PROBLEM: geode-aes not working with skcipher cbc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,
I try to use geode-aes/CRYPTO_DEV_GEODE, but it gives errors in dmesg and openssl (see below), and doesn't function.

I found that the change "crypto: cbc - Convert to skcipher" gives the problem:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/crypto/cbc.c?id=79c65d179a40e145287e59b33dc782a7c4bf0986
When I use cbc from before this change, it works fine.
When I use cbc from right after, it doesn't.
(cbc from right after, and from Linux 4.20-rc5, makes no difference in dmesg, /proc/crypto, openssl).

System is a PC Engines ALIX 2C.2 with Geode LX800, Linux 4.20-rc5.

As it has been broken for a while, I assume there are not many users, but that might increase at the next Debian stable release.

Thank you,
Gert

--- dmesg-old
+++ dmesg-new
+Error allocating fallback algo cbc(aes)
+alg: skcipher: Failed to load transform for cbc-aes-geode: -2

--- proc-crypto-old
+++ proc-crypto-new
-name         : cbc(aes)
-driver       : cbc(geode-aes)
-module       : kernel
-priority     : 300
-refcnt       : 1
-selftest     : passed
-internal     : no
-type         : blkcipher
-blocksize    : 16
-min keysize  : 16
-max keysize  : 32
-ivsize       : 16
-geniv        : <default>
-
 name         : cbc(aes)
 driver       : cbc-aes-geode
 module       : kernel
 priority     : 400
 refcnt       : 1
-selftest     : passed
+selftest     : unknown

benchmark new cbc:
# openssl speed -evp aes-128-cbc -elapsed -engine afalg
engine "afalg" set.
You have chosen to measure elapsed time instead of user CPU time.
Doing aes-128-cbc for 3s on 16 size blocks: ALG_PERR: ../engines/e_afalg.c(388): Failed to bind socket : Accessing a corrupted shared library
2187795 aes-128-cbc's in 3.01s
Doing aes-128-cbc for 3s on 64 size blocks: ALG_PERR: ../engines/e_afalg.c(388): Failed to bind socket : Accessing a corrupted shared library
2145693 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: ALG_PERR: ../engines/e_afalg.c(388): Failed to bind socket : Accessing a corrupted shared library
2143373 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 1024 size blocks: ALG_PERR: ../engines/e_afalg.c(388): Failed to bind socket : Accessing a corrupted shared library
2152109 aes-128-cbc's in 3.01s
Doing aes-128-cbc for 3s on 8192 size blocks: ALG_PERR: ../engines/e_afalg.c(388): Failed to bind socket : Accessing a corrupted shared library
2149864 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 16384 size blocks: ALG_PERR: ../engines/e_afalg.c(388): Failed to bind socket : Accessing a corrupted shared library
2154310 aes-128-cbc's in 3.00s
OpenSSL 1.1.1a  20 Nov 2018
built on: Thu Nov 22 18:40:54 2018 UTC
options:bn(64,32) rc4(4x,int) des(long) aes(partial) blowfish(ptr)
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-5z4Qxa/openssl-1.1.1a=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-128-cbc 11629.48k 45774.78k 182901.16k 732146.05k 5870561.96k 11765405.01k 3080304384:error:80065067:lib(128):afalg_create_sk:socket bind failed:../engines/e_afalg.c:389: 3080304384:error:80065067:lib(128):afalg_create_sk:socket bind failed:../engines/e_afalg.c:389: 3080304384:error:80065067:lib(128):afalg_create_sk:socket bind failed:../engines/e_afalg.c:389: 3080304384:error:80065067:lib(128):afalg_create_sk:socket bind failed:../engines/e_afalg.c:389: 3080304384:error:80065067:lib(128):afalg_create_sk:socket bind failed:../engines/e_afalg.c:389: 3080304384:error:80065067:lib(128):afalg_create_sk:socket bind failed:../engines/e_afalg.c:389:

benchmark old cbc:
# openssl speed -evp aes-128-cbc -elapsed -engine afalg
engine "afalg" set.
You have chosen to measure elapsed time instead of user CPU time.
Doing aes-128-cbc for 3s on 16 size blocks: 29843 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 64 size blocks: 29598 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: 28635 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 1024 size blocks: 25262 aes-128-cbc's in 3.01s
Doing aes-128-cbc for 3s on 8192 size blocks: 11125 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 16384 size blocks: 6524 aes-128-cbc's in 3.00s
OpenSSL 1.1.1a  20 Nov 2018
built on: Thu Nov 22 18:40:54 2018 UTC
options:bn(64,32) rc4(4x,int) des(long) aes(partial) blowfish(ptr)
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-5z4Qxa/openssl-1.1.1a=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-128-cbc 159.16k 631.42k 2443.52k 8594.12k 30378.67k 35629.74k

benchmark new cbc with aes-i586 instead of geode-aes (for reference):
# openssl speed -evp aes-128-cbc -elapsed -engine afalg
engine "afalg" set.
You have chosen to measure elapsed time instead of user CPU time.
Doing aes-128-cbc for 3s on 16 size blocks: 27674 aes-128-cbc's in 2.97s
Doing aes-128-cbc for 3s on 64 size blocks: 26473 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 256 size blocks: 21845 aes-128-cbc's in 3.01s
Doing aes-128-cbc for 3s on 1024 size blocks: 12879 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 8192 size blocks: 2621 aes-128-cbc's in 3.00s
Doing aes-128-cbc for 3s on 16384 size blocks: 1371 aes-128-cbc's in 3.00s
OpenSSL 1.1.1a  20 Nov 2018
built on: Thu Nov 22 18:40:54 2018 UTC
options:bn(64,32) rc4(4x,int) des(long) aes(partial) blowfish(ptr)
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-5z4Qxa/openssl-1.1.1a=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NOD
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes aes-128-cbc 149.09k 564.76k 1857.91k 4396.03k 7157.08k 7487.49k




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux