| 2019-01-16 11:19:39 |
Po-Hsu Lin |
bug |
|
|
added bug |
| 2019-01-16 11:19:55 |
Po-Hsu Lin |
tags |
|
bionic ppc64el |
|
| 2019-01-16 11:20:02 |
Po-Hsu Lin |
nominated for series |
|
Ubuntu Bionic |
|
| 2019-01-16 11:23:02 |
Po-Hsu Lin |
bug task added |
|
qa-regression-testing |
|
| 2019-01-16 11:23:40 |
Po-Hsu Lin |
description |
This test has passed on s390x / AMD64 / ARM64 / i386, but failed with Power8 and Power9
FAIL: test_410_config_lock_down_kernel (__main__.KernelSecurityConfigTest)
Ensure kernel efi lockdown is enabled
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-kernel-security.py", line 2668, in test_410_config_lock_down_kernel
self.assertKernelConfig('LOCK_DOWN_KERNEL', expected)
File "./test-kernel-security.py", line 207, in assertKernelConfig
self.assertKernelConfigSet(name)
File "./test-kernel-security.py", line 194, in assertKernelConfigSet
'%s option was expected to be set in the kernel config' % name)
AssertionError: LOCK_DOWN_KERNEL option was expected to be set in the kernel config |
Kernel Version: 4.15.0-44.47
This test has passed on s390x / AMD64 / ARM64 / i386, but failed with Power8 and Power9
FAIL: test_410_config_lock_down_kernel (__main__.KernelSecurityConfigTest)
Ensure kernel efi lockdown is enabled
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-kernel-security.py", line 2668, in test_410_config_lock_down_kernel
self.assertKernelConfig('LOCK_DOWN_KERNEL', expected)
File "./test-kernel-security.py", line 207, in assertKernelConfig
self.assertKernelConfigSet(name)
File "./test-kernel-security.py", line 194, in assertKernelConfigSet
'%s option was expected to be set in the kernel config' % name)
AssertionError: LOCK_DOWN_KERNEL option was expected to be set in the kernel config |
|
| 2019-01-16 11:23:47 |
Po-Hsu Lin |
bug task added |
|
ubuntu-kernel-tests |
|
| 2019-01-16 11:30:06 |
Ubuntu Kernel Bot |
linux (Ubuntu): status |
New |
Incomplete |
|
| 2019-01-17 03:16:18 |
Po-Hsu Lin |
bug task added |
|
linux-kvm (Ubuntu) |
|
| 2019-01-31 14:32:01 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Bionic) |
|
| 2019-01-31 14:32:01 |
Kleber Sacilotto de Souza |
bug task added |
|
linux-kvm (Ubuntu Bionic) |
|
| 2019-01-31 14:32:56 |
Kleber Sacilotto de Souza |
nominated for series |
|
Ubuntu Cosmic |
|
| 2019-01-31 14:32:56 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Cosmic) |
|
| 2019-01-31 14:32:56 |
Kleber Sacilotto de Souza |
bug task added |
|
linux-kvm (Ubuntu Cosmic) |
|
| 2019-03-07 09:13:47 |
Po-Hsu Lin |
qa-regression-testing: status |
New |
Fix Released |
|
| 2019-03-11 11:01:23 |
Po-Hsu Lin |
bug task deleted |
linux (Ubuntu) |
|
|
| 2019-05-24 08:40:26 |
Po-Hsu Lin |
summary |
test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on Bionic with PowerPC |
test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on B/C KVM |
|
| 2019-06-10 03:58:52 |
Po-Hsu Lin |
bug task deleted |
linux (Ubuntu Bionic) |
|
|
| 2019-06-10 03:58:58 |
Po-Hsu Lin |
bug task deleted |
linux (Ubuntu Cosmic) |
|
|
| 2019-06-10 03:59:51 |
Po-Hsu Lin |
nominated for series |
|
Ubuntu Disco |
|
| 2019-06-10 03:59:51 |
Po-Hsu Lin |
bug task added |
|
linux-kvm (Ubuntu Disco) |
|
| 2019-06-10 04:00:02 |
Po-Hsu Lin |
summary |
test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on B/C KVM |
test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on B/C/D KVM |
|
| 2019-06-10 08:39:44 |
Po-Hsu Lin |
ubuntu-kernel-tests: status |
New |
In Progress |
|
| 2019-06-10 08:39:46 |
Po-Hsu Lin |
ubuntu-kernel-tests: assignee |
|
Po-Hsu Lin (cypressyew) |
|
| 2019-06-10 08:39:48 |
Po-Hsu Lin |
linux-kvm (Ubuntu): assignee |
|
Po-Hsu Lin (cypressyew) |
|
| 2019-06-10 08:39:49 |
Po-Hsu Lin |
linux-kvm (Ubuntu Bionic): assignee |
|
Po-Hsu Lin (cypressyew) |
|
| 2019-06-10 08:39:51 |
Po-Hsu Lin |
linux-kvm (Ubuntu Cosmic): assignee |
|
Po-Hsu Lin (cypressyew) |
|
| 2019-06-10 08:39:53 |
Po-Hsu Lin |
linux-kvm (Ubuntu Disco): assignee |
|
Po-Hsu Lin (cypressyew) |
|
| 2019-06-10 08:39:56 |
Po-Hsu Lin |
linux-kvm (Ubuntu Disco): status |
New |
In Progress |
|
| 2019-06-10 08:39:57 |
Po-Hsu Lin |
linux-kvm (Ubuntu Cosmic): status |
New |
In Progress |
|
| 2019-06-10 08:39:59 |
Po-Hsu Lin |
linux-kvm (Ubuntu Bionic): status |
New |
In Progress |
|
| 2019-06-10 08:40:01 |
Po-Hsu Lin |
linux-kvm (Ubuntu): status |
New |
In Progress |
|
| 2019-06-10 09:33:16 |
Po-Hsu Lin |
description |
Kernel Version: 4.15.0-44.47
This test has passed on s390x / AMD64 / ARM64 / i386, but failed with Power8 and Power9
FAIL: test_410_config_lock_down_kernel (__main__.KernelSecurityConfigTest)
Ensure kernel efi lockdown is enabled
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-kernel-security.py", line 2668, in test_410_config_lock_down_kernel
self.assertKernelConfig('LOCK_DOWN_KERNEL', expected)
File "./test-kernel-security.py", line 207, in assertKernelConfig
self.assertKernelConfigSet(name)
File "./test-kernel-security.py", line 194, in assertKernelConfigSet
'%s option was expected to be set in the kernel config' % name)
AssertionError: LOCK_DOWN_KERNEL option was expected to be set in the kernel config |
== SRU Justification ==
Security team requires the CONFIG_LOCK_DOWN_KERNEL to be enabled in all of our kernels.
== Test ==
Test kernels could be found here:
https://people.canonical.com/~phlin/kernel/lp-1811981-kvm-lockdown/
This issue can be verified with test_410_config_lock_down_kernel
test from q-r-t, the test will pass with the patched kernel.
== Regression Potential ==
Low, we already have this config enabled in the generic kernel.
== Original bug report ==
Kernel Version: 4.15.0-44.47
This test has passed on s390x / AMD64 / ARM64 / i386, but failed with Power8 and Power9
FAIL: test_410_config_lock_down_kernel (__main__.KernelSecurityConfigTest)
Ensure kernel efi lockdown is enabled
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-kernel-security.py", line 2668, in test_410_config_lock_down_kernel
self.assertKernelConfig('LOCK_DOWN_KERNEL', expected)
File "./test-kernel-security.py", line 207, in assertKernelConfig
self.assertKernelConfigSet(name)
File "./test-kernel-security.py", line 194, in assertKernelConfigSet
'%s option was expected to be set in the kernel config' % name)
AssertionError: LOCK_DOWN_KERNEL option was expected to be set in the kernel config |
|
| 2019-06-10 10:24:13 |
Po-Hsu Lin |
tags |
bionic ppc64el |
amd64 bionic cosmic disco ubuntu-kernel-security |
|
| 2019-06-11 03:20:29 |
Khaled El Mously |
linux-kvm (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2019-06-11 03:20:31 |
Khaled El Mously |
linux-kvm (Ubuntu Cosmic): status |
In Progress |
Fix Committed |
|
| 2019-06-11 03:20:33 |
Khaled El Mously |
linux-kvm (Ubuntu Disco): status |
In Progress |
Fix Committed |
|
| 2019-07-16 06:43:29 |
Po-Hsu Lin |
tags |
amd64 bionic cosmic disco ubuntu-kernel-security |
amd64 bionic cosmic disco ubuntu-qrt-kernel-security |
|
| 2019-07-16 21:22:02 |
Steve Beattie |
tags |
amd64 bionic cosmic disco ubuntu-qrt-kernel-security |
amd64 bionic cosmic disco ubuntu-qrt-kernel-security verification-done-bionic |
|
| 2019-07-16 21:36:55 |
Steve Beattie |
tags |
amd64 bionic cosmic disco ubuntu-qrt-kernel-security verification-done-bionic |
amd64 bionic cosmic disco ubuntu-qrt-kernel-security verification-done-bionic verifiction-done-disco |
|
| 2019-07-19 09:37:15 |
Po-Hsu Lin |
ubuntu-kernel-tests: status |
In Progress |
Fix Released |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
linux-kvm (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
cve linked |
|
2018-12126 |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
cve linked |
|
2018-12127 |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
cve linked |
|
2018-12130 |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
cve linked |
|
2019-11085 |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
cve linked |
|
2019-11091 |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
cve linked |
|
2019-11815 |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
cve linked |
|
2019-11833 |
|
| 2019-07-22 10:56:28 |
Launchpad Janitor |
cve linked |
|
2019-11884 |
|
| 2019-07-22 20:28:34 |
Launchpad Janitor |
linux-kvm (Ubuntu Disco): status |
Fix Committed |
Fix Released |
|
| 2019-07-23 14:13:30 |
Launchpad Janitor |
linux-kvm (Ubuntu): status |
In Progress |
Fix Released |
|
| 2021-03-12 09:59:36 |
Po-Hsu Lin |
linux-kvm (Ubuntu Cosmic): status |
Fix Committed |
Won't Fix |
|
