[OE-core] [PATCH V2 1/2] openssh: upgrade 7.8p1 -> 7.8p1+git to support openssl 1.1.x

Thu Sep 20 09:44:06 UTC 2018

On 2018年09月20日 12:54, richard.purdie at linuxfoundation.org wrote:
> On Thu, 2018-09-20 at 09:45 +0800, Hongxu Jia wrote:
>> I will fix it as my top priority today.
>>
>> Reproduce steps:
>>
>> - Build core-image-sato-sdk on qemuarm64
>> - Run qemu
>> - Log over ssh (openssh) failed
>>
> I did have a little bit of a look at this. It seems to hang during key
> generation before starting the server during boot.
I am afraid it is the kernel issue

cat /dev/random will hung

On other system, cat /dev/random will have output

Openssl 1.1.x call getentropy, and getentropy call getrandom,

it hung at getrandom, here is a example reproduce steps

[test.c]
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <sys/random.h>

int main(int argc, char *argv[])
{
     char buf[4];
     size_t buflen = sizeof(buf);
     printf("%s %d\n", __FUNCTION__, __LINE__);
     int res = getrandom(buf, buflen, 0);
     printf("%s %d, getentropy %d, %s, 0x%02X 0x%02X 0x%02X 0x%02X\n", 
__FUNCTION__, __LINE__,
       res, strerror(errno), buf[0]&0xFF, buf[1]&0xFF, buf[2]&0xFF, 
buf[3]&0xFF);

     return 0;
}
[test.c]

$CC test.c -o test

On qemuarm64 target, run `test', it hung
root at qemuarm64:~# ./test_rand
main 10

On other system, it generate random number

$ ./test
main 10
main 12, getrandom 4, Success, 0x58 0xCD 0x3A 0x23
jiahongxu at jiahongxu-OptiPlex-990:~$ ./test
main 10
main 12, getrandom 4, Success, 0x8F 0x25 0x7E 0x9D

I am digging into kernel

//Hongxu

> I had a suspicion that the problem could be a lack of entropy. We're
> supposed to have the virtio entropy generation being passed through
> from the host to avoid problems with entropy starvation but I'm not
> sure its running for arm64.
>
> I noticed the .config shows CONFIG_CRYPTO_DEV_VIRTIO=m but setting that
> to =y didn't help. The virtio rng connects via pci bus iirc and
> CONFIG_PCI isn't set so I'm now looking into that...
>
> To update, adding this config to the kernel:
>
> CONFIG_CRYPTO_DEV_VIRTIO=y
> CONFIG_PCI=y
> CONFIG_PCI_HOST_GENERIC=y
>
> appears to solve the problem and lets my simple tests work. I'll have
> to run some better tests but I think this is the problem, lack pci
> support in the kernel meaning the rng virtio passthrough doesn't work.
>
> Cheers,
>
> Richard
>
>
>
>
>
>