Project

General

Profile

Actions
Copy link

action #67243

closed

[sle][security][sle15sp2] test fails in ima_measurement: runtime boot_aggregate algorithm changed from sha1 to sha256

Added by llzhao almost 4 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
llzhao
Category:
Bugs in existing tests
Target version:
-
Start date:
2020-05-26
Due date:
% Done:

0%

Estimated time:
Difficulty:

Description

Observation

openQA test in scenario sle-15-SP2-Online-x86_64-ima_measurement@uefi fails in
ima_measurement

Test suite description

Maintainer: llzhao@suse.com
Setup and test for IMA measurement functions.

Reproducible

Fails since (at least) Build 201.1 (current job)

Expected result

Last good: 197.1 (or more recent)

Further details

Always latest result in this scenario: latest

Check the contents of "ima_measurement-ascii_runtime_measurements" files,
When this test case passed we got:
10 1d8d532d463c9f8c205d0df7787669a85f93e260 ima-ng sha1:0000000000000000000000000000000000000000 boot_aggregate
10 f678f4b5d72eaa69875827a0ef6bd8245fd699fb ima-ng sha256:02c483d784f05f2ed4d699d1e9ae80a81d17c6e54014831126869b0100b72216 /usr/lib/systemd/systemd
...

When this test case failed we got:
10 0adefe762c149c7cec19da62f0da1297fcfbffff ima-ng sha256:0000000000000000000000000000000000000000000000000000000000000000 boot_aggregate
10 f678f4b5d72eaa69875827a0ef6bd8245fd699fb ima-ng sha256:02c483d784f05f2ed4d699d1e9ae80a81d17c6e54014831126869b0100b72216 /usr/lib/systemd/systemd
...

It seems the default boot_aggregate algorithem changed from sha1 to sha256 on sle15sp2 build 201.1.
I will double confirm with developers.

Actions
Copy link

Also available in: Atom PDF