test_095_kernel_symbols_missing_proc_self_stack failed with Xenial kernel

Bug #1802069 reported by Po-Hsu Lin on 2018-11-07
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QA Regression Testing
Steve Beattie
linux-lts-xenial (Ubuntu)

Bug Description

This is a split from bug 1800976, to make it become more specific to a single failure.

This test will fail with the proposed Xenial kernel.

  FAIL: test_095_kernel_symbols_missing_proc_self_stack (__main__.KernelSecurityTest)
  kernel addresses in /proc/self/stack are zeroed out
  Traceback (most recent call last):
    File "./test-kernel-security.py", line 1341, in test_095_kernel_symbols_missing_proc_self_stack
      self._check_pK_files(self._095_kernel_symbols_missing_proc_self_stack, expected=expected)
    File "./test-kernel-security.py", line 1199, in _check_pK_files
    File "./test-kernel-security.py", line 1297, in _095_kernel_symbols_missing_proc_self_stack
      expected, retry=True)
    File "./test-kernel-security.py", line 1136, in _read_twice
      self.assertEqual(rc, 0, regular)
  AssertionError: cat: /proc/self/stack: Permission denied

From Khaled's comment #1 in that bug:

    The commit "c714676a1 proc: restrict kernel stack dumps to root" (part of the update to linux-stable 4.4.160) has changed the permissions of /proc/self/stack to be root- and CAP_SYS_ADMIN-only which is causing test_095_kernel_symbols_missing_proc_self_stack to fail

So we might need to fix this from the test case perspective.

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: linux-image-4.4.0-139-generic 4.4.0-139.165~14.04.1
ProcVersionSignature: User Name 4.4.0-139.165~14.04.1-generic 4.4.160
Uname: Linux 4.4.0-139-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.29
Architecture: amd64
Date: Wed Nov 7 08:13:40 2018
SourcePackage: linux-lts-xenial
UpgradeStatus: No upgrade log present (probably fresh install)

Po-Hsu Lin (cypressyew) wrote :
Changed in ubuntu-kernel-tests:
status: New → Confirmed
tags: added: xenial
Po-Hsu Lin (cypressyew) wrote :

So the issue lies within the _read_twice() in test-kernel-security.py script.

The first attempt to cat /proc/self/stack will return 0, as it's reading the file as root.
The second attempt will failed with "permission denied" as we're not allowing regular user to access that file anymore.

But the code in _read_twice() is still expecting it to return a zeroed-out content, like:
$ cat /proc/self/stack
[<0000000000000000>] save_stack_trace_tsk+0x22/0x40
[<0000000000000000>] proc_pid_stack+0xac/0x100
[<0000000000000000>] proc_single_show+0x55/0x90
[<0000000000000000>] seq_read+0xf2/0x3d0
[<0000000000000000>] __vfs_read+0x1b/0x40
[<0000000000000000>] vfs_read+0x86/0x130
[<0000000000000000>] SyS_read+0x55/0xc0
[<0000000000000000>] entry_SYSCALL_64_fastpath+0x22/0xc1
[<0000000000000000>] 0xffffffffffffffff

Thus for 4.4 kernel, we can expect two different behaviour, one is the zeroed-out kernel address, another is the permission denied error.

Steve Beattie (sbeattie) wrote :

Yep, thanks, I'll take a look at fixing that today.

Changed in qa-regression-testing:
status: New → Triaged
assignee: nobody → Steve Beattie (sbeattie)
Steve Beattie (sbeattie) wrote :

I've now adjusted the test take the backported commit into account for 4.4 kernels and going forward for 4.19+ kernels in https://git.launchpad.net/qa-regression-testing/commit/?id=0a556d8677d0acd429becc4f49b5a9c59ff27135 .


Changed in qa-regression-testing:
status: Triaged → Fix Released
Po-Hsu Lin (cypressyew) on 2018-11-14
Changed in linux-lts-xenial (Ubuntu):
status: New → Invalid
Po-Hsu Lin (cypressyew) on 2018-11-15
Changed in ubuntu-kernel-tests:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers