FYI, this has now been resolved by the ONNV GKs and external developers can now pass this flag day successfully.
Valerie On Sat, 18 Jul 2009, Valerie Bubb Fenwick wrote: > Hi Everyone - > > My integration yesterday for: > 6852240 libelfsign should use pkcs11_softtoken instead of OpenSSL for > FIPS-140 integrity checking > 6851814 tools elfsign is unnecessarily linked against pkcs11_softtoken > > constitutes a flag day for all developers, particularly external developers. > You need to make sure you have the closed binary tarball that corresponds > with these bits, or you will get an infinite loop in cryptosvcs that will > look something like this: > > Jul 18 15:11:05 moritz svc.startd[7]: [ID 122153 daemon.warning] > svc:/system/cryptosvc:default: Method or service exit timed out. Killing > contract 15. > Jul 18 15:11:05 moritz kcf: [ID 949968 kern.warning] WARNING: Module > verification door upcall failed for /kernel/crypto/amd64/arcfour. errno = 4 > Jul 18 15:11:05 moritz svc.startd[7]: [ID 636263 daemon.warning] > svc:/system/cryptosvc:default: Method "/sbin/cryptoadm start" failed due to > signal KILL > > Unfortunately, it doesn't seem like the closed-bins tar ball has been updated > since May 19, so right now these bits will be toxic for external developers, > though there have been many other changes to the closed bins since that date, > so I am surprised this is the first issue coming up. > > I will contact the gatekeeping staff immediately to try to resolve this. > > I'm sorry for the inconvenience this has caused. > > Valerie >
