sshd fails when using cryptodev-linux to compute hmac

Roumen Petrov openssh at roumenpetrov.info
Thu Oct 10 05:16:02 AEDT 2024 

Hi Peter,

На 9.10.24 г. в 20:31 ч., Peter Rashleigh написа:
> Hi Damien,
> 
>> I don't know anything about cryptodev-linux, but I assume it's an openssl engine?
> Cryptodev-linux is a kernel module that provides access to kernel crypto drivers, especially hardware-accelerated crypto, through the /dev/crypto device. Openssl implements an engine which interfaces to it.

OpenBSD hates loadable modules. So you cannot expect support for such 
functionality.

> 
>> If so it's possible sshd's multiprocess model and/or file descriptor handling is confusing it.
> This seems like a reasonable explanation based on what I've seen so far.


PKIX-SSH support loadable modules(engines) and so, try to ensure proper 
management of cryptographic library. This includes slightly different 
management of file descriptors taking into account that some openssl 
configurations require open descriptors to devices. Also note that this 
could be a loadable module.


>> It's not a configuration we test, so you're mostly on your own to debug it. It's entirely possible there's a bug there; if so, I'd expect it to be something like a fd being closed while devcrypto is still depending on it.
>>
>> I'd suggest turning on LogVerbose=* so you can see which process (represented by it's PID) is doing what, though that probably won't be represented in the devcrypto debug messages unless you hack something similar in.
> Too bad, I was hoping it was a tested/supported configuration. Since that doesn't seem to be the case, I suspect the easiest way forward for me is going to be disabling the openssl engine entirely so that openssh works properly. I doubt that hardware-accelerated crypto is going to have much benefit for SSH workloads anyway.


Unfortunately or not I'm not able to confirm issue on 64 bit AMD. 
Environment:
  - qemu virtual machine,
  - OpenSUSE leap 15.4,
  - current pxis-ssh (15.3+)
  - current openssl stable (3.3.2+),
  - current cryptodev kernel modile (1.14+),
  - openssl configuration with described  devcrypto engine and 
activated(init = 1)

All regression test pass. Also putty interoperability regression tests 
pass as well.


About '... custom buildroot Linux 6.1.53 running on ARMv8...'

You could test build without so called "hardening" options. Some options 
are not maintained and code may fail on non-x86 processors.


> 
> Thanks,
> Peter

Roumen

More information about the openssh-unix-dev mailing list