ubuntu-kernel-tests

test_520_config_random_trust_cpu in ubuntu_qrt_kernel_security failed on Bionic 4.15

Bug #1990090 reported by Po-Hsu Lin on 2022-09-19

This bug affects 1 person

	Status	Importance	Assigned to
QA Regression Testing	Fix Released	Undecided	Unassigned
ubuntu-kernel-tests	Fix Released	Undecided	Unassigned
linux (Ubuntu)	Invalid	Undecided	Unassigned
Bionic	Invalid	Undecided	Unassigned

Bug Description

Issue found with Bionic 4.15.0-194.205

Test failed with:

Running test: './test-kernel-security.py' distro: 'Ubuntu 18.04' kernel: '4.15.0-194.205 (Ubuntu 4.15.0-194.205-generic 4.15.18)' arch: 'amd64' uid: 0/0 SUDO_USER: 'ubuntu')
test_520_config_random_trust_cpu (__main__.KernelSecurityConfigTest)
Ensure RANDOM_TRUST_CPU is enabled (LP: #1823754) ... FAIL

======================================================================
FAIL: test_520_config_random_trust_cpu (__main__.KernelSecurityConfigTest)
Ensure RANDOM_TRUST_CPU is enabled (LP: #1823754)
----------------------------------------------------------------------
Traceback (most recent call last):
   File "./test-kernel-security.py", line 2976, in test_520_config_random_trust_cpu
     self.assertKernelConfig('RANDOM_TRUST_CPU', expected)
   File "./test-kernel-security.py", line 233, in assertKernelConfig
     self.assertKernelConfigUnset(name)
   File "./test-kernel-security.py", line 224, in assertKernelConfigUnset
     '%s option was expected to be unset in the kernel config' % name)
AssertionError: RANDOM_TRUST_CPU option was expected to be unset in the kernel config

----------------------------------------------------------------------
Ran 1 test in 0.003s

FAILED (failures=1)

Tags:

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2022-09-19: Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1990090

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete
Changed in linux (Ubuntu Bionic):
status:	New → Incomplete

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2022-09-19:

This config has been enabled since 4.15.0-194

$ grep RANDOM_TRUST_CPU /boot/config-4.15.0-19*-generic
/boot/config-4.15.0-194-generic:CONFIG_RANDOM_TRUST_CPU=y

$ ls /boot/config-4.15.0-19*
/boot/config-4.15.0-192-generic /boot/config-4.15.0-193-generic /boot/config-4.15.0-194-generic

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2022-09-19:

This came from commit faf098beb via stable-update 1989374

commit faf098bebba816394afad3772837c0c828dde40e
Author: Kamal Mostafa <email address hidden>
Date: Wed Aug 3 13:13:19 2022 -0700

UBUNTU: [Config] updateconfigs for RANDOM_TRUST_CPU, RANDOM_TRUST_BOOTLOADER

BugLink: https://bugs.launchpad.net/bugs/1989374

Signed-off-by: Kamal Mostafa <email address hidden>
Signed-off-by: Stefan Bader <email address hidden>

diff --git a/debian.master/config/config.common.ubuntu b/debian.master/config/config.common.ubuntu
index c42e79b..90f365d 100644
--- a/debian.master/config/config.common.ubuntu
+++ b/debian.master/config/config.common.ubuntu
@@ -7173,6 +7173,8 @@ CONFIG_RANDOMIZE_BASE=y
CONFIG_RANDOMIZE_MEMORY=y
CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0xa
CONFIG_RANDOMIZE_MODULE_REGION_FULL=y
+CONFIG_RANDOM_TRUST_BOOTLOADER=y
+CONFIG_RANDOM_TRUST_CPU=y
CONFIG_RAPIDIO=y
CONFIG_RAPIDIO_CHMAN=m
CONFIG_RAPIDIO_CPS_GEN2=m

$ git tag --contains faf098beb
Ubuntu-4.15.0-194.205

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2022-09-20:

Comment from lukenow:
@PHLin The test case should definitely be updated for this, we want that config

Revision history for this message

Luke Nowakowski-Krijger (lukenow) wrote on 2022-09-20:

0001-test-kernel-security.py-Update-RANDOM_TRUST_CPU-test.patch Edit (1.6 KiB, text/plain)

I attached a patch that updates the test case in qa-regression-testing, do you know where I would submit this patch or who I would talk to?

Ubuntu Foundations Team Bug Bot (crichton) on 2022-09-20

tags:

added: patch

Revision history for this message

Alex Murray (alexmurray) wrote on 2022-09-20:

@lukenow could you please submit it as a merge request for the QA Regression Testing project in Launchpad? https://code.launchpad.net/qa-regression-testing

Revision history for this message

Luke Nowakowski-Krijger (lukenow) wrote on 2022-09-20:

@alexmurray Submited merge request :) Thanks

Revision history for this message

Steve Beattie (sbeattie) wrote on 2022-09-20:

Applied Luke's patch to the qa-regression-testing repo: https://git.launchpad.net/qa-regression-testing/commit/?id=7fb27c11cc22f99ed39ebb7c04e62b3eccf3ab64 (with added references to this bug report), thanks!

(We happily take merge requests via the above, but can take patches however people submit them, via `git am` in this case.)

Changed in qa-regression-testing:
status:	New → Fix Released
Changed in linux (Ubuntu):
status:	Incomplete → Invalid
Changed in linux (Ubuntu Bionic):
status:	Incomplete → Invalid