[Kernel-packages] [Bug 1909647] Re: xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases

[Launchpad Bug Tracker]

This bug was fixed in the package linux-oem-5.6 - 5.6.0-1053.57

---------------
linux-oem-5.6 (5.6.0-1053.57) focal; urgency=medium

  * focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker (LP: #1921042)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key
    (LP: #1918134)
    - [Packaging] sync dkms-build et al from LRMv4

  * CVE-2021-29154
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64
    - SAUCE: bpf, x86: Validate computation of branch displacements for x86-32

  * xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-
    cases (LP: #1909647)
    - selftests: xfrm: fix test return value override issue in xfrm_policy.sh

  * ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255
    on F-oem-5.6 (LP: #1919147)
    - selftests: net: ip_defrag: modprobe missing nf_defrag_ipv6 support

  * l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with
    "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on
    F-OEM-5.6 (LP: #1919277)
    - l2tp: remove skb_dst_set() from l2tp_xmit_skb()

  * CVE-2020-0466
    - epoll: Keep a reference on files added to the check list
    - do_epoll_ctl(): clean the failure exits up a bit
    - fix regression in "epoll: Keep a reference on files added to the check 
list"

  * CVE-2021-3178
    - nfsd4: readdirplus shouldn't return parent of export

  * CVE-2020-25285
    - mm/hugetlb: fix a race between hugetlb sysctl handlers

  * CVE-020-10781
    - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"

  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function

  * CVE-2020-25669
    - Input: sunkbd - avoid use-after-free in teardown paths

  * CVE-2020-14390
    - fbcon: remove soft scrollback code

  * CVE-2021-3411
    - x86/kprobes: Fix optprobe to detect INT3 padding correctly

  * CVE-2020-0423
    - binder: fix UAF when releasing todo list

  * CVE-2020-27830
    - speakup: Reject setting the speakup line discipline outside of speakup

  * CVE-2020-0465
    - HID: core: Correctly handle ReportSize being zero
    - HID: core: Sanitize event code and type when mapping input

  * CVE-2020-25645
    - geneve: add transport ports in route lookup for geneve

  * CVE-2021-20194
    - bpf, cgroup: Fix optlen WARN_ON_ONCE toctou
    - bpf, cgroup: Fix problematic bounds check

  * CVE-2020-36158
    - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start

 -- Stefan Bader <stefan.ba...@canonical.com>  Fri, 09 Apr 2021 16:43:44
+0200

** Changed in: linux-oem-5.6 (Ubuntu Focal)
       Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-0423

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-0465

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-0466

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-14351

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-14390

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25285

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25645

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25669

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-27830

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-36158

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20194

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29154

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3178

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3411

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-5.6 in Ubuntu.
https://bugs.launchpad.net/bugs/1909647

Title:
  xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed
  sub-cases

Status in ubuntu-kernel-tests:
  In Progress
Status in linux package in Ubuntu:
  Fix Released
Status in linux-oem-5.6 package in Ubuntu:
  Invalid
Status in linux source package in Bionic:
  Invalid
Status in linux-oem-5.6 source package in Bionic:
  Invalid
Status in linux source package in Focal:
  Fix Released
Status in linux-oem-5.6 source package in Focal:
  Fix Released
Status in linux source package in Groovy:
  Fix Released
Status in linux-oem-5.6 source package in Groovy:
  Invalid
Status in linux source package in Hirsute:
  Fix Released
Status in linux-oem-5.6 source package in Hirsute:
  Invalid

Bug description:
  [Impact]
  Even with failed cases reported in the xfrm_policy.sh test, the overall 
result is still "PASS"
  $ sudo ./xfrm_policy.sh
   # selftests: net: xfrm_policy.sh
   # PASS: policy before exception matches
   # FAIL: expected ping to .254 to fail (exceptions)
   # PASS: direct policy matches (exceptions)
   # PASS: policy matches (exceptions)
   # FAIL: expected ping to .254 to fail (exceptions and block policies)
   # PASS: direct policy matches (exceptions and block policies)
   # PASS: policy matches (exceptions and block policies)
   # FAIL: expected ping to .254 to fail (exceptions and block policies after 
hresh changes)
   # PASS: direct policy matches (exceptions and block policies after hresh 
changes)
   # PASS: policy matches (exceptions and block policies after hresh changes)
   # FAIL: expected ping to .254 to fail (exceptions and block policies after 
hthresh change in ns3)
   # PASS: direct policy matches (exceptions and block policies after hthresh 
change in ns3)
   # PASS: policy matches (exceptions and block policies after hthresh change 
in ns3)
   # FAIL: expected ping to .254 to fail (exceptions and block policies after 
htresh change to normal)
   # PASS: direct policy matches (exceptions and block policies after htresh 
change to normal)
   # PASS: policy matches (exceptions and block policies after htresh change to 
normal)
   # PASS: policies with repeated htresh change
   ok 12 selftests: net: xfrm_policy.sh
  $ echo $?
  0

  This is because of the variable "lret" in check_xfrm() is not a local
  variable, and it looks like it will override the one in
  check_exceptions() thus making the return value become 0 for the
  passed test case after the failed one.

  [Fix]
  * f6e9ceb7a7fc32 (" selftests: xfrm: fix test return value override issue in 
xfrm_policy.sh")

  Focal kernel got this patch via stable update, and we don't have this
  test in Bionic. Only Groovy and OEM-5.6 are affected.

  This patch can be cherry-picked into all of the affected kernels.

  [Test]
  Run the xfrm_policy.sh test, if there is any failed case the final result 
will not be 0.

  [Regression Potential]
  This change is just for testing tools, it's unlikely to affect real kernel 
functionality. However it's expected to generate failures in our test report as 
it's reflecting the real test result.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1909647/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp