mirror of
https://git.launchpad.net/livecd-rootfs
synced 2025-02-23 03:11:12 +00:00
bd1690bd16
Jammy HWE is rolling to 5.19. the 5.19 kernel introduced more apparmor features, specifically ipc. due to the roll, we now must support builds with 2 different feature sets. This specifically affects snap-preseeding, where if a snap_preseed is run with a mismatched apparmor feature set, snap will require a restart to match the running kernel's feature set. in the clouds, this can add somehwere between 5-10s (as of checks on 20230404). This is a large boot time performance hit. Implementation is done at the `snap_validate_seed` function level. This function is called in snap scenarios. It checks for an installed kernel in the chroot, gets the major.min version, and checks for apparmor/$KERN. If found, it will do a copy of the directory, providing a naive override mechanism. For CPC builds, we are adding a call to `snap_validate_seed` at the end of affected hooks as well. This is a safe procedure to call, as it reruns the snap_preseed for all snaps. By running at the end of build processes, it ensures that any kernel changes done during the build are taken into account.