It's been a long time since I last poked at Linux on my Segate GoFlex Net, a Marvell Kirkwood armel platform. Kirkwoods have hardware crypto support for AES, and I tried setting it up on a fresh Debian Testing install like I used to back in the day and... no joy, with afalg enabled in OpenSSL I could not complete ssh sessions in or out. After some digging and reading I see this has been the norm for a few years and traces back to privilege separation being added. The few notes from after that period talk about rebuilding OpenSSH and forcing priv-sep off, not something I'd like to do. So, I set out to try and sort what's actually breaking under the hood. I hit two issues, the first being that digests just aren't performant through the afalg engine, and cause a failure when enabled and attempting ssh. The second that the security sandbox was blocking the socket call to afalg. --- ../../openssh-orig/openssh-9.9p1/sandbox-seccomp-filter.c 2024-09-19 18:20:48.000000000 -0400 +++ sandbox-seccomp-filter.c 2025-01-03 18:20:19.803149104 -0500 @@ -402,6 +402,12 @@ SC_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN), SC_DENY(__NR_socketcall, EACCES), #endif + + /* Kurlon testing alfag */ +#ifdef __NR_socket + SC_ALLOW_ARG(__NR_socket, 0, AF_ALG), +#endif + #if defined(__NR_ioctl) && defined(__s390__) /* Allow ioctls for ICA crypto card on s390 */ SC_ALLOW_ARG(__NR_ioctl, 1, Z90STAT_STATUS_MASK), This satisfies the sandbox. Looking at OpenSSL's code, I think the rule could possibly be restricted further to require the 2nd argument to NR_socket to be SOCK_SEQPACKET? Line 453 at https://github.com/openssl/openssl/blob/master/engines/e_afalg.c is what I based that on after reversing SSH's initial fail for a sysreq call 281 back to socket on armel. I've rebuilt OpenSSH 9.9p1 from Debian Testing with this addition. That plus setting up afalg in openssl.cnf to only do ciphers and not hashes, and preferencing aes256-cbc in my ssh_config/sshd_config is resulting in working connections now. Is my methodology wrong, is this something OpenSSH would accept for mainline inclusion? Josh Coombs / Kurlon _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
