Bug 242590 - SELinux policy issue prevents to use SPUs on a Playstation 3
Summary: SELinux policy issue prevents to use SPUs on a Playstation 3
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
(Show other bugs)
Version: 7
Hardware: ppc64 Linux
low
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-06-04 22:50 UTC by Patrick Clément-Bonhomme
Modified: 2007-11-30 22:12 UTC (History)
1 user (show)

Fixed In Version: 2.6.4-13.fc7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-11 14:43:40 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
SELinux audit log after a fresh boot (4.89 KB, application/octet-stream)
2007-06-04 22:50 UTC, Patrick Clément-Bonhomme
no flags Details
dmesg output after a fresh boot (21.26 KB, application/octet-stream)
2007-06-04 22:55 UTC, Patrick Clément-Bonhomme
no flags Details

Description Patrick Clément-Bonhomme 2007-06-04 22:50:48 UTC
Description of problem:
Support for the SPUs of the Cell Broadband Engine of a Playstation 3 isn't
correctly loaded when the SELinux mode is set to "Enforcing" with the targeted
policy.

libspe2 (a library provided by IBM for exploiting the SPUs of the Cell) relies
on a system mount (spufs on /spu, type spufs) to access the SPUs. Unfortunately,
an audit failure occurs while the system tries to mount the device at boot. Any
application using the library will fail to create a context on a SPU.

The exact audit message can be found in the attached logs; just search for "spufs". 

Setting the SELinux mode to "Permissive" or "Disabled", manually mounting the
system device (mount -t spufs /spu), then setting back the mode to "Enforcing"
works.

Version-Release number of selected component (if applicable):
* kernel.ppc64 2.6.21-1.3194.fc7
* selinux-policy-targeted.noarch 2.6.4-8.fc7

How reproducible:
* Always.

Steps to Reproduce:
1. Install Fedora 7 on a Playstation 3 using the PPC DVD.
2. Set SELinux to "Enforcing" during the first boot setup.
3. Install the IBM Cell B.E. SDK (some libraries are needed for accessing the SPUs).
4. Run an application using at least one SPU.
  
Actual results:
* The system fails to mount spufs.
* The application will fail to create a context on a SPU.

Expected results:
* The system should mount spufs correctly, even while SELinux is enforcing the
targeted policy.
* The application should create a context on a SPU.

Additional info:
* I can provide a simple "Hello World" program using the SPUs of the Playstation 3.
* Even though it was compiled for FC6, the kernel snapshot (2.6.21-rc7) shipping
with the latest "PS3 Linux Distributor's Starter Kit" doesn't have the mount
problem, possibly because spufs support was compiled directly in it. The kit can
be found at the following address :
 
http://kernel.org/pub/linux/kernel/people/geoff/cell/CELL-Linux-CL_20070516-ADDON/target/snapshot/kernel-2.6.21-20070425.ppc64.rpm

Comment 1 Patrick Clément-Bonhomme 2007-06-04 22:50:48 UTC
Created attachment 156145 [details]
SELinux audit log after a fresh boot

Comment 2 Patrick Clément-Bonhomme 2007-06-04 22:55:12 UTC
Created attachment 156146 [details]
dmesg output after a fresh boot

Comment 3 Daniel Walsh 2007-06-05 12:23:48 UTC
Fixed in selinux-policy-2.6.4-13.fc7

Comment 4 Patrick Clément-Bonhomme 2007-06-09 05:39:57 UTC
Thanks, the fix solved the issue.


Note You need to log in before you can comment on or make changes to this bug.