[Canonical-hw-cert] [Bug 2052046] Re: jammy/linux-azure-fips: 5.15.0-1058.66+fips1 -proposed tracker

Wed, 28 Feb 2024 13:03:52 -0800 

Tested secure boot and kernel lockdown on both arm64 and x86_64:

ubuntu@j-azure-fips:~$ uname -a
Linux j-azure-fips 5.15.0-1058-azure-fips #66+fips1-Ubuntu SMP Tue Feb 27 
13:37:55 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux
ubuntu@j-azure-fips:~$ sudo dmesg | grep -i "secure boot" | head -n2
[    0.000000] secureboot: Secure boot enabled
[    0.000000] Kernel is locked down from EFI Secure Boot mode; see man 
kernel_lockdown.7
ubuntu@j-azure-fips:~$ cat /sys/kernel/security/lockdown
none [integrity] confidentiality

ubuntu@j-azure-fips:~$ uname -a
Linux j-azure-fips 5.15.0-1058-azure-fips #66+fips1-Ubuntu SMP Tue Feb 27 
13:29:42 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
ubuntu@j-azure-fips:~$ sudo dmesg | grep -i "secure boot" | head -n2
[    0.000000] secureboot: Secure boot enabled
[    0.000000] Kernel is locked down from EFI Secure Boot mode; see man 
kernel_lockdown.7
ubuntu@j-azure-fips:~$ cat /sys/kernel/security/lockdown
none [integrity] confidentiality


** Changed in: kernel-sru-workflow/signing-signoff
       Status: In Progress => Fix Committed

** Changed in: kernel-sru-workflow/signing-signoff
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of hardware-
certification-users, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2052046

Title:
  jammy/linux-azure-fips: 5.15.0-1058.66+fips1 -proposed tracker

Status in canonical-signing-jobs task00 series:
  In Progress
Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow abi-testing series:
  Invalid
Status in Kernel SRU Workflow automated-testing series:
  Invalid
Status in Kernel SRU Workflow boot-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Invalid
Status in Kernel SRU Workflow new-review series:
  Fix Released
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-generate series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrg series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrm series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-lrs series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-signing-to-proposed series:
  Invalid
Status in Kernel SRU Workflow promote-to-proposed series:
  In Progress
Status in Kernel SRU Workflow promote-to-security series:
  Invalid
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  New
Status in Kernel SRU Workflow security-signoff series:
  Invalid
Status in Kernel SRU Workflow signing-signoff series:
  Fix Released
Status in Kernel SRU Workflow sru-review series:
  Fix Released
Status in Kernel SRU Workflow stakeholder-signoff series:
  New
Status in Kernel SRU Workflow verification-testing series:
  New
Status in linux source package in Jammy:
  New

Bug description:
  This bug will contain status and test results related to a kernel
  source (or snap) as stated in the title.

  For an explanation of the tasks and the associated workflow see:
    https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  built:
    from: 691797834a1fc012
    route-entry: 1
  delta:
    promote-to-proposed: [lrm, lrs, main, meta, signed, lrg, generate]
  flag:
    boot-testing-requested: true
    stream-from-cycle: true
  issue: KSRU-11008
  kernel-stable-master-bug: 2052049
  packages:
    generate: linux-generate-azure-fips
    lrg: linux-restricted-generate-azure-fips
    lrm: linux-restricted-modules-azure-fips
    lrs: linux-restricted-signatures-azure-fips
    main: linux-azure-fips
    meta: linux-meta-azure-fips
    signed: linux-signed-azure-fips
  phase: Promote to Proposed
  phase-changed: Wednesday, 28. February 2024 20:51 UTC
  reason:
    canonical-signing-jobs/task00: Ongoing -s signing request
      in-progress
    promote-to-proposed: Ongoing -- promotion in progress
  synthetic:
    :promote-to-as-proposed: Invalid
  variant: debs
  versions:
    lrm: 5.15.0-1058.66+fips1
    main: 5.15.0-1058.66+fips1
    meta: 5.15.0.1058.47
    signed: 5.15.0-1058.66+fips1
  ~~:
    announce:
      swm-transition-crankable: 2024-02-27 01:36:27.263548
    clamps:
      new-review: 691797834a1fc012
      promote-to-proposed: 691797834a1fc012
      self: 5.15.0-1058.66+fips1
      sru-review: 691797834a1fc012
    tracker:
      last-message: '2024-02-28 20:48:40.022093+00:00'

To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-signing-jobs/task00/+bug/2052046/+subscriptions


-- 
Mailing list: https://launchpad.net/~canonical-hw-cert
Post to     : canonical-hw-cert@lists.launchpad.net
Unsubscribe : https://launchpad.net/~canonical-hw-cert
More help   : https://help.launchpad.net/ListHelp

Reply via email to