I've put some time into researching this yesterday. The -11 exit code refers to the ./signal-stack executable crashing due to a segmentation fault. I haven't figured out why this is happening, but it doesn't seem to indicate vulnerability to the CVE this test is designed for.
The program calls a set of system calls in random order, and there have been commits to the file before to maintain the set of calls for different architectures, etc. In fact, we should be masking all userspace segfaults after a certain point in the program, see here: https://git.launchpad.net/qa-regression-testing/tree/scripts/kernel- security/signalstack/signal-stack.c#n188 This leads me to think there's a segfault happening between line 167 and line 188, since we see output from line 167 in the crash log, and line 188 should mask all segfaults from then on. I haven't been able to reproduce this error on my own provisioned instances (using the same instance type and series) so I don't know how to proceed in debugging this. For now, it's safe to just restart this test when it fails. -- You received this bug notification because you are a member of Canonical Platform QA Team, which is subscribed to ubuntu-kernel-tests. https://bugs.launchpad.net/bugs/2058422 Title: KernelSecurityTest.test_360_stacksignal_memleak fails Status in QA Regression Testing: New Status in ubuntu-kernel-tests: New Bug description: For s2024.02.04 Bionic:linux-gcp-5.4 on instance n2d-standard-64 (suite ubuntu_qrt_kernel_security) test case KernelSecurityTest.test_360_stacksignal_memleak fails with "Kernel memory does not leak to userspace in signalstack (CVE-2009-2847)" test_360_stacksignal_memleak (__main__.KernelSecurityTest) Kernel memory does not leak to userspace in signalstack (CVE-2009-2847) ... FAIL ====================================================================== FAIL: test_360_stacksignal_memleak (__main__.KernelSecurityTest) Kernel memory does not leak to userspace in signalstack (CVE-2009-2847) ---------------------------------------------------------------------- Traceback (most recent call last): File "./test-kernel-security.py", line 2148, in test_360_stacksignal_memleak self.assertShellExitEquals(expected, self._unpriv_cmd(["./signal-stack"])) File "/home/ubuntu/autotest/client/tmp/ubuntu_qrt_kernel_security/src/qa-regression-testing/scripts/testlib.py", line 1321, in assertShellExitEquals self.assertEqual(expected, rc, msg + result + report) AssertionError: Got exit code -11, expected 0 Command: 'sudo', '-u', 'ubuntu', './signal-stack' Output: [+] Checking platform... [+] sizeof(stack_t) = 24 [+] Correct size, 64-bit platform. [+] Checking for stack_t hole... [+] ss_flags end (12) != ss_size start (16) [+] Hole in stack_t present! [+] Ready to call sigaltstack. ---------------------------------------------------------------------- Ran 1 test in 0.096s FAILED (failures=1) 16:25:18 INFO | END ERROR ubuntu_qrt_kernel_security.KernelSecurityTest.test_360_stacksignal_memleak This particular test case has not failed on any previous cycles for Bionic:linux-gcp-5.4, but the failure is the same between run #1 and #2 of the test. A 3rd run is in progress, and if the results are any different I will link them here. I have attached the full console output to this bug as well. To manage notifications about this bug go to: https://bugs.launchpad.net/qa-regression-testing/+bug/2058422/+subscriptions -- Mailing list: https://launchpad.net/~canonical-ubuntu-qa Post to : canonical-ubuntu-qa@lists.launchpad.net Unsubscribe : https://launchpad.net/~canonical-ubuntu-qa More help : https://help.launchpad.net/ListHelp
