OpenSSH + GeodeLX + Linux + Cryptodev = Corrupted MAC on input.

[Darren Tucker]

Adam Cécile (Le_Vert) wrote:
> I just set up Debian Lenny on a PCEngines ALIX. This board have a 
> GeodeLX processor with hardware crypto accelerator, so I patched my 
> kernel to get cryptodev support.
> Everything is fine when playin with openssl, but openssh just crash when 
> a large amount of data is transfered.
> 
> A small example:
> alix:~# scp 100meg.test localhost:/dev/null
> root at localhost's password:
> 100meg.test                                                                                                                 
> 0%    0     0.0KB/s   --:-- ETAReceived disconnect from 127.0.0.1: 2: 
> Corrupted MAC on input.
> lost connection
> alix:~#
> 
> If I unload cryptodev kernel modules, averything works fine again.

Given that it works without the hardware driver, it sounds like some 
kind of problem with the crypto engine or the interface to it.  Can you 
run OpenSSL's self-test "make tests" and if so do they pass?

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.