[Kernel-packages] [Bug 1786894] Re: test_265_config_retpoline in kernel_security_test failed on 3.13 Precise

Wed, 07 Nov 2018 02:42:02 -0800 

I talked to the security team. There is no reason to check for
CONFIG_RETPOLINE != 'y' in Precise. CONFIG_RETPOLINE should always be
set to 'y', even if the toolchain doesn't support it. There are minimal
mitigations that we get even without toolchain support but for that we
need CONFIG_RETPOLINE enabled.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1786894

Title:
  test_265_config_retpoline in kernel_security_test failed on 3.13
  Precise

Status in ubuntu-kernel-tests:
  Confirmed
Status in linux package in Ubuntu:
  Triaged

Bug description:
  == Justification ==
  In the Precise 3.13 kernel, the CONFIG_RETPOLINE was set to y in commit 
eae992be4, which should be disabled to meet the security team's requirement.

  ======================================================================
   FAIL: test_265_config_retpoline (__main__.KernelSecurityConfigTest)
   Ensure retpoline configuration option is set
   ----------------------------------------------------------------------
   Traceback (most recent call last):
   File "./test-kernel-security.py", line 2445, in test_265_config_retpoline
   self.assertKernelConfig('RETPOLINE', expected)
   File "./test-kernel-security.py", line 209, in assertKernelConfig
   self.assertKernelConfigUnset(name)
   File "./test-kernel-security.py", line 200, in assertKernelConfigUnset
   '%s option was expected to be unset in the kernel config' % name)
   AssertionError: RETPOLINE option was expected to be unset in the kernel 
config

  In this test case, this config was expected to be NOT set:
      elif self.lsb_release['Release'] == 12.04:
          self._skipped("RETPOLINE compiler not in precise")
          expected = False
      self.assertKernelConfig('RETPOLINE', expected)

  == Fix ==
  [Precise/lts-backport-trusty][SRU][PATCHv2] Revert "UBUNTU: [Config] 
CONFIG_RETPOLINE=y"

  == Test ==
  The test_265_config_retpoline will pass after disabling CONFIG_RETPOLINE

  == Regression Potential ==
  Minimal.
  No code changes, just a config changes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1786894/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to