Before kernel 4.11 CONFIG_DEBUG_RODATA depended on CONFIG_KERNEL_DEBUG being set, and the 4.4 linux-kvm kernel does not set this option (I assume in the name of performance). I'm therefore fixing up the qrt testcase to not fail in this situation, but only for pre-4.11 kernels. For kernels based on 4.11 and later, where the CONFIG_STRICT_KERNEL_RWX option does not depend on CONFIG_KERNEL_DEBUG being set, the Ubuntu Security Team would like to see CONFIG_STRICT_KERNEL_RWX enabled.
QRT commit https://git.launchpad.net/qa-regression- testing/commit/?id=d7e8c14e20ad00a2bb089c46b28b5f4c0c265849 puts this into place. Thanks. ** Changed in: linux-kvm (Ubuntu Xenial) Status: New => Invalid ** Changed in: linux (Ubuntu Xenial) Status: New => Invalid ** Changed in: linux (Ubuntu) Status: Incomplete => Invalid ** Changed in: qa-regression-testing Status: New => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1760643 Title: test_072_config_debug_rodata in kernel security test failed with 4.4 X-kvm Status in QA Regression Testing: Fix Released Status in linux package in Ubuntu: Invalid Status in linux-kvm package in Ubuntu: New Status in linux source package in Xenial: Invalid Status in linux-kvm source package in Xenial: Invalid Bug description: The test failed with: FAIL: test_072_config_debug_rodata (__main__.KernelSecurityTest) CONFIG_DEBUG_RODATA/CONFIG_STRICT_KERNEL_RWX enabled ---------------------------------------------------------------------- Traceback (most recent call last): File "./test-kernel-security.py", line 642, in test_072_config_debug_rodata self.assertEqual(self._test_config(option), expected) AssertionError: False != True Steps to reproduce: Deploy the node with Xenial 4.4 kernel, install linux-kvm sudo apt-get install python-minimal git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest-client-tests -b master-next git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest rm -fr autotest/client/tests ln -sf ~/autotest-client-tests autotest/client/tests AUTOTEST_PATH=/home/ubuntu/autotest sudo -E autotest/client/autotest-local --verbose autotest/client/tests/ubuntu_qrt_kernel_security/control ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-1019-kvm 4.4.0-1019.24 ProcVersionSignature: User Name 4.4.0-1019.24-kvm 4.4.98 Uname: Linux 4.4.0-1019-kvm x86_64 NonfreeKernelModules: signpost ApportVersion: 2.20.1-0ubuntu2.15 Architecture: amd64 Date: Mon Apr 2 16:54:36 2018 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: linux-kvm UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/qa-regression-testing/+bug/1760643/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp