New issue
Advanced search Search tips

Issue 909573 link

Starred by 1 user
Status: Fixed
Owner:
derat@chromium.org
Closed: Nov 29
Cc:
llozano@chromium.org
kerrnel@chromium.org
mnissler@chromium.org
cmt...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug
Build-Toolchain



Sign in to add a comment

platform_ToolchainOptions failed on eve-tot-chrome-pfq-informational with files in /home/.shadow

Project Member Reported by derat@chromium.org, Nov 28 
platform_ToolchainOptions failed in the eve-tot-chrome-pfq-informational build at http://cros-goldeneye/chromeos/healthmonitoring/buildDetails?buildbucketId=8928663429595080480. The error log doesn't mean much to me:


11/27 18:05:22.193 ERROR|platform_Toolchain:0321| Test -Wl,-z,now 1 failures
FAILED:
/home/.shadow/6f393dcc2c3a413edea68bfcc3f1d354338ed41a/mount/x06A8F2XCfK8NdZ45HonxA/GTvkky3vFfAEATBFlam+xB/,9FvoBnWxNomLXFfRoKKaD/qE4zpMSYZUPBUzA2RP8tFD/BT6UaJoV,gw976brTGhlJQqX4IFETPbo/x11URSPAgc4i3g2q+9Es4D/mkyb13OistpWYhfCR34FCB/YOI0uXeXHb8CVYwpwPTYCB/I6p9gp,aUgoTtkXe1YAdXC/y2i3a+704VxNELFYRHqR9B


Test -Wl,-z,relro 1 failures
FAILED:
/home/.shadow/6f393dcc2c3a413edea68bfcc3f1d354338ed41a/mount/x06A8F2XCfK8NdZ45HonxA/GTvkky3vFfAEATBFlam+xB/,9FvoBnWxNomLXFfRoKKaD/qE4zpMSYZUPBUzA2RP8tFD/BT6UaJoV,gw976brTGhlJQqX4IFETPbo/x11URSPAgc4i3g2q+9Es4D/mkyb13OistpWYhfCR34FCB/YOI0uXeXHb8CVYwpwPTYCB/I6p9gp,aUgoTtkXe1YAdXC/y2i3a+704VxNELFYRHqR9B


Test -fPIE 1 failures
FAILED:
/home/.shadow/6f393dcc2c3a413edea68bfcc3f1d354338ed41a/mount/x06A8F2XCfK8NdZ45HonxA/GTvkky3vFfAEATBFlam+xB/,9FvoBnWxNomLXFfRoKKaD/qE4zpMSYZUPBUzA2RP8tFD/BT6UaJoV,gw976brTGhlJQqX4IFETPbo/x11URSPAgc4i3g2q+9Es4D/mkyb13OistpWYhfCR34FCB/YOI0uXeXHb8CVYwpwPTYCB/I6p9gp,aUgoTtkXe1YAdXC/y2i3a+704VxNELFYRHqR9B


Test Executable Stack 1 failures
FAILED:
/home/.shadow/6f393dcc2c3a413edea68bfcc3f1d354338ed41a/mount/x06A8F2XCfK8NdZ45HonxA/GTvkky3vFfAEATBFlam+xB/,9FvoBnWxNomLXFfRoKKaD/qE4zpMSYZUPBUzA2RP8tFD/BT6UaJoV,gw976brTGhlJQqX4IFETPbo/x11URSPAgc4i3g2q+9Es4D/mkyb13OistpWYhfCR34FCB/YOI0uXeXHb8CVYwpwPTYCB/I6p9gp,aUgoTtkXe1YAdXC/y2i3a+704VxNELFYRHqR9B


What's that path supposed to be? I'm guessing it's an encrypted filename.

Pretty much all of the recent changes to this test are people just whitelisting more binaries.

Random theory: the test is scanning all files and the "file" command misidentified an encrypted file as having an ELF header. Should the test be excluding /home/.shadow?

Comment 1 by manojgupta@chromium.org, Nov 29 

Currently a few directories are skipped e.g. /home/chronos.

https://cs.corp.google.com/chromeos_public/src/third_party/autotest/files/client/site_tests/platform_ToolchainOptions/platform_ToolchainOptions.py?l=132

Maybe whole of /home should be skipped if there is no security issue with executables files in /home?

Comment 2 by derat@chromium.org, Nov 29 

When I cat /proc/mounts on a recent caroline test device, it looks like /home is also mounted noexec:

# cat /proc/mounts | grep home
/dev/mmcblk0p1 /home ext4 rw,seclabel,nosuid,nodev,noexec,noatime,resgid=20119,commit=600,data=ordered 0 0
/dev/mapper/encstateful /home/chronos ext4 rw,seclabel,nosuid,nodev,noexec,noatime,discard,commit=600,data=ordered 0 0
/dev/mmcblk0p1 /home/chronos/user ext4 rw,seclabel,nosuid,nodev,noexec,noatime,resgid=20119,commit=600,data=ordered 0 0
/dev/mmcblk0p1 /home/chronos/u-a15eb7996a42a661cec694d149dfcebefafcddd5 ext4 rw,seclabel,nosuid,nodev,noexec,noatime,resgid=20119,commit=600,data=ordered 0 0
/dev/mmcblk0p1 /home/user/a15eb7996a42a661cec694d149dfcebefafcddd5 ext4 rw,seclabel,nosuid,nodev,noexec,noatime,resgid=20119,commit=600,data=ordered 0 0
/dev/mmcblk0p1 /home/root/a15eb7996a42a661cec694d149dfcebefafcddd5 ext4 rw,seclabel,nosuid,nodev,noexec,noatime,resgid=20119,commit=600,data=ordered 0 0

So yeah, that seems like it might be an argument for skipping /home entirely.

Comment 3 by vapier@chromium.org, Nov 29 

yeah, those look like possibly ext4 encrypted files, so trying to read them doesn't make sense

skipping all of /home sounds fine as it should only contain Chrome profiles.  the rootfs itself certainly doesn't install any files into it ...

Comment 4 by derat@chromium.org, Nov 29

Cc: mnissler@chromium.org
Owner: derat@chromium.org
Status: Started (was: Assigned)
Thanks, sent https://crrev.com/c/1352715 your way.
Project Member

Comment 5 by bugdroid1@chromium.org, Nov 29 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/autotest/+/ba9ac8ad914fae6e687bd6b2b8125a9abc36def8

commit ba9ac8ad914fae6e687bd6b2b8125a9abc36def8
Author: Daniel Erat <derat@chromium.org>
Date: Thu Nov 29 20:11:11 2018

autotest: Make platform_ToolchainOptions skip /home.

Make platform_ToolchainOptions skip all of /home rather than
just /home/chronos. Encrypted files in /home/.shadow can be
falsely recognized as ELF executables, and /home is mounted
noexec in any case.

BUG= chromium:909573 
TEST=none

Change-Id: I059df3de8e4479af63b47a75f6585b185b41c85a
Reviewed-on: https://chromium-review.googlesource.com/1352715
Commit-Ready: Dan Erat <derat@chromium.org>
Tested-by: Dan Erat <derat@chromium.org>
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>

[modify] https://crrev.com/ba9ac8ad914fae6e687bd6b2b8125a9abc36def8/client/site_tests/platform_ToolchainOptions/platform_ToolchainOptions.py

Comment 6 by derat@chromium.org, Nov 29

Status: Fixed (was: Started)

Sign in to add a comment