On 05/21/2013 10:54 PM, JT Olds wrote: > Hey all, > > I have a Marvell ARM device (kirkwood/mv_cesa) running Debian Wheezy (so, > OpenSSL 1.0.1e) with a Linux 3.8.6 kernel. I am trying to get cryptodev to > work. > First off, cryptodev's "make check" fails the following tests: > ./cipher-aead-srtp > ioctl(CIOCGSESSION): Invalid argument > ./cipher-gcm > test_crypto: 119 > ioctl(CIOCGSESSION): Invalid argumen > The other tests pass. What is going on with these tests? I assume that > these tests are trying to tell the crypto hardware to use a mode that it > doesn't support? But I'm not sure.
Hello, It seems that the /dev/crypto device in that system is from an older cryptodev driver. You may want to unload the old module and load the new one. > Second, Wheezy's OpenSSL 1.0.1e isn't built with cryptodev support, so > after putting "crypto/cryptodev.h" in /usr/local/include, I rebuilt > cryptodev-supporting OpenSSL packages: > apt-get source openssl > cd openssl-1.0.1e > DEB_CFLAGS_APPEND='-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS > -DHASH_MAX_LEN=64' dpkg-buildpackage -us -uc > cd .. > Notably, the OpenSSL tests pass without /dev/crypto, but when /dev/crypto > exists, the OpenSSL tests fail. Here's the failure: Did you try replacing openssl's eng_cryptodev.c with the included in cryptodev? Does it help with the check and the errors you see? > Further, and more pertinently, with a cryptodev-supporting OpenSSL build > and a working /dev/crypto, we frequently see /dev/crypto get into a weird > state where OpenSSL starts crashing (I assume it's related to this test > failure). Since SSH is the only way we can easily manage these headless > embedded Linux devices, this is incredibly frustrating, as SSH starts > failing due to the SSL failures. > This is as far as I've made it. We've gotten frustrated enough that we > tried to switch to OCF-Linux, but those patches barely apply to 3.8.6 and I don't think that would help. As far as I understand those issues are due to the quality of eng_cryptodev.c. regards, Nikos _______________________________________________ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
