hi,<br>
<br>
I'm facing a strange behavior when running Libvirt from source
code,<br>
latest upstream, on an Ubuntu 18.04.1 LTS Power 9 server. My
QEMU<br>
guest - which is using VFIO and GPU passthrough - breaks on boot
when<br>
trying to allocate a DMA window inside KVM.<br>
<br>
Debugging the code, I've found out that the problem is related
to the process<br>
not having CAP_IPC_LOCK - at least from the host kernel
perspective.<br>
<br>
This is strange because:<br>
<br>
- the same VM running directly from QEMU command line works<br>
- the same VM running in the system Libvirt (v4.0.0, Ubuntu
version)<br>
also works<br>
<br>
What am I missing? My understanding on Linux process is that a
process<br>
running as root should inherit the same capabilities of the
user, which includes<br>
CAP_IPC_LOCK. Running Libvirt from source code should grant
ipc_lock<br>
to it ... right?<br>
<br>
<br>
<br>
Any help is appreciated. I can provide more details (VM XML for
example)<br>
if necessary.<br>
<br>
<br>
Thanks!<br>
</font> </blockquote>
<br>
</body>
</html>