[LTP] insmod01_sh test from commands test suite will make cve-2017-17053 test fail

Cyril Hrubis chrubis@suse.cz
Fri May 31 11:25:38 CEST 2019


Hi!
> > We found out that when running the LTP test suite directly (which uses
> > the "default" file in scenario_groups). The insmod01_sh will insert an
> > out-of-tree module and taints the kernel, and the following
> > cve-2017-17053 test in the cve test suite will check if the kernel is
> > tainted. Thus causing some false-positive in the test result.
> > 
> > Perhaps a workaround is to move the cve test suite to somewhere before
> > the commands test suite in the "default" scenario.
> > 
> > BugLink: https://bugs.launchpad.net/bugs/1830011
> 
> Looking at the bug the problem is that the module is missing license.
> 
> I guess that adding MODULE_LICENSE("GPL"); to the dummy module
> testcases/commands/insmod/ltp_insmod01.c should fix it.

Looking at the log closer there are three things that seem to tain the
kernel:

* Missing module license
* Out-of-tree module
* Missing signature

Now each of these should be setting very specific kernel taint flags.
i.e. (see ltp/include/tst_taint.h)

* Missing module license -> TST_TAINT_G
* Out-of-tree module -> TST_TAINT_O
* Missing signature -> TST_TAINT_E

While the CVE tests checks only presence of TST_TAINT_D and TST_TAINT_W
so in theory this should work fine.

If you look at the value of the taint flag for that bugreport:

14849 = 0011101000000001
          ^^^ ^        ^
	  EOI W	       G

Something has set the "warning" taint flag and also the "working around
firmware bug" flag, so it's quite possible that the insmod tests is not
the culprit here.

-- 
Cyril Hrubis
chrubis@suse.cz


More information about the ltp mailing list