[Bug 2052789] [NEW] AppArmor profiles missing in kernel 5.15.0-1051+ release

Launchpad Bug Tracker 2052789 at bugs.launchpad.net
Thu Apr 4 20:23:04 UTC 2024 

You have been subscribed to a public bug by Ubuntu Foundations Team Bug Bot (crichton):

After the kernel roll to linux-gcp-5.15 to version
5.15.0-1051.59_20.04.1 the public cloud team pre publication test were
failing on our snap_preseed_optimized test which checks to ensure that
snaps are preseeded correctly

This test checks the output of `snap debug seeding` to assert `seed-
completion` is present and not empty.

``
❯ snap debug seeding
seeded:            true
preseeded:         true
image-preseeding:  39.367s
seed-completion:   1.335s
```

If `/var/lib/snapd/seed/seed.yaml` exists it also asserts that
`preseeded` is present and not empty.

With the recent kernel update this test is failing which indicates a kernel feature mismatch between
the running kernel and the feature set hard-coded in livecd-rootfs for this image.
Boot will be slowed by ~200ms until this is resolved in livecd-rootfs.

This solution is to add a 5.15 apparmor configuration to the focal
branch of livecd-rootfs

The issue is also present with the recent 5.15 kernels in Jammy.

Related bugs LP: #2031943 and LP: #2045384

[ Impact ]

Boot will be slowed by ~200ms until this is resolved in livecd-rootfs

[ Test Plan ]

 * for focal build any cloud image with preseeded snaps with HWE 5.15 kernel
 * for jammy build any cloud image with preseeded snaps with up to date 5.15 kernel
 * boot
 * run `snap debug seeding`
 * assert the test described above passes

[ Where problems could occur ]

 * Similar patches already exist for later releases 6.2, 6.5 kernel etc.
and have been used on other private customer kernels and all kernels
released after 22.04, so there is already a good track record for this
patchset and it shouldn't create any issues.

[ Other Info ]

 * This is a time-sensitive issue for a paying customer

** Affects: livecd-rootfs (Ubuntu)
     Importance: Undecided
         Status: Fix Committed

** Affects: livecd-rootfs (Ubuntu Focal)
     Importance: Undecided
         Status: Incomplete

** Affects: livecd-rootfs (Ubuntu Jammy)
     Importance: Undecided
         Status: Fix Released


** Tags: patch verification-done-jammy verification-needed
-- 
AppArmor profiles missing in kernel 5.15.0-1051+ release
https://bugs.launchpad.net/bugs/2052789
You received this bug notification because you are a member of Ubuntu Sponsors, which is subscribed to the bug report.

More information about the Ubuntu-sponsors mailing list