[OE-core] [PATCH V2 1/2] openssh: upgrade 7.8p1 -> 7.8p1+git to support openssl 1.1.x
Hongxu Jia
hongxu.jia at windriver.com
Thu Sep 20 09:44:06 UTC 2018
On 2018年09月20日 12:54, richard.purdie at linuxfoundation.org wrote:
> On Thu, 2018-09-20 at 09:45 +0800, Hongxu Jia wrote:
>> I will fix it as my top priority today.
>>
>> Reproduce steps:
>>
>> - Build core-image-sato-sdk on qemuarm64
>> - Run qemu
>> - Log over ssh (openssh) failed
>>
> I did have a little bit of a look at this. It seems to hang during key
> generation before starting the server during boot.
I am afraid it is the kernel issue
cat /dev/random will hung
On other system, cat /dev/random will have output
Openssl 1.1.x call getentropy, and getentropy call getrandom,
it hung at getrandom, here is a example reproduce steps
[test.c]
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <sys/random.h>
int main(int argc, char *argv[])
{
char buf[4];
size_t buflen = sizeof(buf);
printf("%s %d\n", __FUNCTION__, __LINE__);
int res = getrandom(buf, buflen, 0);
printf("%s %d, getentropy %d, %s, 0x%02X 0x%02X 0x%02X 0x%02X\n",
__FUNCTION__, __LINE__,
res, strerror(errno), buf[0]&0xFF, buf[1]&0xFF, buf[2]&0xFF,
buf[3]&0xFF);
return 0;
}
[test.c]
$CC test.c -o test
On qemuarm64 target, run `test', it hung
root at qemuarm64:~# ./test_rand
main 10
On other system, it generate random number
$ ./test
main 10
main 12, getrandom 4, Success, 0x58 0xCD 0x3A 0x23
jiahongxu at jiahongxu-OptiPlex-990:~$ ./test
main 10
main 12, getrandom 4, Success, 0x8F 0x25 0x7E 0x9D
I am digging into kernel
//Hongxu
> I had a suspicion that the problem could be a lack of entropy. We're
> supposed to have the virtio entropy generation being passed through
> from the host to avoid problems with entropy starvation but I'm not
> sure its running for arm64.
>
> I noticed the .config shows CONFIG_CRYPTO_DEV_VIRTIO=m but setting that
> to =y didn't help. The virtio rng connects via pci bus iirc and
> CONFIG_PCI isn't set so I'm now looking into that...
>
> To update, adding this config to the kernel:
>
> CONFIG_CRYPTO_DEV_VIRTIO=y
> CONFIG_PCI=y
> CONFIG_PCI_HOST_GENERIC=y
>
> appears to solve the problem and lets my simple tests work. I'll have
> to run some better tests but I think this is the problem, lack pci
> support in the kernel meaning the rng virtio passthrough doesn't work.
>
> Cheers,
>
> Richard
>
>
>
>
>
>
More information about the Openembedded-core
mailing list