← Back to team overview

canonical-ubuntu-qa team mailing list archive

  1. canonical-ubuntu-qa team
  2. Mailing list archive
  3. Message #04638

[Bug 2072457] Re: ubuntu_32_on_64 and ubuntu_qrt_kernel_security failed on Google N2D due to 32-bit emulation disabled

  Thread PreviousDate PreviousThread Next 
** Description changed:

  Issue found on Google N2D instances since sru-20240429
  
  Test:
   ubuntu_32_on_64
   ubuntu_qrt_kernel_security
     - KernelSecurityTest.test_020_aslr_dapper_stack
     - KernelSecurityTest.test_022_aslr_hardy_text
     - KernelSecurityTest.test_022_aslr_hardy_vdso
     - KernelSecurityTest.test_022_aslr_intrepid_brk
     - KernelSecurityTest.test_023_aslr_wily_pie
     - KernelSecurityTest.test_381_compat_alloc_userspace
-    - KernelNonSecurityTest.test_10_bad_syscall_returns_ENOSYS
  
  For aslr related tests, they all failed with:
  Command: './aslr32', 'stack', '--verbose'
-  Exec format error: './aslr32'
+  Exec format error: './aslr32'
  
  For test_381_compat_alloc_userspace test, it will try to run:
  Command: 'sudo', '-u', 'ubuntu', './CVE-2010-3081'
-  ./CVE-2010-3081: 1: Syntax error: word unexpected (expecting ")")
+  ./CVE-2010-3081: 1: Syntax error: word unexpected (expecting ")")
  
  From the Makefile this CVE-2010-3081 executable was complied with -m32
  flag.
  
  This is because of commit b82a8dbd3, one of the fixes for
  CVE-2024-25744. This CVE describes vulnerability exhibits in
  confidential computing VMs, and it affects 4.15 and after. Unfortunately
  it is very hard to backport to older kernels so we took the suggestion
  of a upstream maintainer and simply disabled the IA32_EMULATION which
  mitigates the issue. (Thanks to Magali and Yuxuan for the information)

** Description changed:

  Issue found on Google N2D instances since sru-20240429
  
  Test:
   ubuntu_32_on_64
   ubuntu_qrt_kernel_security
     - KernelSecurityTest.test_020_aslr_dapper_stack
     - KernelSecurityTest.test_022_aslr_hardy_text
     - KernelSecurityTest.test_022_aslr_hardy_vdso
     - KernelSecurityTest.test_022_aslr_intrepid_brk
     - KernelSecurityTest.test_023_aslr_wily_pie
     - KernelSecurityTest.test_381_compat_alloc_userspace
  
  For aslr related tests, they all failed with:
  Command: './aslr32', 'stack', '--verbose'
   Exec format error: './aslr32'
  
  For test_381_compat_alloc_userspace test, it will try to run:
  Command: 'sudo', '-u', 'ubuntu', './CVE-2010-3081'
   ./CVE-2010-3081: 1: Syntax error: word unexpected (expecting ")")
  
  From the Makefile this CVE-2010-3081 executable was complied with -m32
  flag.
  
  This is because of commit b82a8dbd3, one of the fixes for
  CVE-2024-25744. This CVE describes vulnerability exhibits in
  confidential computing VMs, and it affects 4.15 and after. Unfortunately
  it is very hard to backport to older kernels so we took the suggestion
  of a upstream maintainer and simply disabled the IA32_EMULATION which
  mitigates the issue. (Thanks to Magali and Yuxuan for the information)
+ 
+ [ 1394.649972] 32-bit emulation disabled. You can reenable with
+ ia32_emulation=on

-- 
You received this bug notification because you are a member of Canonical
Platform QA Team, which is subscribed to ubuntu-kernel-tests.
https://bugs.launchpad.net/bugs/2072457

Title:
  ubuntu_32_on_64 and ubuntu_qrt_kernel_security failed on Google N2D
  due to 32-bit emulation disabled

Status in ubuntu-kernel-tests:
  New

Bug description:
  Issue found on Google N2D instances since sru-20240429

  Test:
   ubuntu_32_on_64
   ubuntu_qrt_kernel_security
     - KernelSecurityTest.test_020_aslr_dapper_stack
     - KernelSecurityTest.test_022_aslr_hardy_text
     - KernelSecurityTest.test_022_aslr_hardy_vdso
     - KernelSecurityTest.test_022_aslr_intrepid_brk
     - KernelSecurityTest.test_023_aslr_wily_pie
     - KernelSecurityTest.test_381_compat_alloc_userspace

  For aslr related tests, they all failed with:
  Command: './aslr32', 'stack', '--verbose'
   Exec format error: './aslr32'

  For test_381_compat_alloc_userspace test, it will try to run:
  Command: 'sudo', '-u', 'ubuntu', './CVE-2010-3081'
   ./CVE-2010-3081: 1: Syntax error: word unexpected (expecting ")")

  From the Makefile this CVE-2010-3081 executable was complied with -m32
  flag.

  This is because of commit b82a8dbd3, one of the fixes for
  CVE-2024-25744. This CVE describes vulnerability exhibits in
  confidential computing VMs, and it affects 4.15 and after.
  Unfortunately it is very hard to backport to older kernels so we took
  the suggestion of a upstream maintainer and simply disabled the
  IA32_EMULATION which mitigates the issue. (Thanks to Magali and Yuxuan
  for the information)

  [ 1394.649972] 32-bit emulation disabled. You can reenable with
  ia32_emulation=on

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/2072457/+subscriptions

References

  Thread PreviousDate PreviousThread Next