2231856 – aarch64 system boots into emergency mode when secure_mode_insmod is on

Bug 2231856 - aarch64 system boots into emergency mode when secure_mode_insmod is on

Summary: aarch64 system boots into emergency mode when secure_mode_insmod is on

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	scap-security-guide
Sub Component:
Version:	8.9
Hardware:	aarch64
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Vojtech Polasek
QA Contact:	BaseOS QE Security Team
Docs Contact:
URL:
Whiteboard:
Depends On:	2231849
Blocks:
TreeView+	depends on / blocked

Reported:	2023-08-14 12:56 UTC by Matus Marhefka
Modified:	2023-08-17 11:41 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	2231849
Environment:
Last Closed:
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHEL-1421	None	None	None	2023-08-17 08:37:34 UTC
Red Hat Issue Tracker	RHELPLAN-165957	None	None	None	2023-08-17 08:37:47 UTC
Red Hat Issue Tracker	RHELPLAN-165958	None	None	None	2023-08-17 08:37:44 UTC

Description Matus Marhefka 2023-08-14 12:56:17 UTC

+++ This bug was initially created as a clone of Bug #2231849 +++

Description of problem:
Remediating aarch64 system using anssi_bp28_high profile causes it to boot into emergency mode.


Version-Release number of selected component (if applicable):
scap-security-guide 0.1.69


How reproducible:
deterministic


Steps to Reproduce:
1. Remediate installed system using ANSSI profile:
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_anssi_bp28_high --progress --remediate /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
2. Reboot the system


Actual results:
System enters emergency mode ater the reboot:

You are in emergency mode. After logging in, type "journalctl -xb" to view 
system logs, "systemctl reboot" to reboot, "systemctl default" or "exit" 
to boot into default mode. 
Give root password for maintenance


Expected results:
System reboots and it is possible to login into the system.


Additional info:

Comment 1 RHEL Program Management 2023-08-17 11:41:40 UTC

Issue migration from Bugzilla to Jira is in process at this time. This will be the last message in Jira copied from the Bugzilla bug.

Note You need to log in before you can comment on or make changes to this bug.