← Back to team overview

canonical-ubuntu-qa team mailing list archive

  1. canonical-ubuntu-qa team
  2. Mailing list archive
  3. Message #05412

[Bug 2058422] Re: KernelSecurityTest.test_360_stacksignal_memleak fails

  Thread PreviousDate PreviousThread Next 
I've put some time into researching this yesterday. The -11 exit code
refers to the ./signal-stack executable crashing due to a segmentation
fault. I haven't figured out why this is happening, but it doesn't seem
to indicate vulnerability to the CVE this test is designed for.

The program calls a set of system calls in random order, and there have
been commits to the file before to maintain the set of calls for
different architectures, etc. In fact, we should be masking all
userspace segfaults after a certain point in the program, see here:
https://git.launchpad.net/qa-regression-testing/tree/scripts/kernel-
security/signalstack/signal-stack.c#n188

This leads me to think there's a segfault happening between line 167 and
line 188, since we see output from line 167 in the crash log, and line
188 should mask all segfaults from then on. I haven't been able to
reproduce this error on my own provisioned instances (using the same
instance type and series) so I don't know how to proceed in debugging
this. For now, it's safe to just restart this test when it fails.

-- 
You received this bug notification because you are a member of Canonical
Platform QA Team, which is subscribed to ubuntu-kernel-tests.
https://bugs.launchpad.net/bugs/2058422

Title:
  KernelSecurityTest.test_360_stacksignal_memleak fails

Status in QA Regression Testing:
  New
Status in ubuntu-kernel-tests:
  New

Bug description:
  For s2024.02.04 Bionic:linux-gcp-5.4 on instance n2d-standard-64
  (suite ubuntu_qrt_kernel_security) test case
  KernelSecurityTest.test_360_stacksignal_memleak fails with "Kernel
  memory does not leak to userspace in signalstack (CVE-2009-2847)"

    test_360_stacksignal_memleak (__main__.KernelSecurityTest)
    Kernel memory does not leak to userspace in signalstack (CVE-2009-2847) ... FAIL
    
    ======================================================================
    FAIL: test_360_stacksignal_memleak (__main__.KernelSecurityTest)
    Kernel memory does not leak to userspace in signalstack (CVE-2009-2847)
    ----------------------------------------------------------------------
    Traceback (most recent call last):
      File "./test-kernel-security.py", line 2148, in test_360_stacksignal_memleak
        self.assertShellExitEquals(expected, self._unpriv_cmd(["./signal-stack"]))
      File "/home/ubuntu/autotest/client/tmp/ubuntu_qrt_kernel_security/src/qa-regression-testing/scripts/testlib.py", line 1321, in assertShellExitEquals
        self.assertEqual(expected, rc, msg + result + report)
    AssertionError: Got exit code -11, expected 0
    Command: 'sudo', '-u', 'ubuntu', './signal-stack'
    Output:
    [+] Checking platform...
    [+] sizeof(stack_t) = 24
    [+] Correct size, 64-bit platform.
    [+] Checking for stack_t hole...
    [+] ss_flags end (12) != ss_size start (16)
    [+] Hole in stack_t present!
    [+] Ready to call sigaltstack.
    
    
    
    ----------------------------------------------------------------------
    Ran 1 test in 0.096s
    
    FAILED (failures=1)
  16:25:18 INFO | 	END ERROR	ubuntu_qrt_kernel_security.KernelSecurityTest.test_360_stacksignal_memleak	

  This particular test case has not failed on any previous cycles for
  Bionic:linux-gcp-5.4, but the failure is the same between run #1 and
  #2 of the test. A 3rd run is in progress, and if the results are any
  different I will link them here.

  I have attached the full console output to this bug as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qa-regression-testing/+bug/2058422/+subscriptions

References

  Thread PreviousDate PreviousThread Next