← Back to team overview

kernel-packages team mailing list archive

[Bug 1201444] Re: linux and linux-signed may becomes skewed due to loose dependancy (was Secure boot signature verification of linux kernel is failing with today's images)

 

saucy has seen the end of its life and is no longer receiving any
updates. Marking the saucy task for this ticket as "Won't Fix".

** Changed in: linux-signed-lts-saucy (Ubuntu Saucy)
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1201444

Title:
  linux and linux-signed may becomes skewed due to loose dependancy (was
  Secure boot signature  verification of linux kernel is failing with
  today's images)

Status in linux-signed package in Ubuntu:
  Fix Released
Status in linux-signed-lts-quantal package in Ubuntu:
  Invalid
Status in linux-signed-lts-raring package in Ubuntu:
  Invalid
Status in linux-signed-lts-saucy package in Ubuntu:
  New
Status in linux-signed source package in Precise:
  Invalid
Status in linux-signed-lts-quantal source package in Precise:
  Fix Released
Status in linux-signed-lts-raring source package in Precise:
  Fix Released
Status in linux-signed-lts-saucy source package in Precise:
  New
Status in linux-signed source package in Quantal:
  Fix Released
Status in linux-signed-lts-quantal source package in Quantal:
  Invalid
Status in linux-signed-lts-raring source package in Quantal:
  Invalid
Status in linux-signed-lts-saucy source package in Quantal:
  Won't Fix
Status in linux-signed source package in Raring:
  Fix Released
Status in linux-signed-lts-quantal source package in Raring:
  Invalid
Status in linux-signed-lts-raring source package in Raring:
  Invalid
Status in linux-signed-lts-saucy source package in Raring:
  Won't Fix
Status in linux-signed source package in Saucy:
  Fix Released
Status in linux-signed-lts-quantal source package in Saucy:
  Invalid
Status in linux-signed-lts-raring source package in Saucy:
  Invalid
Status in linux-signed-lts-saucy source package in Saucy:
  Won't Fix

Bug description:
  Secure boot signature  verification of linux kernel (3.10.0-2-generic
  #11) is failing with today's images (20130715)  against the keys
  present in http://bazaar.launchpad.net/~ubuntu-bugcontrol/qa-
  regression-testing/master/files/head:/notes_testing/secure-boot/keys/

  The test_efi_secure_boot_signatures test in static validation test, present in http://bazaar.launchpad.net/~utah/utah/dev/view/head:/utah/isotest/iso_static_validation.py accounts for this test and the failure is as follows,
  --------------------------------------------------------------------------------
  __main__.TestValidateISO.test_efi_secure_boot_signatures

  --------------------------------------------------------------------------------
  DEBUG: Using iso at: /tmp/utah-saucy-desktop-amd64.iso
  INFO: Preparing image: /tmp/utah-saucy-desktop-amd64.iso
  INFO: /tmp/utah-saucy-desktop-amd64.iso is locally available as /tmp/utah-saucy-desktop-amd64.iso
  INFO: Getting image type of /tmp/utah-saucy-desktop-amd64.iso
  DEBUG: bsdtar list command: bsdtar -t -f /tmp/utah-saucy-desktop-amd64.iso
  INFO: Image type is: desktop
  DEBUG: Using normal image
  DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso ./.disk/info
  DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso -O .disk/info
  INFO: Arch is: amd64
  INFO: Series is saucy
  DEBUG: Standard name for this iso is: saucy-desktop-amd64.iso
  DEBUG: Generating verification certificates
  DEBUG: Extracting UEFI boot and kernel images
  DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso ./EFI/BOOT/BOOTx64.EFI
  DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso -O EFI/BOOT/BOOTx64.EFI
  DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso ./EFI/BOOT/grubx64.efi
  DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso -O EFI/BOOT/grubx64.efi
  DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso casper/vmlinuz.efi
  DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso -O casper/vmlinuz.efi
  DEBUG: Verifying UEFI shim
  DEBUG: Verifying UEFI grub
  DEBUG: Detaching kernel signature
  DEBUG: Verifying kernel signature
  ERROR: test_efi_secure_boot_signatures (__main__.TestValidateISO)
  ERROR: Traceback (most recent call last):
    File "/usr/lib/python2.7/unittest/case.py", line 327, in run
      testMethod()
    File "/usr/share/utah/isotest/iso_static_validation.py", line 505, in test_efi_secure_boot_signatures
      self.assertEqual(stdout, 'Signature verification OK\n')
    File "/usr/lib/python2.7/unittest/case.py", line 511, in assertEqual
      assertion_func(first, second, msg=msg)
    File "/usr/lib/python2.7/unittest/case.py", line 504, in _baseAssertEqual
      raise self.failureException(msg)
  AssertionError: 'Signature verification failed\n' != 'Signature verification OK\n'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-signed/+bug/1201444/+subscriptions