kernel-packages team mailing list archive

[Steve Beattie <sbeattie@xxxxxxxxxx>]

Hrm, this looks like it might be a legit regression. 4.4.0-8 passes the
test, while 4.4.0-9.X is failing. In both instances,
/proc/sys/kernel/yama/ptrace_scope is set to 1. It looks like cousin
processes are allowed to ptrace each other, which yama's ptrace
restrictions should prevent.

Looking at the git commits between tags Ubuntu-4.4.0-8.23 and
Ubuntu-4.4.0-9.24, the following commits stand out as being ptrace
relevent:

  commit 969624b7c1c8c9784651eb97431e6f2bbb7a024c
  Author: Jann Horn <jann@xxxxxxxxx>
  Date:   Wed Jan 20 15:00:04 2016 -0800
  ptrace: use fsuid, fsgid, effective creds for fs access checks
  upstream commit caaee6234d05a58c5b4d05e7bf766131b810a657 upstream.

and

  commit a76b8ce7ad1f65a96638f161ff83075de04ec9cc
  Author: Jann Horn <jann@xxxxxxxxx>
  Date:   Sat Dec 12 21:12:41 2015 +0100
  UBUNTU: SAUCE: (noup) ptrace: being capable wrt a process requires mapped uids/gids
  upstream reference https://lkml.org/lkml/2015/12/12/259

But it's not obvious to me why either commit would break this.

** Summary changed:

- linux: ADT test failures with 4.4.0-9.X
+ linux:  4.4.0-9.X fails yama ptrace restrictions tests

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1551894

Title:
  linux:  4.4.0-9.X fails yama ptrace restrictions tests

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  15:55:46 ERROR| [stderr] FAIL: test_093_ptrace_restriction (__main__.KernelSecurityTest)
  15:55:46 ERROR| [stderr] ptrace allowed only on children or declared processes

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1551894/+subscriptions