Ubuntu
linux-signed-lts-saucy package

  1. Bug #1201444
  2. Comment #0

Comment 0 for bug 1201444

Revision history for this message
Para Siva (psivaa) wrote : Secure boot signature verification of linux kernel is failing with today's images against

Secure boot signature verification of linux kernel (.10.0-2-generic #11) is failing with today's images (20130715) against the keys present in http://bazaar.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master/files/head:/notes_testing/secure-boot/keys/

The test_efi_secure_boot_signatures test in static validation test, present in http://bazaar.launchpad.net/~utah/utah/dev/view/head:/utah/isotest/iso_static_validation.py accounts for this test and the failure is as follows,
--------------------------------------------------------------------------------
__main__.TestValidateISO.test_efi_secure_boot_signatures

--------------------------------------------------------------------------------
DEBUG: Using iso at: /tmp/utah-saucy-desktop-amd64.iso
INFO: Preparing image: /tmp/utah-saucy-desktop-amd64.iso
INFO: /tmp/utah-saucy-desktop-amd64.iso is locally available as /tmp/utah-saucy-desktop-amd64.iso
INFO: Getting image type of /tmp/utah-saucy-desktop-amd64.iso
DEBUG: bsdtar list command: bsdtar -t -f /tmp/utah-saucy-desktop-amd64.iso
INFO: Image type is: desktop
DEBUG: Using normal image
DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso ./.disk/info
DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso -O .disk/info
INFO: Arch is: amd64
INFO: Series is saucy
DEBUG: Standard name for this iso is: saucy-desktop-amd64.iso
DEBUG: Generating verification certificates
DEBUG: Extracting UEFI boot and kernel images
DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso ./EFI/BOOT/BOOTx64.EFI
DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso -O EFI/BOOT/BOOTx64.EFI
DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso ./EFI/BOOT/grubx64.efi
DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso -O EFI/BOOT/grubx64.efi
DEBUG: bsdtar list command: bsdtar -t -v -f /tmp/utah-saucy-desktop-amd64.iso casper/vmlinuz.efi
DEBUG: bsdtar extract command: bsdtar -x -f /tmp/utah-saucy-desktop-amd64.iso -O casper/vmlinuz.efi
DEBUG: Verifying UEFI shim
DEBUG: Verifying UEFI grub
DEBUG: Detaching kernel signature
DEBUG: Verifying kernel signature
ERROR: test_efi_secure_boot_signatures (__main__.TestValidateISO)
ERROR: Traceback (most recent call last):
  File "/usr/lib/python2.7/unittest/case.py", line 327, in run
    testMethod()
  File "/usr/share/utah/isotest/iso_static_validation.py", line 505, in test_efi_secure_boot_signatures
    self.assertEqual(stdout, 'Signature verification OK\n')
  File "/usr/lib/python2.7/unittest/case.py", line 511, in assertEqual
    assertion_func(first, second, msg=msg)
  File "/usr/lib/python2.7/unittest/case.py", line 504, in _baseAssertEqual
    raise self.failureException(msg)
AssertionError: 'Signature verification failed\n' != 'Signature verification OK\n'