Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 692515 - sha512hmac expects different checksum, fails on PPC64
sha512hmac expects different checksum, fails on PPC64
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: kernel (Show other bugs)
6.1
ppc64 Unspecified
high Severity high
: rc
: ---
Assigned To: Aristeu Rozanski
Martin Banas
:
Depends On: 691419
Blocks: RHEL62CCC 670159 846801 846802
  Show dependency treegraph
 
Reported: 2011-03-31 09:13 EDT by Martin Banas
Modified: 2012-08-08 14:29 EDT (History)
4 users (show)

See Also:
Fixed In Version: kernel-2.6.32-131.0.1.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-05-19 08:54:59 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
IBM Linux Technology Center 71358 None None None Never
Red Hat Product Errata RHSA-2011:0542 normal SHIPPED_LIVE Important: Red Hat Enterprise Linux 6.1 kernel security, bug fix and enhancement update 2011-05-19 07:58:07 EDT

  None (edit)
Description Martin Banas 2011-03-31 09:13:00 EDT 
Description of problem:
sha512hmac -c /boot/.vmlinuz-2.6.32-128.el6.ppc64.hmac fails on PPC64.

Version-Release number of selected component (if applicable):
kernel-2.6.32-128

How reproducible:
always

Steps to Reproduce:
1. Install RHEL6, and hmaccalc package
2. run # sha512hmac -c /boot/.vmlinuz-2.6.32-128.el6.ppc64.hmac
  
Actual results:
sha512hmac -c /boot/.vmlinuz-2.6.32-128.el6.ppc64.hmac 
/boot/vmlinuz-2.6.32-128.el6.ppc64: FAILED
 computed = 6f39b5c725ead894b22fd334b9b349e7c1444d6a705d95a1f1c1655472d744a478d5da5f725287150a5aa45233e59b6ab447714075cf8e4fc88281246dcc7d64
 expected = 6c5c405c9031d5dffae0223e4e5567ab31a64b65b83f50b22ace3e1166d3700bddebb20a522b2a52ad08a447bdab6efe4fb5c59bff0688c61adf1f72a92b19bc

Installation in fips mode is not possible.

Expected results:
sha512hmac should pass.
Comment 2 Martin Banas 2011-04-05 02:27:59 EDT 
Hello,
Any progress on this bug? It would be nice to be fixed as soon as possible so that we could continue testing FIPS.
Comment 3 Aristeu Rozanski 2011-04-07 17:37:47 EDT 
The problem is on RPM's post installation macro that will strip the notes section
from the kernel image, changing the checksum. I have one tentative patch being
built and will test it afterwards. I should have the patch submitted tomorrow
if everything goes as planned.
Comment 4 Aristeu Rozanski 2011-04-07 17:40:41 EDT 
More information:
/usr/lib/rpm/redhat/brp-strip-comment-note runs on:
%__os_install_post    \
    /usr/lib/rpm/redhat/brp-compress \
    %{!?__debug_package:/usr/lib/rpm/redhat/brp-strip %{__strip}} \
    /usr/lib/rpm/redhat/brp-strip-static-archive %{__strip} \
    /usr/lib/rpm/redhat/brp-strip-comment-note %{__strip} %{__objdump} \
    /usr/lib/rpm/brp-python-bytecompile \
    /usr/lib/rpm/redhat/brp-python-hardlink \
    %{!?__jar_repack:/usr/lib/rpm/redhat/brp-java-repack-jars} \
%{nil}
(Red Hat's RPM macros)
Since ppc64 is the only one to use vmlinux, it'll be stripped in
brp-strip-comment-note, changing the checksum.
Comment 5 Aristeu Rozanski 2011-04-08 11:24:49 EDT 
Patch submitted to the mailing list.
Comment 6 Aristeu Rozanski 2011-04-13 15:05:04 EDT 
Patch(es) available on kernel-2.6.32-131.0.1.el6
Comment 9 Martin Banas 2011-04-14 08:15:04 EDT 
Verified on RHEL6.1-20110413.1 (Snapshot 4), kernel-2.6.32-131.0.1.el6.

[root@ibm-js12-vios-01-lp1 ~]# sha512hmac -c /boot/.vmlinuz-2.6.32-131.0.1.el6.ppc64.hmac 
/boot/vmlinuz-2.6.32-131.0.1.el6.ppc64: OK

Boot is also OK:
...
sd 0:0:7:0: [sdc] Assuming drive cache: write through
sd 0:0:8:0: [sdd] Assuming drive cache: write through
/boot/vmlinuz-2.6.32-131.0.1.el6.ppc64: OK
            Welcome to Red Hat Enterprise Linux Server
Starting udev: [  OK  ]
...
Comment 10 errata-xmlrpc 2011-05-19 08:54:59 EDT 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0542.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.