> Hello, > It seems that the /dev/crypto device in that system is from an older > cryptodev driver. You may want to unload the old module and load the new > one.
This is release 1.6 that I built and deployed. Is there something newer? > >> Second, Wheezy's OpenSSL 1.0.1e isn't built with cryptodev support, so >> after putting "crypto/cryptodev.h" in /usr/local/include, I rebuilt >> cryptodev-supporting OpenSSL packages: >> apt-get source openssl >> cd openssl-1.0.1e >> DEB_CFLAGS_APPEND='-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS >> -DHASH_MAX_LEN=64' dpkg-buildpackage -us -uc >> cd .. >> Notably, the OpenSSL tests pass without /dev/crypto, but when /dev/crypto >> exists, the OpenSSL tests fail. Here's the failure: > > > Did you try replacing openssl's eng_cryptodev.c with the included in > cryptodev? Does it help with the check and the errors you see? No I didn't. I was under the impression from mailing lists and otherwise that you hoped to stop maintaining the openssl patch, since OpenSSL 1.0.1 and newer had it built in. Should I still be patching the latest OpenSSL? I can certainly try that. > >> Further, and more pertinently, with a cryptodev-supporting OpenSSL build >> and a working /dev/crypto, we frequently see /dev/crypto get into a weird >> state where OpenSSL starts crashing (I assume it's related to this test >> failure). Since SSH is the only way we can easily manage these headless >> embedded Linux devices, this is incredibly frustrating, as SSH starts >> failing due to the SSL failures. >> This is as far as I've made it. We've gotten frustrated enough that we >> tried to switch to OCF-Linux, but those patches barely apply to 3.8.6 and > > > I don't think that would help. As far as I understand those issues are > due to the quality of eng_cryptodev.c. Interesting. Yeah, from my reading it seemed like this was no longer necessary with the latest OpenSSL, which I'm using, but I will try. _______________________________________________ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
