Ubuntu
linux-kvm package

test_140_kernel_modules_not_tainted in kernel security test failed with 4.4 X-kvm

Bug #1760654 reported by Po-Hsu Lin
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QA Regression Testing
Fix Released
Undecided
Po-Hsu Lin
linux (Ubuntu)
Invalid
Undecided
Unassigned
Xenial
Invalid
Undecided
Unassigned
linux-kvm (Ubuntu)
Invalid
Undecided
Unassigned
Xenial
Invalid
Undecided
Unassigned

Bug Description

  FAIL: test_140_kernel_modules_not_tainted (__main__.KernelSecurityTest)
  kernel modules are not marked with a taint flag (especially 'E' for TAINT_UNSIGNED_MODULE)
  ----------------------------------------------------------------------
  Traceback (most recent call last):
    File "./test-kernel-security.py", line 1740, in test_140_kernel_modules_not_tainted
      self.fail('Module \'%s\' is tainted: %s' % (fields[0], last_field))
  AssertionError: Module 'signpost' is tainted: (OE)

Steps to reproduce:
  Deploy the node with Xenial 4.4 kernel, install linux-kvm
  sudo apt-get install python-minimal
  git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest-client-tests -b master-next
  git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest
  rm -fr autotest/client/tests
  ln -sf ~/autotest-client-tests autotest/client/tests
  AUTOTEST_PATH=/home/ubuntu/autotest sudo -E autotest/client/autotest-local --verbose autotest/client/tests/ubuntu_qrt_kernel_security/control

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-1019-kvm 4.4.0-1019.24
ProcVersionSignature: User Name 4.4.0-1019.24-kvm 4.4.98
Uname: Linux 4.4.0-1019-kvm x86_64
NonfreeKernelModules: signpost
ApportVersion: 2.20.1-0ubuntu2.15
Architecture: amd64
Date: Mon Apr 2 17:18:25 2018
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: linux-kvm
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1760654

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Revision history for this message
Kamal Mostafa (kamalmostafa) wrote :

This seems to be a false failure caused by test script itself (qa-regression-testing/scripts/test-kernel-security.py):

Here, test_140_kernel_modules_not_tainted is complaining about a module 'signpost' which is a test module that was inserted by an unrelated test case (test_072_strict_devmem) which ran and failed earlier in this run (see bug 1760649). The fault is that test_072_strict_devmem fails to remove its 'signpost' test module at line 768 if that assert at line 766 fails.

@Po-Hsu, could you take a look at fixing test_072_strict_devmem so that it removes 'signpost' regardless of success or failure?

Changed in linux-kvm (Ubuntu Xenial):
status: New → Won't Fix
assignee: nobody → Po-Hsu Lin (cypressyew)
Changed in linux-kvm (Ubuntu):
status: New → Invalid
Changed in linux-kvm (Ubuntu Xenial):
status: Won't Fix → Invalid
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

OK that sounds like an issue in the regression-testing repo, changing bug status accordingly.

I will take a look on my free cycle.
Thanks

Changed in qa-regression-testing:
assignee: nobody → Po-Hsu Lin (cypressyew)
Changed in linux-kvm (Ubuntu Xenial):
assignee: Po-Hsu Lin (cypressyew) → nobody
Revision history for this message
Steve Beattie (sbeattie) wrote :

Kamal, Po-Hsu, thanks for tracking down this issue. I've fixed up the test_072_strict_devmem() test to always rmmod the signpost module if it successfully inserts it. This is committed in qa-r-t in https://git.launchpad.net/qa-regression-testing/commit/?id=147afe7204d8fbf5abe0f70babf704f4a1b202a3 .

Changed in qa-regression-testing:
status: New → Fix Released
Changed in linux (Ubuntu):
status: Incomplete → Invalid
Changed in linux (Ubuntu Xenial):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.