Bug 186344
Summary: | checkpolicy does not work on PowerPC | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | W. Michael Petullo <redhat> | ||||||||
Component: | checkpolicy | Assignee: | Daniel Walsh <dwalsh> | ||||||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | Ben Levenson <benl> | ||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | medium | ||||||||||
Version: | 5 | CC: | jbrindle, pgraner, sdsmall | ||||||||
Target Milestone: | --- | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | powerpc | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | 1.12.4-1.fc5 | Doc Type: | Bug Fix | ||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2006-05-09 20:58:56 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Attachments: |
|
Description
W. Michael Petullo
2006-03-23 01:35:57 UTC
Don't have ppc hardware myself, and the above sequence worked on x86. Can you attach the .mod file to this bug report please? There was a bug fix in libsepol 1.12.1 to fix a problem in sepol_module_package_write, but your bug report suggests a problem during the reading of the binary policy module file, so likely not relevant. Created attachment 126637 [details]
File generated on PowerPC as requested
Can you also attach the source used to generate this binary please? I'm assuming the source is what he listed in the bug report originally as local.te (which had no conditionals at all). Is that correct? Created attachment 126643 [details]
Source code to policy fragment
This is the source code to the policy fragment. It should match what was
posted earlier.
Yes, that matches. Joshua - he is compiling with -M, so keep that in mind. Compiling it locally on x86 and comparing the two .mod files, they differ at bytes 406 (1 vs. 0) and 409 (0 vs. 1). Created attachment 126652 [details]
Convert num_decls to little endian prior to writing it to the module.
Given the info so far, I started looking for cases where we might be writing
out module data without converting to little endian, as all of the data is
supposed to be written out in that form and converted back upon reading. Looks
like avrule_block_write was missing a case. Please review attached patch.
Note that libsepol must be rebuilt and then checkpolicy rebuilt against it, as
checkpolicy uses the static lib.
Patch applied to libsepol 1.12.2 upstream. Fixed in libsepol 1.12.4-1.fc5 |