** Description changed:
+ [Impact]
+
+ The testcase test_095_kernel_symbols_missing_proc_self_stack from
+ ubuntu_qrt_kernel_security testsuite started to fail with Trusty kernel
+ (3.13) after the fix for CVE-2018-17972 ("proc: restrict kernel stack
+ dumps to root"), which prevents a regular user to read from
+ /proc/self/stack.
+
Kernel: 3.13.0-165.215~precise1
The test failed with:
- AssertionError: cat: /proc/self/stack: Permission denied
-
+ AssertionError: cat: /proc/self/stack: Permission denied
FAIL: test_095_kernel_symbols_missing_proc_self_stack
(__main__.KernelSecurityTest)
kernel addresses in /proc/self/stack are zeroed out
----------------------------------------------------------------------
Traceback (most recent call last):
File "./test-kernel-security.py", line 1364, in
test_095_kernel_symbols_missing_proc_self_stack
self._check_pK_files(self._095_kernel_symbols_missing_proc_self_stack,
expected=expected)
File "./test-kernel-security.py", line 1209, in _check_pK_files
test_function(expected_restricted)
File "./test-kernel-security.py", line 1320, in
_095_kernel_symbols_missing_proc_self_stack
expected, retry=True)
File "./test-kernel-security.py", line 1146, in _read_twice
self.assertEqual(rc, 0, regular)
AssertionError: cat: /proc/self/stack: Permission denied
+
+ The testcase checks the file permission before trying to read it, and
+ for kernel 3.13 the permissions became inconsistent with what the user
+ can actually do:
+
+ $ cat /proc/self/stack
+ cat: /proc/self/stack: Permission denied
+ $ ls -l /proc/self/stack
+ -r--r--r-- 1 ubuntu ubuntu 0 Jan 24 04:06 /proc/self/stack
+
+ [Test Case]
+ Run 'cat' and 'ls' on the file as stated above, or run the
ubuntu_qrt_kernel_security testsuite and check for the results of the
test_095_kernel_symbols_missing_proc_self_stack testcase.
+
+ [Fix]
+ Upstream commit 35a35046e4f9 ("procfs: make
/proc/*/{stack,syscall,personality} 0400") applied for v3.15-rc1 fixes the
issue.
+
+ [Regression Potential]
+ The upstream fix changes the permissions of the files
/proc/*/{stack,syscall,personality}, so userspace which relies on reading these
files as regular users might fail. However, this fixes a security issue and is
already applied on our later series.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1813001
Title:
test_095_kernel_symbols_missing_proc_self_stack failed on P-LTS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1813001/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
