** Description changed: + == SRU Justification == + Security team requires the CONFIG_LOCK_DOWN_KERNEL to be enabled in all of our kernels. + + == Test == + Test kernels could be found here: + https://people.canonical.com/~phlin/kernel/lp-1811981-kvm-lockdown/ + This issue can be verified with test_410_config_lock_down_kernel + test from q-r-t, the test will pass with the patched kernel. + + == Regression Potential == + Low, we already have this config enabled in the generic kernel. + + + == Original bug report == Kernel Version: 4.15.0-44.47 This test has passed on s390x / AMD64 / ARM64 / i386, but failed with Power8 and Power9 FAIL: test_410_config_lock_down_kernel (__main__.KernelSecurityConfigTest) Ensure kernel efi lockdown is enabled ---------------------------------------------------------------------- Traceback (most recent call last): File "./test-kernel-security.py", line 2668, in test_410_config_lock_down_kernel self.assertKernelConfig('LOCK_DOWN_KERNEL', expected) File "./test-kernel-security.py", line 207, in assertKernelConfig self.assertKernelConfigSet(name) File "./test-kernel-security.py", line 194, in assertKernelConfigSet '%s option was expected to be set in the kernel config' % name) AssertionError: LOCK_DOWN_KERNEL option was expected to be set in the kernel config
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1811981 Title: test_410_config_lock_down_kernel in ubuntu_kernel_security test failed on B/C/D KVM To manage notifications about this bug go to: https://bugs.launchpad.net/qa-regression-testing/+bug/1811981/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
