ubuntu-kernel-tests

cve-2017-17053 from cve test suite in LTP failed

Bug #1830011 reported by Po-Hsu Lin
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ubuntu-kernel-tests
Fix Released
Undecided
Po-Hsu Lin

Bug Description

This CVE (2017-17053)[1] has been fixed in our kernels

However the cve-2017-17053 test in CVE test suite from LTP will complain that:
 tag=cve-2017-17053 stime=1558483177
 cmdline="cve-2017-17053"
 contacts=""
 analysis=exit
 <<>>
 tst_test.c:1096: INFO: Timeout per run is 0h 05m 00s
 tst_taint.c:88: BROK: Kernel is already tainted: 14849

 Summary:
 passed 0
 failed 0
 skipped 0
 warnings 0
 <<>>

This is because there are some other tests failed before this one, and taints the kernel.

[1] https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-17053.html

ProblemType: Bug
DistroRelease: Ubuntu 18.10
Package: linux-image-4.18.0-20-generic 4.18.0-20.21
ProcVersionSignature: User Name 4.18.0-20.21-generic 4.18.20
Uname: Linux 4.18.0-20-generic x86_64
AlsaDevices:
 total 0
 crw-rw---- 1 root audio 116, 1 May 22 09:45 seq
 crw-rw---- 1 root audio 116, 33 May 22 09:45 timer
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay': 'aplay'
ApportVersion: 2.20.10-0ubuntu13.3
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord': 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
Date: Wed May 22 09:49:10 2019
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig': 'iwconfig'
Lsusb: Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: QEMU Standard PC (i440FX + PIIX, 1996)
PciMultimedia:

ProcFB: 0 cirrusdrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.18.0-20-generic root=UUID=2a4b0342-a2dd-4feb-b3e2-9644ca1c4a60 ro
RelatedPackageVersions:
 linux-restricted-modules-4.18.0-20-generic N/A
 linux-backports-modules-4.18.0-20-generic N/A
 linux-firmware 1.175.4
RfKill: Error: [Errno 2] No such file or directory: 'rfkill': 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 04/01/2014
dmi.bios.vendor: SeaBIOS
dmi.bios.version: Ubuntu-1.8.2-1ubuntu1
dmi.chassis.type: 1
dmi.chassis.vendor: QEMU
dmi.chassis.version: pc-i440fx-xenial
dmi.modalias: dmi:bvnSeaBIOS:bvrUbuntu-1.8.2-1ubuntu1:bd04/01/2014:svnQEMU:pnStandardPC(i440FX+PIIX,1996):pvrpc-i440fx-xenial:cvnQEMU:ct1:cvrpc-i440fx-xenial:
dmi.product.name: Standard PC (i440FX + PIIX, 1996)
dmi.product.version: pc-i440fx-xenial
dmi.sys.vendor: QEMU

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Status changed to Confirmed

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Changed in linux (Ubuntu Cosmic):
status: New → Confirmed
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

It's the insmod01_sh test from commands test suite that taints the kernel:

glameow kernel: [271396.718171] ltp_insmod01: loading out-of-tree module taints kernel.
glameow kernel: [271396.718175] ltp_insmod01: module license 'unspecified' taints kernel.
glameow kernel: [271396.718176] Disabling lock debugging due to kernel taint
glameow kernel: [271396.718238] ltp_insmod01: module verification failed: signature and/or required key missing - tainting kernel

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

http://lists.linux.it/pipermail/ltp/2019-May/012200.html

Looks like this was caused by something else.

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

The cause looks like to be the block_dev from kenrel_misc https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1831595

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

It's confirmed that this is caused by the block_dev test from kernel_misc, suggestion from upstream is to run this test separately.

A test shows this can be fix if we move the kernel_misc test to the end.

Changed in ubuntu-kernel-tests:
assignee: nobody → Po-Hsu Lin (cypressyew)
status: New → In Progress
no longer affects: linux (Ubuntu)
no longer affects: linux (Ubuntu Cosmic)
tags: added: ubuntu-ltp-syscalls
tags: added: ubuntu-ltp
removed: ubuntu-ltp-syscalls
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

https://kernel.ubuntu.com/git/ubuntu/autotest-client-tests.git/commit/?id=3e8b51ea9866f8b7f0e49d116b4c95882cc3379d

Changed in ubuntu-kernel-tests:
status: In Progress → Fix Released
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Still can be see on Bionic even with kernel_misc moved to the last.
(node naumann with B-4.15)

This needs to be investigated.

Changed in ubuntu-kernel-tests:
status: Fix Released → Triaged
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Found on B-Azure-5.3 with instance Standard_DS4_v2

tags: added: azure sru-20191021
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Passed with B-AWS-5.0 this cycle (5.0.0-1022.25~18.04.1)

Sean Feole (sfeole)
tags: added: sru-20200127
tags: added: bionic
tags: added: 4.15
tags: added: 5.0
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

After moving kernel_misc out, this issue did not exist anymore.

Changed in ubuntu-kernel-tests:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.