[Kernel-packages] [Bug 718839] Re: QA Regression test kernel-security reports two failures on 2.6.24-28.84 Xen

Thu, 03 Oct 2019 02:41:57 -0700 

Closing this bug with Won't fix as Hardy is no longer supported.
Please feel free to open a new bug report if you're still experiencing this on 
a newer release (Bionic 18.04.3 / Disco 19.04)
Thanks!

** Changed in: linux (Ubuntu)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/718839

Title:
  QA Regression test  kernel-security reports two failures on
  2.6.24-28.84 Xen

Status in linux package in Ubuntu:
  Won't Fix

Bug description:
  Build helper tools ... (8.04) ok
  /proc/$pid/maps is correctly protected ... ok
  ASLR enabled ...  (skipped: boolean on Hardy and earlier) ok
  ASLR of stack ... ok
  ASLR of libs ... ok
  ASLR of mmap ... ok
  ASLR of text ... ok
  ASLR of vdso ... ok
  ASLR of brk ...  (skipped: only Intrepid and later) ok
  Low memory allocation respects mmap_min_addr ... ok
  AppArmor loaded ... ok
  PR_SET_SECCOMP works ... ok
  /dev/kmem not available ... ok
  SYN cookies is enabled ...  (skipped: only Jaunty and later) ok
  init's CAPABILITY list is clean ... ok
  init missing READ_IMPLIES_EXEC ...  (heap check) ok
  NX bit is working ... ok
  Userspace stack guard page exists (CVE-2010-2240) ... ok
  CONFIG_COMPAT_BRK disabled ... ok
  CONFIG_DEVKMEM disabled ... ok
  CONFIG_SECURITY enabled ... ok
  CONFIG_SECURITY_SELINUX enabled ... ok
  CONFIG_SYN_COOKIES enabled ... ok
  CONFIG_SECCOMP enabled ... ok
  CONFIG_COMPAT_VDSO disabled ... ok
  CONFIG_DEBUG_RODATA enabled ... FAIL
  CONFIG_DEBUG_SET_MODULE_RONX enabled ...  (skipped: only Natty and later) ok
  CONFIG_SECURITY_APPARMOR enabled ... ok
  CONFIG_STRICT_DEVMEM enabled ... ok
  /dev/mem unreadable for kernel memory ... FAIL
  CONFIG_SECURITY_FILE_CAPABILITIES enabled ...  (skipped: only Intrepid 
through Lucid) ok
  CONFIG_SECURITY_SMACK enabled ...  (skipped: only Intrepid and later) ok
  CONFIG_DEFAULT_MMAP_MIN_ADDR ...  (SECURITY_DEFAULT_MMAP_MIN_ADDR)  (skipped: 
only Jaunty and later) ok
  CONFIG_CC_STACKPROTECTOR set ... ok
  Kernel stack guard ...  (skipped: only Karmic and later) ok
  Sysctl to disable module loading exists ...  (skipped: only Karmic and later) 
ok
  Symlinks not followable across differing uids in sticky directories ...  
(skipped: only Maverick and later) ok
  Hardlink disallowed for unreadable/unwritable sources ...  (skipped: only 
Maverick and later) ok
  PTRACE allowed only on children or declared processes ...  (skipped: only 
Maverick and later) ok
  Make sure rare network modules do not autoload ...  (skipped: only Natty and 
later) ok
  Make sure kernel addresses in kallsyms and modules are zeroed out ...  
(skipped: only Natty and later) ok
  Make sure kernel addresses in /boot/ are not world readable ...  (skipped: 
only Natty and later) ok

  ======================================================================
  FAIL: CONFIG_DEBUG_RODATA enabled
  ----------------------------------------------------------------------
  Traceback (most recent call last):
    File "./test-kernel-security.py", line 518, in test_72_config_debug_rodata
      self.assertEqual(self._test_config('DEBUG_RODATA'), expected)
  AssertionError: False != True

  ======================================================================
  FAIL: /dev/mem unreadable for kernel memory
  ----------------------------------------------------------------------
  Traceback (most recent call last):
    File "./test-kernel-security.py", line 585, in test_72_strict_devmem
      self.assertShellExitEquals(expected, ['./readmem'])
    File "/home/ubuntu/qrt-test-kernel/testlib.py", line 648, in 
assertShellExitEquals
      self.assertEquals(expected, rc, msg + result + report)
  AssertionError: Got exit code 4, expected 0
  Command: './readmem'
  Output:
  0x1000 ... readable
  0x2000 ... readable
  0x4000 ... readable
  0x8000 ... readable
  0x10000 ... readable
  0x20000 ... readable
  0x40000 ... readable
  0x80000 ... readable
  0x100000 ... readable
  0x200000 ... readable
  0x400000 ... readable
  0x800000 ... readable
  0x1000000 ... readable
  0x2000000 ... readable
  0x4000000 ... readable
  0x8000000 ... readable
  0x10000000 ... readable
  0x20000000 ... readable
  0x40000000 ... readable
  0x80000000 ... readable
  0x100000000 ... readable
  0x200000000 ... readable
  0x400000000 ... readable
  0x800000000 ... readable
  0x1000000000 ... readable
  0x2000000000 ... readable
  0x4000000000 ... readable
  0x8000000000 ... readable
  0x10000000000 ... readable
  0x20000000000 ... readable
  0x40000000000 ... readable
  0x80000000000 ... readable
  0x100000000000 ... readable
  0x200000000000 ... readable
  0x400000000000 ... readable
  0x800000000000 ... readable
  0x1000000000000 ... missing, ran off end of physical memory
  FAIL: scanned memory, got successful reads, and no EPERMs

  
  ----------------------------------------------------------------------
  Ran 42 tests in 5.262s

  FAILED (failures=2)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/718839/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to