Ubuntu
linux-lts-xenial package

test_095_kernel_symbols_missing_proc_self_stack failed with Xenial kernel

Bug #1802069 reported by Po-Hsu Lin
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QA Regression Testing
Fix Released
Undecided
Steve Beattie
ubuntu-kernel-tests
Fix Released
Undecided
Unassigned
linux-lts-xenial (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

This is a split from bug 1800976, to make it become more specific to a single failure.

This test will fail with the proposed Xenial kernel.

  FAIL: test_095_kernel_symbols_missing_proc_self_stack (__main__.KernelSecurityTest)
  kernel addresses in /proc/self/stack are zeroed out
  ----------------------------------------------------------------------
  Traceback (most recent call last):
    File "./test-kernel-security.py", line 1341, in test_095_kernel_symbols_missing_proc_self_stack
      self._check_pK_files(self._095_kernel_symbols_missing_proc_self_stack, expected=expected)
    File "./test-kernel-security.py", line 1199, in _check_pK_files
      test_function(expected_restricted)
    File "./test-kernel-security.py", line 1297, in _095_kernel_symbols_missing_proc_self_stack
      expected, retry=True)
    File "./test-kernel-security.py", line 1136, in _read_twice
      self.assertEqual(rc, 0, regular)
  AssertionError: cat: /proc/self/stack: Permission denied

From Khaled's comment #1 in that bug:

    The commit "c714676a1 proc: restrict kernel stack dumps to root" (part of the update to linux-stable 4.4.160) has changed the permissions of /proc/self/stack to be root- and CAP_SYS_ADMIN-only which is causing test_095_kernel_symbols_missing_proc_self_stack to fail

So we might need to fix this from the test case perspective.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: linux-image-4.4.0-139-generic 4.4.0-139.165~14.04.1
ProcVersionSignature: User Name 4.4.0-139.165~14.04.1-generic 4.4.160
Uname: Linux 4.4.0-139-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.29
Architecture: amd64
Date: Wed Nov 7 08:13:40 2018
SourcePackage: linux-lts-xenial
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :
Changed in ubuntu-kernel-tests:
status: New → Confirmed
tags: added: xenial
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

So the issue lies within the _read_twice() in test-kernel-security.py script.

The first attempt to cat /proc/self/stack will return 0, as it's reading the file as root.
The second attempt will failed with "permission denied" as we're not allowing regular user to access that file anymore.

But the code in _read_twice() is still expecting it to return a zeroed-out content, like:
$ cat /proc/self/stack
[<0000000000000000>] save_stack_trace_tsk+0x22/0x40
[<0000000000000000>] proc_pid_stack+0xac/0x100
[<0000000000000000>] proc_single_show+0x55/0x90
[<0000000000000000>] seq_read+0xf2/0x3d0
[<0000000000000000>] __vfs_read+0x1b/0x40
[<0000000000000000>] vfs_read+0x86/0x130
[<0000000000000000>] SyS_read+0x55/0xc0
[<0000000000000000>] entry_SYSCALL_64_fastpath+0x22/0xc1
[<0000000000000000>] 0xffffffffffffffff

Thus for 4.4 kernel, we can expect two different behaviour, one is the zeroed-out kernel address, another is the permission denied error.

Revision history for this message
Steve Beattie (sbeattie) wrote :

Yep, thanks, I'll take a look at fixing that today.

Changed in qa-regression-testing:
status: New → Triaged
assignee: nobody → Steve Beattie (sbeattie)
Revision history for this message
Steve Beattie (sbeattie) wrote :

I've now adjusted the test take the backported commit into account for 4.4 kernels and going forward for 4.19+ kernels in https://git.launchpad.net/qa-regression-testing/commit/?id=0a556d8677d0acd429becc4f49b5a9c59ff27135 .

Thanks!.

Changed in qa-regression-testing:
status: Triaged → Fix Released
Po-Hsu Lin (cypressyew)
Changed in linux-lts-xenial (Ubuntu):
status: New → Invalid
Po-Hsu Lin (cypressyew)
Changed in ubuntu-kernel-tests:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.