Skip to navigation

Bug Fix Advisory ia32el bug fix and enhancement update

Advisory: RHBA-2009:1271-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2009-09-02
Last updated on: 2009-09-02
Affected Products: RHEL Supplementary (v. 5 server)

Details

An ia32el update that features a new release of ia32el, adds support for
SSE4.2 instructions, and fixes several bugs is now available.

The ia32el package contains the IA-32 Execution Layer platform, which
allows emulation of IA-32 binaries on Intel Itanium processors.

This updated package fixes the following bugs:

* if SELinux is in Enforcing mode, the 'allow_unconfined_execmem_dyntrans',
'allow_execmem' and 'allow_execstack' booleans must be enabled in order for
the IA-32 Execution Layer (i.e. the ia32el service) to operate correctly.
If only the 'allow_execmem' or 'allow_execstack' booleans are enabled, the
ia32el service can still support emulation; however, SELinux might issue an
AVC denial to the service. In previous releases, whenever SELinux issued an
AVC denial to ia32el, users were not informed that these booleans needed to
be enabled first. This release provides proper documentation (in the README
file) for this requirement, and revises the init script to warn the user if
any of these boolean requirements are not met at runtime. (BZ#474152)

* this update also fixes a bug that caused the fcntl system call to fail
whenever the 'flock' structure was filled with values exceeding 2GB.
(BZ#494004)

With this update, the IA-32 Execution Layer is now at version V7:

* this adds support for the latest system calls and SSE4.2 instructions. In
addition, this update also applies several fixes from upstream to improve
performance, compatibility, and robustness. (BZ#472843)

Users of the IA-32 Execution Layer should upgrade to this update.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Supplementary (v. 5 server)
SRPMS:
ia32el-1.7-3.el5.src.rpm
File outdated by:  RHBA-2011:1037		     MD5: 9f37c528a5d50bd607488ef37a8c243e
 
IA-64:
ia32el-1.7-3.el5.ia64.rpm
File outdated by:  RHBA-2011:1037		     MD5: 5f491fdb6273153bbee849b1f0ae5fe5
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

472843 - [Intel 5.4 FEAT] Support IA-32 EL V7
474152 - SELinux denial for ia32el
494004 - [RHEL 5] fcntl call fails in emulation mode on IA64 when provided with >2GB values in 'struct flock'


Keywords

fcntl;, ia32el;, rebase, selinux;, v7;

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/