group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1922596] Re: linux ADT test failure with linux/4.4.0-208.240

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Kleber Sacilotto de Souza <1922596@xxxxxxxxxxxxxxxxxx>
Date: Tue, 06 Apr 2021 10:46:35 -0000
Reply-to: Bug 1922596 <1922596@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
test_160_setattr_CVE_2015_1350 from qa-regression-testing/scripts/test-
kernel-security.py assumes that all Ubuntu kernels prior to 4.9 lack the
fix for CVE-2015-1350. The latest Xenial kernel in -proposed
(linux/4.4.0-208.240) has the fixes for this CVE applied, therefore the
testcase needs to be update with something like:

--- a/scripts/test-kernel-security.py
+++ b/scripts/test-kernel-security.py
@@ -1885,8 +1885,8 @@ class KernelSecurityTest(KernelSecurityBaseTest):
         # chown should fail, but also should not clear fs caps
         self.assertShellExitEquals(1, ['sudo', '-u', user, 'chown', user, testbin])
 
-        if not self.kernel_at_least('4.9'):
-            self._skipped("Kernels before 4.9 need to fix CVE-2015-1350")
+        if not self.kernel_at_least('4.4'):
+            self._skipped("Kernels before 4.4 need to fix CVE-2015-1350")
             exp_output = ''
         self.assertShellOutputEquals(exp_output, ['sudo', '-u', user, 'getcap', testbin])


** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-1350

** Also affects: qa-regression-testing
   Importance: Undecided
       Status: New

** Changed in: linux (Ubuntu Xenial)
       Status: Confirmed => Invalid

** Changed in: qa-regression-testing
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1922596

Title:
  linux ADT test failure with linux/4.4.0-208.240

Status in QA Regression Testing:
  Confirmed
Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Xenial:
  Invalid

Bug description:
  This is a scripted bug report about ADT failures while running linux
  tests for linux/4.4.0-208.240 on xenial. Whether this is caused by the
  dep8 tests of the tested source or the kernel has yet to be
  determined.

  Testing failed on:
      amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/amd64/l/linux/20210405_165921_51e87@/log.gz
      i386: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/i386/l/linux/20210405_171150_5e4c6@/log.gz
      ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/ppc64el/l/linux/20210405_171645_a1619@/log.gz
      s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/s390x/l/linux/20210402_051319_d4fe2@/log.gz


  15:47:57 ERROR| [stderr] ======================================================================
  15:47:57 ERROR| [stderr] FAIL: test_160_setattr_CVE_2015_1350 (__main__.KernelSecurityTest)
  15:47:57 ERROR| [stderr] Ensure unpriv user cannot strip setattr attributes via chown() (CVE-2015-1350)
  15:47:57 ERROR| [stderr] ----------------------------------------------------------------------
  15:47:57 ERROR| [stderr] Traceback (most recent call last):
  15:47:57 ERROR| [stderr]   File "./test-kernel-security.py", line 1891, in test_160_setattr_CVE_2015_1350
  15:47:57 ERROR| [stderr]     self.assertShellOutputEquals(exp_output, ['sudo', '-u', user, 'getcap', testbin])
  15:47:57 ERROR| [stderr]   File "/tmp/autopkgtest.UEYHB2/build.S4Z/src/autotest/client/tmp/ubuntu_qrt_kernel_security/src/qa-regression-testing/scripts/testlib.py", line 1206, in assertShellOutputEquals
  15:47:57 ERROR| [stderr]     self.assertEqual(text, out, msg + result + report)
  15:47:57 ERROR| [stderr] AssertionError: Got exit code 0. Looking for exact text "" (sudo -u ubuntu getcap /tmp/setattr-GwRjva/true)
  15:47:57 ERROR| [stderr] Command: 'sudo', '-u', 'ubuntu', 'getcap', '/tmp/setattr-GwRjva/true'
  15:47:57 ERROR| [stderr] Output:
  15:47:57 ERROR| [stderr] /tmp/setattr-GwRjva/true = cap_sys_nice+ep
  15:47:57 ERROR| [stderr] 
  15:47:57 ERROR| [stderr] 
  15:47:57 ERROR| [stderr] ----------------------------------------------------------------------
  15:47:57 ERROR| [stderr] Ran 125 tests in 24.852s
  15:47:57 ERROR| [stderr] 
  15:47:57 ERROR| [stderr] FAILED (failures=1)

To manage notifications about this bug go to:
https://bugs.launchpad.net/qa-regression-testing/+bug/1922596/+subscriptions