Hey all, I have a Marvell ARM device (kirkwood/mv_cesa) running Debian Wheezy (so, OpenSSL 1.0.1e) with a Linux 3.8.6 kernel. I am trying to get cryptodev to work.
First off, cryptodev's "make check" fails the following tests: ./cipher-aead-srtp ioctl(CIOCGSESSION): Invalid argument ./cipher-gcm test_crypto: 119 ioctl(CIOCGSESSION): Invalid argument The other tests pass. What is going on with these tests? I assume that these tests are trying to tell the crypto hardware to use a mode that it doesn't support? But I'm not sure. Second, Wheezy's OpenSSL 1.0.1e isn't built with cryptodev support, so after putting "crypto/cryptodev.h" in /usr/local/include, I rebuilt cryptodev-supporting OpenSSL packages: apt-get source openssl cd openssl-1.0.1e DEB_CFLAGS_APPEND='-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DHASH_MAX_LEN=64' dpkg-buildpackage -us -uc cd .. Notably, the OpenSSL tests pass without /dev/crypto, but when /dev/crypto exists, the OpenSSL tests fail. Here's the failure: 1078172272:error:0D0C50C7:asn1 encoding routines:ASN1_item_verify:unknown signature algorithm:a_verify.c:154: signature on req is wrong make[1]: *** [test_gen] Error 1 Further, and more pertinently, with a cryptodev-supporting OpenSSL build and a working /dev/crypto, we frequently see /dev/crypto get into a weird state where OpenSSL starts crashing (I assume it's related to this test failure). Since SSH is the only way we can easily manage these headless embedded Linux devices, this is incredibly frustrating, as SSH starts failing due to the SSL failures. This is as far as I've made it. We've gotten frustrated enough that we tried to switch to OCF-Linux, but those patches barely apply to 3.8.6 and there the kernel is pretty crashy too. We're going to switch to AF-ALG (since it's actually merged into the kernel), but obviously the performance improvement with cryptodev is very attractive to us. What can we do to track down the root issue? What should I investigate to figure out the cause of the crashiness? Thanks -JT
_______________________________________________ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
