← Back to team overview

touch-packages team mailing list archive

  1. touch-packages team
  2. Mailing list archive
  3. Message #19314

[Bug 1371771] [NEW] premature exit if find corrupted cache files

  Thread PreviousDate PreviousThread Next 
Public bug reported:

2.8.96~2652-0ubuntu4 did this:
  * debian/lib/apparmor/functions: don't pass costly '-n1' to xargs in
    foreach_configured_profile() when loading valid cache files. This used to
    be needed when apparmor_parser would generate different binary caches when
    compiling policy one profile at a time and all at once. That bug is long
    fixed and removing -n1 gives a significant performance improvement for
    boots with valid cache files (~65% on armhf)

This is great except there is a parser bug that if there is a corrupted
cache file, all further cache files fail to load. While it is unusual to
have corrupted cache files, the damage is catastrophic if an early cache
file is corrupt since all remaining policy fails to load and requires
the user to manually delete the corrupted cache files. Fixing the
premature exit will not address corrupt cache files, but will allow the
remaining good cache files to load.

Please see bug #1371765 on how to make cache usage more robust.

** Affects: apparmor (Ubuntu)
     Importance: Critical
     Assignee: John Johansen (jjohansen)
         Status: In Progress


** Tags: rtm14 touch-2014-09-25

** Changed in: apparmor (Ubuntu)
       Status: New => In Progress

** Changed in: apparmor (Ubuntu)
   Importance: Undecided => Critical

** Changed in: apparmor (Ubuntu)
     Assignee: (unassigned) => John Johansen (jjohansen)

** Tags added: rtm14 touch-2014-09-25

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1371771

Title:
  premature exit if find corrupted cache files

Status in “apparmor” package in Ubuntu:
  In Progress

Bug description:
  2.8.96~2652-0ubuntu4 did this:
    * debian/lib/apparmor/functions: don't pass costly '-n1' to xargs in
      foreach_configured_profile() when loading valid cache files. This used to
      be needed when apparmor_parser would generate different binary caches when
      compiling policy one profile at a time and all at once. That bug is long
      fixed and removing -n1 gives a significant performance improvement for
      boots with valid cache files (~65% on armhf)

  This is great except there is a parser bug that if there is a
  corrupted cache file, all further cache files fail to load. While it
  is unusual to have corrupted cache files, the damage is catastrophic
  if an early cache file is corrupt since all remaining policy fails to
  load and requires the user to manually delete the corrupted cache
  files. Fixing the premature exit will not address corrupt cache files,
  but will allow the remaining good cache files to load.

  Please see bug #1371765 on how to make cache usage more robust.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1371771/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next