* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
@ 2019-06-28 10:39 Po-Hsu Lin
2019-07-01 6:27 ` Xiao Yang
2019-07-02 13:04 ` Cyril Hrubis
0 siblings, 2 replies; 9+ messages in thread
From: Po-Hsu Lin @ 2019-06-28 10:39 UTC (permalink / raw)
To: ltp
The block_dev test in kernel_misc will taint kernel with a warning flag,
this is an expected behaviour.
However, if you run the cve-2017-17053 after it, as the test is looking
for a warning / died flag for a tainted kernel, it will cause false
alarm with:
tst_taint.c:88: BROK: Kernel is already tainted: 14849
The kernel_misc test was executed before the cve test in the default
test plan. Move the kernel_misc test to the end of the list to
workaround this issue.
Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
---
scenario_groups/default | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scenario_groups/default b/scenario_groups/default
index 1f3e5b27f..e5b34782c 100644
--- a/scenario_groups/default
+++ b/scenario_groups/default
@@ -22,7 +22,6 @@ power_management_tests
hugetlb
commands
hyperthreading
-kernel_misc
fs_ext4
can
cpuhotplug
@@ -30,3 +29,4 @@ net.ipv6_lib
input
cve
crypto
+kernel_misc
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
2019-06-28 10:39 [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test Po-Hsu Lin
@ 2019-07-01 6:27 ` Xiao Yang
2019-07-01 6:58 ` Po-Hsu Lin
2019-07-02 13:05 ` Cyril Hrubis
2019-07-02 13:04 ` Cyril Hrubis
1 sibling, 2 replies; 9+ messages in thread
From: Xiao Yang @ 2019-07-01 6:27 UTC (permalink / raw)
To: ltp
Hi,
Your patch just workarounds the issue for now, because it still happens
if a new test designed to taint
kernel is added to the group before cve group in future.
Could we save the value of tainted before running block_dev and then
restore it after running block_dev?
Best Regards,
Xiao Yang
On 2019/06/28 18:39, Po-Hsu Lin wrote:
> The block_dev test in kernel_misc will taint kernel with a warning flag,
> this is an expected behaviour.
>
> However, if you run the cve-2017-17053 after it, as the test is looking
> for a warning / died flag for a tainted kernel, it will cause false
> alarm with:
> tst_taint.c:88: BROK: Kernel is already tainted: 14849
>
> The kernel_misc test was executed before the cve test in the default
> test plan. Move the kernel_misc test to the end of the list to
> workaround this issue.
>
> Signed-off-by: Po-Hsu Lin<po-hsu.lin@canonical.com>
> ---
> scenario_groups/default | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/scenario_groups/default b/scenario_groups/default
> index 1f3e5b27f..e5b34782c 100644
> --- a/scenario_groups/default
> +++ b/scenario_groups/default
> @@ -22,7 +22,6 @@ power_management_tests
> hugetlb
> commands
> hyperthreading
> -kernel_misc
> fs_ext4
> can
> cpuhotplug
> @@ -30,3 +29,4 @@ net.ipv6_lib
> input
> cve
> crypto
> +kernel_misc
^ permalink raw reply [flat|nested] 9+ messages in thread
* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
2019-07-01 6:27 ` Xiao Yang
@ 2019-07-01 6:58 ` Po-Hsu Lin
2019-07-01 7:12 ` Xiao Yang
2019-07-02 13:05 ` Cyril Hrubis
1 sibling, 1 reply; 9+ messages in thread
From: Po-Hsu Lin @ 2019-07-01 6:58 UTC (permalink / raw)
To: ltp
Hello,
I am not sure if we can restore the value in /proc/sys/kernel/tainted,
which can be changed manually:
# cat /proc/sys/kernel/tainted
0
# echo 12800 > /proc/sys/kernel/tainted
# cat /proc/sys/kernel/tainted
12800
But it can't be reset back to 0.
From the Documentation/admin-guide/tainted-kernels.rst, it states that:
"Note the kernel will remain tainted even after you undo what caused the taint
(i.e. unload a proprietary kernel module), to indicate the kernel remains not
trustworthy."
Thanks
On Mon, Jul 1, 2019 at 2:27 PM Xiao Yang <yangx.jy@cn.fujitsu.com> wrote:
>
> Hi,
>
> Your patch just workarounds the issue for now, because it still happens
> if a new test designed to taint
> kernel is added to the group before cve group in future.
>
> Could we save the value of tainted before running block_dev and then
> restore it after running block_dev?
>
> Best Regards,
> Xiao Yang
> On 2019/06/28 18:39, Po-Hsu Lin wrote:
> > The block_dev test in kernel_misc will taint kernel with a warning flag,
> > this is an expected behaviour.
> >
> > However, if you run the cve-2017-17053 after it, as the test is looking
> > for a warning / died flag for a tainted kernel, it will cause false
> > alarm with:
> > tst_taint.c:88: BROK: Kernel is already tainted: 14849
> >
> > The kernel_misc test was executed before the cve test in the default
> > test plan. Move the kernel_misc test to the end of the list to
> > workaround this issue.
> >
> > Signed-off-by: Po-Hsu Lin<po-hsu.lin@canonical.com>
> > ---
> > scenario_groups/default | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/scenario_groups/default b/scenario_groups/default
> > index 1f3e5b27f..e5b34782c 100644
> > --- a/scenario_groups/default
> > +++ b/scenario_groups/default
> > @@ -22,7 +22,6 @@ power_management_tests
> > hugetlb
> > commands
> > hyperthreading
> > -kernel_misc
> > fs_ext4
> > can
> > cpuhotplug
> > @@ -30,3 +29,4 @@ net.ipv6_lib
> > input
> > cve
> > crypto
> > +kernel_misc
>
>
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
2019-07-01 6:58 ` Po-Hsu Lin
@ 2019-07-01 7:12 ` Xiao Yang
2019-07-02 13:00 ` Cyril Hrubis
0 siblings, 1 reply; 9+ messages in thread
From: Xiao Yang @ 2019-07-01 7:12 UTC (permalink / raw)
To: ltp
On 2019/07/01 14:58, Po-Hsu Lin wrote:
> Hello,
>
> I am not sure if we can restore the value in /proc/sys/kernel/tainted,
> which can be changed manually:
> # cat /proc/sys/kernel/tainted
> 0
> # echo 12800> /proc/sys/kernel/tainted
> # cat /proc/sys/kernel/tainted
> 12800
> But it can't be reset back to 0.
Hi,
It seems that the value of /proc/sys/kernel/tainted only be increased.
Best Regards,
Xiao Yang
> > From the Documentation/admin-guide/tainted-kernels.rst, it states that:
> "Note the kernel will remain tainted even after you undo what caused the taint
> (i.e. unload a proprietary kernel module), to indicate the kernel remains not
> trustworthy."
>
> Thanks
>
> On Mon, Jul 1, 2019 at 2:27 PM Xiao Yang<yangx.jy@cn.fujitsu.com> wrote:
>> Hi,
>>
>> Your patch just workarounds the issue for now, because it still happens
>> if a new test designed to taint
>> kernel is added to the group before cve group in future.
>>
>> Could we save the value of tainted before running block_dev and then
>> restore it after running block_dev?
>>
>> Best Regards,
>> Xiao Yang
>> On 2019/06/28 18:39, Po-Hsu Lin wrote:
>>> The block_dev test in kernel_misc will taint kernel with a warning flag,
>>> this is an expected behaviour.
>>>
>>> However, if you run the cve-2017-17053 after it, as the test is looking
>>> for a warning / died flag for a tainted kernel, it will cause false
>>> alarm with:
>>> tst_taint.c:88: BROK: Kernel is already tainted: 14849
>>>
>>> The kernel_misc test was executed before the cve test in the default
>>> test plan. Move the kernel_misc test to the end of the list to
>>> workaround this issue.
>>>
>>> Signed-off-by: Po-Hsu Lin<po-hsu.lin@canonical.com>
>>> ---
>>> scenario_groups/default | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/scenario_groups/default b/scenario_groups/default
>>> index 1f3e5b27f..e5b34782c 100644
>>> --- a/scenario_groups/default
>>> +++ b/scenario_groups/default
>>> @@ -22,7 +22,6 @@ power_management_tests
>>> hugetlb
>>> commands
>>> hyperthreading
>>> -kernel_misc
>>> fs_ext4
>>> can
>>> cpuhotplug
>>> @@ -30,3 +29,4 @@ net.ipv6_lib
>>> input
>>> cve
>>> crypto
>>> +kernel_misc
>>
>>
>
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
2019-07-01 7:12 ` Xiao Yang
@ 2019-07-02 13:00 ` Cyril Hrubis
0 siblings, 0 replies; 9+ messages in thread
From: Cyril Hrubis @ 2019-07-02 13:00 UTC (permalink / raw)
To: ltp
Hi!
> It seems that the value of /proc/sys/kernel/tainted only be increased.
That is by design, since otherwise people would erase the track of
unsigned/out-of-tree modules being loaded...
--
Cyril Hrubis
chrubis@suse.cz
^ permalink raw reply [flat|nested] 9+ messages in thread
* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
2019-06-28 10:39 [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test Po-Hsu Lin
2019-07-01 6:27 ` Xiao Yang
@ 2019-07-02 13:04 ` Cyril Hrubis
1 sibling, 0 replies; 9+ messages in thread
From: Cyril Hrubis @ 2019-07-02 13:04 UTC (permalink / raw)
To: ltp
Hi!
Pushed, thanks.
--
Cyril Hrubis
chrubis@suse.cz
^ permalink raw reply [flat|nested] 9+ messages in thread
* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
2019-07-01 6:27 ` Xiao Yang
2019-07-01 6:58 ` Po-Hsu Lin
@ 2019-07-02 13:05 ` Cyril Hrubis
2019-07-02 16:40 ` Po-Hsu Lin
1 sibling, 1 reply; 9+ messages in thread
From: Cyril Hrubis @ 2019-07-02 13:05 UTC (permalink / raw)
To: ltp
Hi!
> Your patch just workarounds the issue for now, because it still happens
> if a new test designed to taint
> kernel is added to the group before cve group in future.
Unfortunately there is no better solution for this, so I pushed the
patch.
--
Cyril Hrubis
chrubis@suse.cz
^ permalink raw reply [flat|nested] 9+ messages in thread
* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
2019-07-02 13:05 ` Cyril Hrubis
@ 2019-07-02 16:40 ` Po-Hsu Lin
2019-07-02 17:19 ` Cyril Hrubis
0 siblings, 1 reply; 9+ messages in thread
From: Po-Hsu Lin @ 2019-07-02 16:40 UTC (permalink / raw)
To: ltp
Hello,
thanks for the review,
do you think if we should put a comment (if possible) inside that file
to avoid getting re-ordered for some reason in the future?
On Tue, Jul 2, 2019 at 9:05 PM Cyril Hrubis <chrubis@suse.cz> wrote:
>
> Hi!
> > Your patch just workarounds the issue for now, because it still happens
> > if a new test designed to taint
> > kernel is added to the group before cve group in future.
>
> Unfortunately there is no better solution for this, so I pushed the
> patch.
>
> --
> Cyril Hrubis
> chrubis@suse.cz
^ permalink raw reply [flat|nested] 9+ messages in thread
* [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test
2019-07-02 16:40 ` Po-Hsu Lin
@ 2019-07-02 17:19 ` Cyril Hrubis
0 siblings, 0 replies; 9+ messages in thread
From: Cyril Hrubis @ 2019-07-02 17:19 UTC (permalink / raw)
To: ltp
Hi!
> thanks for the review,
> do you think if we should put a comment (if possible) inside that file
> to avoid getting re-ordered for some reason in the future?
We cannot, the scenari files are simply read line by line, the format
does not support comments.
--
Cyril Hrubis
chrubis@suse.cz
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2019-07-02 17:19 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-06-28 10:39 [LTP] [PATCH] scenario_groups/default: run the kernel_misc test after the cve test Po-Hsu Lin
2019-07-01 6:27 ` Xiao Yang
2019-07-01 6:58 ` Po-Hsu Lin
2019-07-01 7:12 ` Xiao Yang
2019-07-02 13:00 ` Cyril Hrubis
2019-07-02 13:05 ` Cyril Hrubis
2019-07-02 16:40 ` Po-Hsu Lin
2019-07-02 17:19 ` Cyril Hrubis
2019-07-02 13:04 ` Cyril Hrubis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox