← Back to team overview

canonical-ubuntu-qa team mailing list archive

  1. canonical-ubuntu-qa team
  2. Mailing list archive
  3. Message #06559

[Bug 1811981] Re: test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on B/C/D KVM

  Thread PreviousDate PreviousThread Next 
** Tags added: kernel-daily-bug

-- 
You received this bug notification because you are a member of Canonical
Platform QA Team, which is subscribed to ubuntu-kernel-tests.
https://bugs.launchpad.net/bugs/1811981

Title:
  test_410_config_lock_down_kernel in ubuntu_kernel_security test failed
  on B/C/D KVM

Status in QA Regression Testing:
  Fix Released
Status in ubuntu-kernel-tests:
  Fix Released
Status in linux-kvm package in Ubuntu:
  Fix Released
Status in linux-kvm source package in Bionic:
  Fix Released
Status in linux-kvm source package in Cosmic:
  Won't Fix
Status in linux-kvm source package in Disco:
  Fix Released

Bug description:
  == SRU Justification ==
  Security team requires the CONFIG_LOCK_DOWN_KERNEL to be enabled in all of our kernels.

  == Test ==
  Test kernels could be found here:
  https://people.canonical.com/~phlin/kernel/lp-1811981-kvm-lockdown/
  This issue can be verified with test_410_config_lock_down_kernel
  test from q-r-t, the test will pass with the patched kernel.

  == Regression Potential ==
  Low, we already have this config enabled in the generic kernel.

  
  == Original bug report ==
  Kernel Version: 4.15.0-44.47

  This test has passed on s390x / AMD64 / ARM64 / i386, but failed with
  Power8 and Power9

  FAIL: test_410_config_lock_down_kernel (__main__.KernelSecurityConfigTest)
  Ensure kernel efi lockdown is enabled
  ----------------------------------------------------------------------
  Traceback (most recent call last):
    File "./test-kernel-security.py", line 2668, in test_410_config_lock_down_kernel
      self.assertKernelConfig('LOCK_DOWN_KERNEL', expected)
    File "./test-kernel-security.py", line 207, in assertKernelConfig
      self.assertKernelConfigSet(name)
    File "./test-kernel-security.py", line 194, in assertKernelConfigSet
      '%s option was expected to be set in the kernel config' % name)
  AssertionError: LOCK_DOWN_KERNEL option was expected to be set in the kernel config

To manage notifications about this bug go to:
https://bugs.launchpad.net/qa-regression-testing/+bug/1811981/+subscriptions
  Thread PreviousDate PreviousThread Next