[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen-unstable-smoke test] 96071: regressions - FAIL

flight 96071 xen-unstable-smoke real [real]

Regressions :-(

Tests which did not succeed and are blocking,
including tests which could not be run:
 test-armhf-armhf-xl          15 guest-start/debian.repeat fail REGR. vs. 96064

Tests which did not succeed, but are not blocking:
 test-amd64-amd64-libvirt     12 migrate-support-check        fail   never pass
 test-armhf-armhf-xl          12 migrate-support-check        fail   never pass
 test-armhf-armhf-xl          13 saverestore-support-check    fail   never pass

version targeted for testing:
 xen                  c6f7d21747805b50123fc1b8d73518fea2aa9096
baseline version:
 xen                  b49839ef4e6ba183503912d169df7635e1c6df54

Last test of basis    96064  2016-06-21 15:05:01 Z    0 days
Testing same since    96071  2016-06-21 18:01:52 Z    0 days    1 attempts

People who touched revisions under test:
  Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  Jan Beulich <jbeulich@xxxxxxxx>
  Julien Grall <julien.grall@xxxxxxx>

 build-amd64                                                  pass    
 build-armhf                                                  pass    
 build-amd64-libvirt                                          pass    
 test-armhf-armhf-xl                                          fail    
 test-amd64-amd64-xl-qemuu-debianhvm-i386                     pass    
 test-amd64-amd64-libvirt                                     pass    

sg-report-flight on osstest.test-lab.xenproject.org
logs: /home/logs/logs
images: /home/logs/images

Logs, config files, etc. are available at

Explanation of these reports, and of osstest in general, is at

Test harness code can be found at

Not pushing.

commit c6f7d21747805b50123fc1b8d73518fea2aa9096
Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date:   Mon Jun 20 10:04:21 2016 -0400

    xen/xsm: remove .xsm_initcall.init section
    Since FLASK is the only implementation of XSM hooks in Xen, using an
    iterated initcall dispatch for setup is overly complex.  Change this to
    a direct function call to a globally visible function; if additional XSM
    hooks are added in the future, a switching mechanism will be needed
    regardless, and that can be placed in xsm_core.c.
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
    Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Julien Grall <julien.grall@xxxxxxx>

commit 56fef9e367b250a3c6ff16b6c4494c5103ac4871
Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date:   Mon Jun 20 10:04:20 2016 -0400

    flask: improve unknown permission handling
    When an unknown domctl, sysctl, or other operation is encountered in the
    FLASK security server, use the allow_unknown bit in the security policy
    to decide if the permission should be allowed or denied.  This allows
    new operations to be tested without needing to immediately add security
    checks; however, it is not flexible enough to avoid adding the actual
    permission checks.  An error message is printed to the hypervisor
    console when this fallback is encountered.
    This patch will allow operations that are not handled by the existing
    hooks only if the policy was compiled with "checkpolicy -U allow".  In
    previous releases, this bit did nothing, and the default remains to deny
    the unknown operations.
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
    Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx>

commit 559f439bfa3bf931414534ec0c46e5e8a21fa3ba
Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date:   Mon Jun 20 10:04:19 2016 -0400

    flask: remove xen_flask_userlist operation
    This operation has no known users, and is primarily useful when an MLS
    policy is in use (which has never been shipped with Xen).  In addition,
    the information it provides does not actually depend on hypervisor
    state (only on the XSM policy), so an application that needs it could
    compute the results without needing to involve the hypervisor.
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
    Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx>

commit d18224766fa2e6e0746e8c9e759a8e0cc8c87129
Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date:   Mon Jun 20 10:04:18 2016 -0400

    flask: remove unused AVC callback functions
    These callbacks are not used in Xen.
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
    Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx>

commit 45aa978766834cd1bf4cb47955c156574ea9618c
Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date:   Mon Jun 20 10:04:17 2016 -0400

    flask: remove unused secondary context in ocontext
    This field was originally used in Linux for a default message code for
    network interfaces.  It has never been used in Xen, so remove it.
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
    Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx>

commit 53c300ab1ca0c5df99c98e756b5f681e29d5d880
Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date:   Mon Jun 20 10:04:16 2016 -0400

    flask: unify {get, set}vcpucontext permissions
    These permissions were initially split because they were in separate
    domctls, but this split is very unlikely to actually provide security
    benefits: it would require a carefully contrived situation for a domain
    to both need access to one type of CPU register and also need to be
    prohibited from accessing another type.
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
    Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
    Reviewed-by: Doug Goldstein <cardoe@xxxxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
(qemu changes not included)

osstest-output mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.