See:
https://jenkins.qa.ubuntu.com/view/LTS%20Backports/job/sru_kernel_backport-precise-generic_amd64-amd_64-mga_g200ew/25/
https://jenkins.qa.ubuntu.com/view/LTS%20Backports/job/sru_kernel_backport-precise-generic_amd64-intel_64-mga_g200ew/2/
07/26 22:50:46 DEBUG|base_utils:0077| Running 'which gcc'
07/26 22:50:46 DEBUG|base_utils:0114| [stdout] /usr/bin/gcc
07/26 22:50:46 DEBUG|base_utils:0077| Running 'python ./test-kernel-security.py -v'
07/26 22:50:46 DEBUG|base_utils:0114| [stdout] Running test: './test-kernel-security.py' distro: 'Ubuntu 12.04' kernel: '3.5.0-6.6~precise1 (Ubuntu 3.5.0-6.6~precise1-generic 3.5.0)' arch: 'amd64' uid: 0/0 SUDO_USER: 'ubuntu')
07/26 22:50:46 ERROR|base_utils:0114| [stderr] test_000_make (__main__.KernelSecurityTest)
07/26 22:50:47 ERROR|base_utils:0114| [stderr] Prepare to build helper tools ... ok
07/26 22:50:47 ERROR|base_utils:0114| [stderr] test_010_proc_maps (__main__.KernelSecurityTest)
07/26 22:50:47 ERROR|base_utils:0114| [stderr] /proc/$pid/maps is correctly protected ... ok
07/26 22:50:47 ERROR|base_utils:0114| [stderr] test_020_aslr_00_proc (__main__.KernelSecurityTest)
07/26 22:50:47 ERROR|base_utils:0114| [stderr] ASLR enabled ... ok
07/26 22:50:47 ERROR|base_utils:0114| [stderr] test_020_aslr_dapper_stack (__main__.KernelSecurityTest)
07/26 22:50:48 ERROR|base_utils:0114| [stderr] ASLR of stack ... ok
07/26 22:50:48 ERROR|base_utils:0114| [stderr] test_021_aslr_dapper_libs (__main__.KernelSecurityTest)
07/26 22:50:48 ERROR|base_utils:0114| [stderr] ASLR of libs ... ok
07/26 22:50:48 ERROR|base_utils:0114| [stderr] test_021_aslr_dapper_mmap (__main__.KernelSecurityTest)
07/26 22:50:48 ERROR|base_utils:0114| [stderr] ASLR of mmap ... ok
07/26 22:50:48 ERROR|base_utils:0114| [stderr] test_022_aslr_hardy_text (__main__.KernelSecurityTest)
07/26 22:50:48 ERROR|base_utils:0114| [stderr] ASLR of text ... ok
07/26 22:50:48 ERROR|base_utils:0114| [stderr] test_022_aslr_hardy_vdso (__main__.KernelSecurityTest)
07/26 22:50:48 ERROR|base_utils:0114| [stderr] ASLR of vdso ... ok
07/26 22:50:48 ERROR|base_utils:0114| [stderr] test_022_aslr_intrepid_brk (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] ASLR of brk ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_030_mmap_min (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] Low memory allocation respects mmap_min_addr ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_031_apparmor (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] AppArmor loaded ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_031_seccomp (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] PR_SET_SECCOMP works ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_032_dev_kmem (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] /dev/kmem not available ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_033_syn_cookies (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] SYN cookies is enabled ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_040_pcaps (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] init's CAPABILITY list is clean ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_050_personality (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] init missing READ_IMPLIES_EXEC ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_060_nx (__main__.KernelSecurityTest)
07/26 22:50:49 ERROR|base_utils:0114| [stderr] NX bit is working ... ok
07/26 22:50:49 ERROR|base_utils:0114| [stderr] test_061_guard_page (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] Userspace stack guard page exists (CVE-2010-2240) ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_070_config_brk (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_COMPAT_BRK disabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_070_config_devkmem (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_DEVKMEM disabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_070_config_seccomp (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_SECCOMP enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_070_config_security (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_SECURITY enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_070_config_security_selinux (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_SECURITY_SELINUX enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_070_config_syn_cookies (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_SYN_COOKIES enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_071_config_seccomp (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_SECCOMP enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_072_config_compat_vdso (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_COMPAT_VDSO disabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_072_config_debug_rodata (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_DEBUG_RODATA enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_072_config_debug_set_module_ronx (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_DEBUG_SET_MODULE_RONX enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_072_config_security_apparmor (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_SECURITY_APPARMOR enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_072_config_strict_devmem (__main__.KernelSecurityTest)
07/26 22:50:50 ERROR|base_utils:0114| [stderr] CONFIG_STRICT_DEVMEM enabled ... ok
07/26 22:50:50 ERROR|base_utils:0114| [stderr] test_072_strict_devmem (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] /dev/mem unreadable for kernel memory ... ok
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_073_config_security_file_capabilities (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] CONFIG_SECURITY_FILE_CAPABILITIES enabled ... ok
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_073_config_security_smack (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] CONFIG_SECURITY_SMACK enabled ... ok
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_074_config_security_default_mmap_min_addr (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] CONFIG_DEFAULT_MMAP_MIN_ADDR ... ok
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_075_config_stack_protector (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] CONFIG_CC_STACKPROTECTOR set ... ok
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_082_stack_guard_kernel (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] Kernel stack guard ... ok
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_090_module_blocking (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] Sysctl to disable module loading exists ... ok
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_091_symlink_following_in_sticky_directories (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] Symlinks not followable across differing uids in sticky directories ... FAIL
07/26 22:50:51 ERROR|base_utils:0114| [stderr] ERROR
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_092_hardlink_restriction (__main__.KernelSecurityTest)
07/26 22:50:51 ERROR|base_utils:0114| [stderr] Hardlink disallowed for unreadable/unwritable sources ... FAIL
07/26 22:50:51 ERROR|base_utils:0114| [stderr] ERROR
07/26 22:50:51 ERROR|base_utils:0114| [stderr] test_093_ptrace_restriction (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] ptrace allowed only on children or declared processes ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_093_ptrace_restriction_extras (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] ptrace from thread on tracee that used prctl(PR_SET_PTRACER) ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_093_ptrace_restriction_parent_via_thread (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] ptrace of child works from parent threads (LP: #737676) ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_093_ptrace_restriction_prctl_via_thread (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] prctl(PR_SET_PTRACER) works from threads (LP: #729839) ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_094_rare_net_autoload (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] rare network modules do not autoload ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_095_kernel_symbols_acl (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] /proc/sys/kernel/kptr_restrict is enabled ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_095_kernel_symbols_missing (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] kernel addresses in kallsyms and modules are zeroed out ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_096_boot_symbols_unreadable (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] kernel addresses in /boot are not world readable ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_096_proc_entries_unreadable (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] sensitive files in /proc are not world readable ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_100_keep_acpi_method_disabled (__main__.KernelSecurityTest)
07/26 22:50:52 ERROR|base_utils:0114| [stderr] /sys/kernel/debug/acpi/custom_method stays disabled ... ok
07/26 22:50:52 ERROR|base_utils:0114| [stderr] test_101_proc_fd_leaks (__main__.KernelSecurityTest)
07/26 22:51:02 ERROR|base_utils:0114| [stderr] /proc/$pid/ DAC bypass on setuid (CVE-2011-1020) ... ok
07/26 22:51:02 ERROR|base_utils:0114| [stderr] test_110_seccomp_filter (__main__.KernelSecurityTest)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] seccomp_filter works ... ok
07/26 22:51:03 DEBUG|base_utils:0114| [stdout] (4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5)) (65536) (/proc/1/personality) (using 0x233382ab8) (exit code 0) (skipped: only Intrepid through Lucid) (65536) (skipped: only x86 on 3.0 kernel)
07/26 22:51:03 ERROR|base_utils:0114| [stderr]
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ======================================================================
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ERROR: test_091_symlink_following_in_sticky_directories (__main__.KernelSecurityTest)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Symlinks not followable across differing uids in sticky directories
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ----------------------------------------------------------------------
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Traceback (most recent call last):
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "./test-kernel-security.py", line 93, in tearDown
07/26 22:51:03 ERROR|base_utils:0114| [stderr] func()
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "./test-kernel-security.py", line 986, in tearDown_091_symlink_following_in_sticky_directories
07/26 22:51:03 ERROR|base_utils:0114| [stderr] self.set_sysctl_value(self.sysctl['symlink'], 1)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "/home/ubuntu/autotest/client/tests/qrt/src/scripts/testlib.py", line 989, in set_sysctl_value
07/26 22:51:03 ERROR|base_utils:0114| [stderr] self.assertTrue(os.path.exists(sysctl),"%s does not exist" % (sysctl))
07/26 22:51:03 ERROR|base_utils:0114| [stderr] AssertionError: /proc/sys/fs/protected_symlinks does not exist
07/26 22:51:03 ERROR|base_utils:0114| [stderr]
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ======================================================================
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ERROR: test_092_hardlink_restriction (__main__.KernelSecurityTest)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Hardlink disallowed for unreadable/unwritable sources
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ----------------------------------------------------------------------
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Traceback (most recent call last):
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "./test-kernel-security.py", line 93, in tearDown
07/26 22:51:03 ERROR|base_utils:0114| [stderr] func()
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "./test-kernel-security.py", line 1081, in tearDown_092_hardlink_restriction
07/26 22:51:03 ERROR|base_utils:0114| [stderr] self.set_sysctl_value(self.sysctl['hardlink'], 1)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "/home/ubuntu/autotest/client/tests/qrt/src/scripts/testlib.py", line 989, in set_sysctl_value
07/26 22:51:03 ERROR|base_utils:0114| [stderr] self.assertTrue(os.path.exists(sysctl),"%s does not exist" % (sysctl))
07/26 22:51:03 ERROR|base_utils:0114| [stderr] AssertionError: /proc/sys/fs/protected_hardlinks does not exist
07/26 22:51:03 ERROR|base_utils:0114| [stderr]
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ======================================================================
07/26 22:51:03 ERROR|base_utils:0114| [stderr] FAIL: test_091_symlink_following_in_sticky_directories (__main__.KernelSecurityTest)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Symlinks not followable across differing uids in sticky directories
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ----------------------------------------------------------------------
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Traceback (most recent call last):
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "./test-kernel-security.py", line 998, in test_091_symlink_following_in_sticky_directories
07/26 22:51:03 ERROR|base_utils:0114| [stderr] self._test_sysctl_value(self.sysctl['symlink'], 1)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "/home/ubuntu/autotest/client/tests/qrt/src/scripts/testlib.py", line 977, in _test_sysctl_value
07/26 22:51:03 ERROR|base_utils:0114| [stderr] self.assertEquals(exists, os.path.exists(sysctl), sysctl)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] AssertionError: /proc/sys/fs/protected_symlinks
07/26 22:51:03 ERROR|base_utils:0114| [stderr]
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ======================================================================
07/26 22:51:03 ERROR|base_utils:0114| [stderr] FAIL: test_092_hardlink_restriction (__main__.KernelSecurityTest)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Hardlink disallowed for unreadable/unwritable sources
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ----------------------------------------------------------------------
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Traceback (most recent call last):
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "./test-kernel-security.py", line 1093, in test_092_hardlink_restriction
07/26 22:51:03 ERROR|base_utils:0114| [stderr] self._test_sysctl_value(self.sysctl['hardlink'], 1)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] File "/home/ubuntu/autotest/client/tests/qrt/src/scripts/testlib.py", line 977, in _test_sysctl_value
07/26 22:51:03 ERROR|base_utils:0114| [stderr] self.assertEquals(exists, os.path.exists(sysctl), sysctl)
07/26 22:51:03 ERROR|base_utils:0114| [stderr] AssertionError: /proc/sys/fs/protected_hardlinks
07/26 22:51:03 ERROR|base_utils:0114| [stderr]
07/26 22:51:03 ERROR|base_utils:0114| [stderr] ----------------------------------------------------------------------
07/26 22:51:03 ERROR|base_utils:0114| [stderr] Ran 51 tests in 16.404s
07/26 22:51:03 ERROR|base_utils:0114| [stderr]
07/26 22:51:03 ERROR|base_utils:0114| [stderr] FAILED (failures=2, errors=2)
07/26 22:51:03 WARNI| test:0104| Programs crashed during test execution
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test.22314 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test-pie.22348 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test.22316 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test.22326 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test.22331 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test-pie.22346 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.guard-page.22377 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test-pie.22363 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test-pie.22353 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test.22321 for more info
07/26 22:51:03 WARNI| test:0106| Please verify /home/ubuntu/autotest/client/results/default/qrt.test-kernel-security.py/debug/crash.nx-test-pie.22358 for more info
Still present: https:/