[Kernel-packages] [Bug 1201444] Re: linux and linux-signed may becomes skewed due to loose dependancy (was Secure boot signature verification of linux kernel is failing with today's images)

Rolf Leggewie Thu, 04 Dec 2014 22:27:07 -0800

raring has seen the end of its life and is no longer receiving any
updates. Marking the raring task for this ticket as "Won't Fix".


** Changed in: linux-signed-lts-saucy (Ubuntu Raring)
       Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1201444

Title:
  linux and linux-signed may becomes skewed due to loose dependancy (was
  Secure boot signature  verification of linux kernel is failing with
  today's images)

Status in linux-signed package in Ubuntu:
  Fix Released
Status in linux-signed-lts-quantal package in Ubuntu:
  Invalid
Status in linux-signed-lts-raring package in Ubuntu:
  Invalid
Status in linux-signed-lts-saucy package in Ubuntu:
  New
Status in linux-signed source package in Precise:
  Invalid
Status in linux-signed-lts-quantal source package in Precise:
  Fix Released
Status in linux-signed-lts-raring source package in Precise:
  Fix Released
Status in linux-signed-lts-saucy source package in Precise:
  New
Status in linux-signed source package in Quantal:
  Fix Released
Status in linux-signed-lts-quantal source package in Quantal:
  Invalid
Status in linux-signed-lts-raring source package in Quantal:
  Invalid
Status in linux-signed-lts-saucy source package in Quantal:
  Won't Fix
Status in linux-signed source package in Raring:
  Fix Released
Status in linux-signed-lts-quantal source package in Raring:
  Invalid
Status in linux-signed-lts-raring source package in Raring:
  Invalid
Status in linux-signed-lts-saucy source package in Raring:
  Won't Fix
Status in linux-signed source package in Saucy:
  Fix Released
Status in linux-signed-lts-quantal source package in Saucy:
  Invalid
Status in linux-signed-lts-raring source package in Saucy:
  Invalid
Status in linux-signed-lts-saucy source package in Saucy:
  New

Bug description:
  Secure boot signature  verification of linux kernel (3.10.0-2-generic
  #11) is failing with today's images (20130715)  against the keys
  present in http://bazaar.launchpad.net/~ubuntu-bugcontrol/qa-
  regression-testing/master/files/head:/notes_testing/secure-boot/keys/

  The test_efi_secure_boot_signatures test in static validation test, present 
in 
http://bazaar.launchpad.net/~utah/utah/dev/view/head:/utah/isotest/iso_static_validation.py
 accounts for this test and the failure is as follows,
  
--------------------------------------------------------------------------------
  __main__.TestValidateISO.test_efi_secure_boot_signatures

  
--------------------------------------------------------------------------------
  DEBUG: Using iso at: /tmp/utah-saucy-desktop-amd64.iso
  INFO: Preparing image: /tmp/utah-saucy-desktop-amd64.iso
  INFO: /tmp/utah-saucy-desktop-amd64.iso is locally available as 
/tmp/utah-saucy-desktop-amd64.iso
  INFO: Getting image type of /tmp/utah-saucy-desktop-amd64.iso
  DEBUG: bsdtar list command: bsdtar -t -f /tmp/utah-saucy-desktop-amd64.iso
  INFO: Image type is: desktop
  DEBUG: Using normal image
  DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso 
./.disk/info
  DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso 
-O .disk/info
  INFO: Arch is: amd64
  INFO: Series is saucy
  DEBUG: Standard name for this iso is: saucy-desktop-amd64.iso
  DEBUG: Generating verification certificates
  DEBUG: Extracting UEFI boot and kernel images
  DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso 
./EFI/BOOT/BOOTx64.EFI
  DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso 
-O EFI/BOOT/BOOTx64.EFI
  DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso 
./EFI/BOOT/grubx64.efi
  DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso 
-O EFI/BOOT/grubx64.efi
  DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso 
casper/vmlinuz.efi
  DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso 
-O casper/vmlinuz.efi
  DEBUG: Verifying UEFI shim
  DEBUG: Verifying UEFI grub
  DEBUG: Detaching kernel signature
  DEBUG: Verifying kernel signature
  ERROR: test_efi_secure_boot_signatures (__main__.TestValidateISO)
  ERROR: Traceback (most recent call last):
    File "/usr/lib/python2.7/unittest/case.py", line 327, in run
      testMethod()
    File "/usr/share/utah/isotest/iso_static_validation.py", line 505, in 
test_efi_secure_boot_signatures
      self.assertEqual(stdout, 'Signature verification OK\n')
    File "/usr/lib/python2.7/unittest/case.py", line 511, in assertEqual
      assertion_func(first, second, msg=msg)
    File "/usr/lib/python2.7/unittest/case.py", line 504, in _baseAssertEqual
      raise self.failureException(msg)
  AssertionError: 'Signature verification failed\n' != 'Signature verification 
OK\n'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-signed/+bug/1201444/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1201444] Re: linux and linux-signed may becomes skewed due to loose dependancy (was Secure boot signature verification of linux kernel is failing with today's images)

Reply via email to