Hi Andreas, yes I still have it on my backlog and have been chipping away at it for a while. I have a very rough draft of _some_ of the changes I think will be needed in order to fix this at [1]. Hoping to sit down in the next few weeks to finish that draft so that it passes the tests.
The changes are nontrivial because IIRC we need a reference to a virDomainObj in the AppArmor security driver in order to get information about the running blockjobs (upstream, for good reason, rejected the idea of maintaining a separate XML field with the path we need). Some relevant upstream discussion at [2]. [1] https://code.launchpad.net/~whershberger/ubuntu/+source/libvirt/+git/libvirt/+ref/b4/refactor-sec [2] https://lists.libvirt.org/archives/list/[email protected]/thread/UNNBQCMTOCLILQFBDG75734OCQZIXWQF/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2148220 Title: Concurrent blockcommit causes apparmor denials for layer above `top` (upstream #869) To manage notifications about this bug go to: https://bugs.launchpad.net/libvirt/+bug/2148220/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
