Description of problem:
Support for the SPUs of the Cell Broadband Engine of a Playstation 3 isn't
correctly loaded when the SELinux mode is set to "Enforcing" with the targeted
libspe2 (a library provided by IBM for exploiting the SPUs of the Cell) relies
on a system mount (spufs on /spu, type spufs) to access the SPUs. Unfortunately,
an audit failure occurs while the system tries to mount the device at boot. Any
application using the library will fail to create a context on a SPU.
The exact audit message can be found in the attached logs; just search for "spufs".
Setting the SELinux mode to "Permissive" or "Disabled", manually mounting the
system device (mount -t spufs /spu), then setting back the mode to "Enforcing"
Version-Release number of selected component (if applicable):
* kernel.ppc64 2.6.21-1.3194.fc7
* selinux-policy-targeted.noarch 2.6.4-8.fc7
Steps to Reproduce:
1. Install Fedora 7 on a Playstation 3 using the PPC DVD.
2. Set SELinux to "Enforcing" during the first boot setup.
3. Install the IBM Cell B.E. SDK (some libraries are needed for accessing the SPUs).
4. Run an application using at least one SPU.
* The system fails to mount spufs.
* The application will fail to create a context on a SPU.
* The system should mount spufs correctly, even while SELinux is enforcing the
* The application should create a context on a SPU.
* I can provide a simple "Hello World" program using the SPUs of the Playstation 3.
* Even though it was compiled for FC6, the kernel snapshot (2.6.21-rc7) shipping
with the latest "PS3 Linux Distributor's Starter Kit" doesn't have the mount
problem, possibly because spufs support was compiled directly in it. The kit can
be found at the following address :
Created attachment 156145 [details]
SELinux audit log after a fresh boot
Created attachment 156146 [details]
dmesg output after a fresh boot
Fixed in selinux-policy-2.6.4-13.fc7
Thanks, the fix solved the issue.