According to the autopkgtests logs: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/amd64/l/linux/20210405_165921_51e87@/log.gz
The following testcases are now passing as expected with xenial/linux 4.4.0-208.240: test_095_kernel_symbols_missing_kallsyms test_095_kernel_symbols_missing_proc_modules test_095_kernel_symbols_missing_proc_net_tcp test_300_test_kaslr_base ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1922200 Title: linux ADT test failure with linux/4.4.0-207.239 - ubuntu_qrt_kernel_security.test-kernel-security.py Status in linux package in Ubuntu: Invalid Status in linux source package in Xenial: Fix Committed Bug description: [Impact] The backport of upstream commit ad67b74d2469d9b82aaa572d76474c95bc484d57 ("printk: hash addresses printed with %p"), applied to fix CVEs CVE-2018-5953/CVE-2018-5995/CVE-2018-7754 on xenial/linux 4.4.0-207.239, introduced a regression caught by testcases from ubuntu_qrt_kernel_security.test-kernel-security.py testsuite. The failing testcases are: test_095_kernel_symbols_missing_kallsyms test_095_kernel_symbols_missing_proc_modules test_095_kernel_symbols_missing_proc_net_tcp test_300_test_kaslr_base The '095' testcases expect the addresses read by a regular user to be zeroed out and test '300' expects the default address for 'startup_64' to be 'ffffffff81000000' for non-kaslr kernels (<4.15). The applied backport leaks what the address 0x0 hashes to on the /proc interfaces instead of the expected values. Examples: $ head /proc/kallsyms 00000000b845aaf2 A irq_stack_union 00000000b845aaf2 A __per_cpu_start 00000000b845aaf2 A __per_cpu_user_mapped_start 00000000b845aaf2 A vector_irq 00000000b845aaf2 A unsafe_stack_register_backup 00000000b845aaf2 A cpu_debug_store 00000000b845aaf2 A cpu_tss 00000000b845aaf2 A exception_stacks 00000000b845aaf2 A gdt_page 00000000b845aaf2 A espfix_waddr $ sudo head /proc/kallsyms 00000000b845aaf2 A irq_stack_union 00000000b845aaf2 A __per_cpu_start 00000000b845aaf2 A __per_cpu_user_mapped_start 00000000cd84b193 A vector_irq 00000000f271a77b A unsafe_stack_register_backup 00000000b451cc91 A cpu_debug_store 00000000108c2558 A cpu_tss 000000001484be48 A exception_stacks 000000000a1b6bc6 A gdt_page 00000000f38c128a A espfix_waddr $ sudo grep -w startup_64 /proc/kallsyms 0000000028c44c50 T startup_64 [Fix] For the backport to work as expected, we would likely need to backport the following commits as well: 57e734423add vsprintf: refactor %pK code out of pointer() ef0010a30935 vsprintf: don't use 'restricted_pointer()' when not restricting However, this could introduce other regressions as there are several corner cases in this code path. Given that the CVEs which are fixed by this patch are all low or negligible, the best solution seems to be to revert this patch altogether. [Test] Run ubuntu_qrt_kernel_security.test-kernel-security.py tests from the kernel team autotest repository. [Where problems could occur] Reverting this patch can't introduce any regression as it would return the code to the previous state, however it would keep the kernel vulnerable to these CVEs. [Additional Info] Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/amd64/l/linux/20210331_014541_79861@/log.gz i386: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/i386/l/linux/20210331_012734_ec0bc@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/ppc64el/l/linux/20210331_014757_ec0bc@/log.gz s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial/xenial/s390x/l/linux/20210330_031532_e87f8@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1922200/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
