Refreshing core snaps on classic, behavior on snaps

Hey

So for a long while we had a bug (https://bugs.launchpad.net/snapd/+bug/1667479) where a refresh of the core snap (or any base snap). This bug is not a problem (as much) on core where the core snap refresh ends up with a reboot. For a good while now whenever a process starts up it would reuse a readily available mount namespace associated with that snap. The problem is that we never had a system for invalidating that “cache” safely when the base snap changes revision.

We discussed this problem before and agreed to invalidate the cache only when there are no more applications (processes) that belong to that snap that are still alive. This ensures that all applications see exactly the same filesystem.

Long story short, we finally got this: I implemented a fix for this earlier today. In the past I tried a slightly different solution that didn’t fully work because of (apparently) bugs in apparmor. My new approach seems to just work and is conceptually very simple.

EDIT: This turned out to actually be as simple as I did stumble over kernel bugs again. Still, it really seems to work, have a look!

After a long discussion with the security team that happened on IRC last night I made this:

This still suffers from the same oddity in how apaprmor works but I included the same workaround in both places (both the v1 and v2 version of this patch).

I simplified the issue down to a small test case and reported a bug on apparmor:

This was fixed a long time ago. I’m just marking it as solved.