On 1/26/21 2:13 PM, longguang.yue wrote:
Hi, all:
there is no error when launch qemu-kvm from cli directly, but vm fails to start via libvirtd.
i have tried to chmod 0666 /dev/vhost-vsock.
error: internal error: qemu unexpectedly closed the monitor: 2021-01-26T13:06:06.403097Z qemu-kvm: -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=4: vhost-vsock: failed to open vhost device: Unknown error -13
Errno 13 is EACCES (Permission denied) which means that libvirt didn't
set seclabel on something ...
<qemu:commandline>
<qemu:arg value='-device'/>
<qemu:arg value='vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=4'/>
</qemu:commandline>
.. and this is explains why. Anything that's added via qemu commandline
passthru is opaque to libvirt. Libvirt does not examine it, nor it sets
any labels, nothing. If you use it, you're on your own. However, vsock
was added to libvirt (almost 3 years ago) and instead of passing through
a command line you can define vsock device:
https://libvirt.org/formatdomain.html#vsock
For instance like this:
<vsock model='virtio'>
<cid auto='no' address='3'/>
</vsock>
Michal
