Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-35765

bios-enable-execution-restrictions should be excluded for ppc64le

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • 4.17.0
    • Compliance Operator
    • None
    • No
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      Description of problem:

      
bios-enable-execution-restrictions [1] is not needed for ppc64le. NX/XD is a hardware cpu feature not available on ppc64le.
The Compliance Operator profiles ocp4-disa-stig and ocp4-disa-stig-node use bios-enable-execution-restrictions.

*References*
1. https://github.com/ComplianceAsCode/content/blob/master/linux_os/guide/system/permissions/restrictions/enable_nx/bios_enable_execution_restrictions/policy/stig/shared.yml
2. Kernel features https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/powerpc/include/uapi/asm/cputable.h

      Version-Release number of selected component (if applicable):

      4.17.0

      How reproducible:

      Each time

      Steps to Reproduce:

      1.Setup the ProfileBundle
2.create ocp4-disa-stig ocp4-disa-stig-node
3.Check the failed rule, it should be excluded

      Actual results:

      FAIL

      Expected results:

      Exclusion

      Additional info:

            pbastide_rh Paul Bastide
            pbastide_rh Paul Bastide
            Pranita Turrey Pranita Turrey (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: