Bug 488726 - fips kernel crypto testing requires libnl 1.1+
fips kernel crypto testing requires libnl 1.1+
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: libnl (Show other bugs)
All Linux
low Severity medium
: rc
: ---
Assigned To: Dan Williams
Depends On:
Blocks: FIPS-140-Tracker
  Show dependency treegraph
Reported: 2009-03-05 09:21 EST by Jarod Wilson
Modified: 2009-06-10 10:43 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-06-10 10:43:13 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jarod Wilson 2009-03-05 09:21:47 EST
Description of problem:
For FIPS CAVS kernel crypto testing and certification, we've developed a test harness in-house for processing test vectors, and the userspace makes use of libnl to send the test vectors to the kernel and receive the results back. However, features in libnl 1.1 are necessary. We'd like to see libnl 1.1 added to RHEL5.4 so that certification testing can be done on 100% stock RHEL5.4.

Version-Release number of selected component (if applicable):
libnl-1.0-0.10.pre5.5 vs. libnl-1.1-5.el5

libnl-1.1-5.el5 is a local rebuild of a recent Fedora libnl 1.1 plus a post-1.1 patch from upstream to enable libnl 1.1 to work with older (i.e. 2.6.18) kernels.
Comment 1 Dan Williams 2009-03-05 09:48:13 EST
Note that libnl 1.1 is an API/ABI break from libnl-1.0.  We were going to rebase libnl to 1.1 for RHEL 5.3 to support NetworkManager, but discovered the ABI breakage.  We would need to explore other solutions like -compat packages to preserve the older libnl-1.0 headers and libraries while also updating to libnl-1.1.
Comment 2 Linda Wang 2009-03-05 16:03:34 EST
looks like these changes are only needed by Jarod's testsuites.
Hence we can just built a test rpm to accompany his testsuites 
since we are not shipping his testsuites with RHEL.
Comment 3 Jarod Wilson 2009-06-10 10:43:13 EDT
We can go ahead and close this, the updated libnl is indeed only needed for the test infrastructure, we don't actually need to ship it.

Note You need to log in before you can comment on or make changes to this bug.