Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 692515

Summary: sha512hmac expects different checksum, fails on PPC64
Product: Red Hat Enterprise Linux 6 Reporter: Martin Banas <mbanas>
Component: kernelAssignee: Aristeu Rozanski <arozansk>
Status: CLOSED ERRATA QA Contact: Martin Banas <mbanas>
Severity: high Docs Contact:
Priority: high    
Version: 6.1CC: bugproxy, iboverma, mbanas, tmraz
Target Milestone: rc   
Target Release: ---   
Hardware: ppc64   
OS: Unspecified   
Whiteboard:
Fixed In Version: kernel-2.6.32-131.0.1.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-19 12:54:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 691419    
Bug Blocks: 584498, 670159, 846801, 846802    

Description Martin Banas 2011-03-31 13:13:00 UTC 
Description of problem:
sha512hmac -c /boot/.vmlinuz-2.6.32-128.el6.ppc64.hmac fails on PPC64.

Version-Release number of selected component (if applicable):
kernel-2.6.32-128

How reproducible:
always

Steps to Reproduce:
1. Install RHEL6, and hmaccalc package
2. run # sha512hmac -c /boot/.vmlinuz-2.6.32-128.el6.ppc64.hmac
  
Actual results:
sha512hmac -c /boot/.vmlinuz-2.6.32-128.el6.ppc64.hmac 
/boot/vmlinuz-2.6.32-128.el6.ppc64: FAILED
 computed = 6f39b5c725ead894b22fd334b9b349e7c1444d6a705d95a1f1c1655472d744a478d5da5f725287150a5aa45233e59b6ab447714075cf8e4fc88281246dcc7d64
 expected = 6c5c405c9031d5dffae0223e4e5567ab31a64b65b83f50b22ace3e1166d3700bddebb20a522b2a52ad08a447bdab6efe4fb5c59bff0688c61adf1f72a92b19bc

Installation in fips mode is not possible.

Expected results:
sha512hmac should pass.
Comment 2 Martin Banas 2011-04-05 06:27:59 UTC 
Hello,
Any progress on this bug? It would be nice to be fixed as soon as possible so that we could continue testing FIPS.
Comment 3 Aristeu Rozanski 2011-04-07 21:37:47 UTC 
The problem is on RPM's post installation macro that will strip the notes section
from the kernel image, changing the checksum. I have one tentative patch being
built and will test it afterwards. I should have the patch submitted tomorrow
if everything goes as planned.
Comment 4 Aristeu Rozanski 2011-04-07 21:40:41 UTC 
More information:
/usr/lib/rpm/redhat/brp-strip-comment-note runs on:
%__os_install_post    \
    /usr/lib/rpm/redhat/brp-compress \
    %{!?__debug_package:/usr/lib/rpm/redhat/brp-strip %{__strip}} \
    /usr/lib/rpm/redhat/brp-strip-static-archive %{__strip} \
    /usr/lib/rpm/redhat/brp-strip-comment-note %{__strip} %{__objdump} \
    /usr/lib/rpm/brp-python-bytecompile \
    /usr/lib/rpm/redhat/brp-python-hardlink \
    %{!?__jar_repack:/usr/lib/rpm/redhat/brp-java-repack-jars} \
%{nil}
(Red Hat's RPM macros)
Since ppc64 is the only one to use vmlinux, it'll be stripped in
brp-strip-comment-note, changing the checksum.
Comment 5 Aristeu Rozanski 2011-04-08 15:24:49 UTC 
Patch submitted to the mailing list.
Comment 6 Aristeu Rozanski 2011-04-13 19:05:04 UTC 
Patch(es) available on kernel-2.6.32-131.0.1.el6
Comment 9 Martin Banas 2011-04-14 12:15:04 UTC 
Verified on RHEL6.1-20110413.1 (Snapshot 4), kernel-2.6.32-131.0.1.el6.

[root@ibm-js12-vios-01-lp1 ~]# sha512hmac -c /boot/.vmlinuz-2.6.32-131.0.1.el6.ppc64.hmac 
/boot/vmlinuz-2.6.32-131.0.1.el6.ppc64: OK

Boot is also OK:
...
sd 0:0:7:0: [sdc] Assuming drive cache: write through
sd 0:0:8:0: [sdd] Assuming drive cache: write through
/boot/vmlinuz-2.6.32-131.0.1.el6.ppc64: OK
            Welcome to Red Hat Enterprise Linux Server
Starting udev: [  OK  ]
...
Comment 10 errata-xmlrpc 2011-05-19 12:54:59 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0542.html