Have you reported this to Sun?
Cheers,
Ben.
Eric Laroche wrote:
>
> Hi all,
>
> While performing performance tests on a Sun Crypto Accelerator I Board
> (also known as CryptoSwift) on sparc-sun-solaris architecture, I
> noticed a race condition between the libswift.so-hardware-I/O and the
> alarm signal speed.c uses.
>
> The symptom was the openssl speed program terminating with the
> following openssl error message:
>
> 9728:error:26066072:engine routines:CSWIFT_MOD_EXP:request failed:
> hw_cswift.c:413:CryptoSwift error number is -10004
>
> [or on the latest source snapshot:
> 2197:error:80068076:cswift engine code:cswift_mod_exp_crt:request
> failed:hw_cswift.c:680:CryptoSwift error number is -10004]
>
> [from cswift.h: -10004 is SW_ERR_NO_EXECUTE 'The Card failed to
> execute the command']
>
> Obviously, libswift.so does not restart the ioctl call(s) that fails
> with EINTR when SIGALRM is received, as observed in a truss output.
>
> I don't know which libswift versions are affected by this problem; see
> below for version details on the one I tested.
>
> This problem does not only affect the 'openssl speed' code, but any
> code that uses the openssl engine library, cswift and signal handlers.
>
> There may be some other problematic signals besides SIGALRM (e.g.
> SIGCHLD, SIGUSR1, SIGUSR2, and probably more), so I decided to block
> (hold) all signals (but the non-blockable SIGKILL, etc.) during the
> libswift calls. [It is probably not necessary to protect the attach-
> parameters call and maybe neither the require-context and release-
> context, but it's safe, and the time penalty is probably minimal.]
>
> The tested libswift.so version is the following: libswift.so.5.2.2
> (file date Jul 28 2000, 87196 bytes, md5sum
> fc43e2e71bdacf30337ce4f3f6252f6d, SUNWsecsn sun-solaris package
> version 1.0.0,REV=2000.08.09).
>
> Regards,
> Eric
>
> --
> Eric Laroche <[EMAIL PROTECTED]>, AdNovum Informatik AG
>
> ------------------------------------------------------------------------
> diff -ur openssl-SNAP-20011126.orig/crypto/engine/hw_cswift.c
>openssl-SNAP-20011126/crypto/engine/hw_cswift.c
> --- openssl-SNAP-20011126.orig/crypto/engine/hw_cswift.c Tue Sep 25 22:02:20
>2001
> +++ openssl-SNAP-20011126/crypto/engine/hw_cswift.c Tue Nov 27 10:17:17 2001
> @@ -255,6 +255,40 @@
> static const char *engine_cswift_id = "cswift";
> static const char *engine_cswift_name = "CryptoSwift hardware engine support";
>
> +/* Signal blocking during libswift calls */
> +
> +#if defined(unix)
> +#include <signal.h>
> +#endif
> +
> +static void crit_sect_on(void* sigctx, int size) {
> +#if defined(unix)
> + sigset_t s, t;
> + if (size < sizeof(s))
> + return;
> + /* Block all signals. Note that typically, the sigprocmask
> + ** manual page states that it is not possible to block those
> + ** signals that cannot be ignored (e.g. SIGKILL and SIGSTOP)
> + ** but that this restriction is silently imposed by the system.
> + */
> + sigfillset(&t);
> + sigprocmask(SIG_SETMASK, &t, &s);
> + /* [To have proper data alignment, don't use 'sigctx' directly.] */
> + memcpy(sigctx, &s, sizeof(s));
> +#endif
> +}
> +
> +static void crit_sect_off(void* sigctx, int size) {
> +#if defined(unix)
> + sigset_t s;
> + if (size < sizeof(s))
> + return;
> + /* [To have proper data alignment, don't use 'sigctx' directly.] */
> + memcpy(&s, sigctx, sizeof(s));
> + sigprocmask(SIG_SETMASK, &s, NULL);
> +#endif
> +}
> +
> /* This internal function is used by ENGINE_cswift() and possibly by the
> * "dynamic" ENGINE support too */
> static int bind_helper(ENGINE *e)
> @@ -365,8 +399,11 @@
> static int get_context(SW_CONTEXT_HANDLE *hac)
> {
> SW_STATUS status;
> + char sigctx[32];
>
> + crit_sect_on(sigctx, sizeof(sigctx));
> status = p_CSwift_AcquireAccContext(hac);
> + crit_sect_off(sigctx, sizeof(sigctx));
> if(status != SW_OK)
> return 0;
> return 1;
> @@ -375,7 +412,11 @@
> /* similarly to release one. */
> static void release_context(SW_CONTEXT_HANDLE hac)
> {
> + char sigctx[32];
> +
> + crit_sect_on(sigctx, sizeof(sigctx));
> p_CSwift_ReleaseAccContext(hac);
> + crit_sect_off(sigctx, sizeof(sigctx));
> }
>
> /* Destructor (complements the "ENGINE_cswift()" constructor) */
> @@ -506,6 +547,7 @@
> SW_PARAM sw_param;
> SW_CONTEXT_HANDLE hac;
> int to_return, acquired;
> + char sigctx[32];
>
> modulus = exponent = argument = result = NULL;
> to_return = 0; /* expect failure */
> @@ -541,8 +583,10 @@
> sw_param.up.exp.exponent.nbytes = BN_bn2bin(p,
> (unsigned char *)exponent->d);
> sw_param.up.exp.exponent.value = (unsigned char *)exponent->d;
> + crit_sect_on(sigctx, sizeof(sigctx));
> /* Attach the key params */
> sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
> + crit_sect_off(sigctx, sizeof(sigctx));
> switch(sw_status)
> {
> case SW_OK:
> @@ -565,9 +609,11 @@
> res.nbytes = BN_num_bytes(m);
> memset(result->d, 0, res.nbytes);
> res.value = (unsigned char *)result->d;
> + crit_sect_on(sigctx, sizeof(sigctx));
> /* Perform the operation */
> - if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
> - &res, 1)) != SW_OK)
> + sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1, &res, 1);
> + crit_sect_off(sigctx, sizeof(sigctx));
> + if(sw_status != SW_OK)
> {
> char tmpbuf[20];
> CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
> @@ -603,6 +649,7 @@
> BIGNUM *result = NULL;
> int to_return = 0; /* expect failure */
> int acquired = 0;
> + char sigctx[32];
>
> if(!get_context(&hac))
> {
> @@ -648,8 +695,10 @@
> sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp,
> (unsigned char *)rsa_iqmp->d);
> sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d;
> + crit_sect_on(sigctx, sizeof(sigctx));
> /* Attach the key params */
> sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
> + crit_sect_off(sigctx, sizeof(sigctx));
> switch(sw_status)
> {
> case SW_OK:
> @@ -672,9 +721,11 @@
> res.nbytes = 2 * BN_num_bytes(p);
> memset(result->d, 0, res.nbytes);
> res.value = (unsigned char *)result->d;
> + crit_sect_on(sigctx, sizeof(sigctx));
> /* Perform the operation */
> - if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
> - &res, 1)) != SW_OK)
> + sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1, &res, 1);
> + crit_sect_off(sigctx, sizeof(sigctx));
> + if(sw_status != SW_OK)
> {
> char tmpbuf[20];
> CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
> @@ -737,6 +788,7 @@
> BIGNUM *result = NULL;
> DSA_SIG *to_return = NULL;
> int acquired = 0;
> + char sigctx[32];
>
> if((ctx = BN_CTX_new()) == NULL)
> goto err;
> @@ -780,8 +832,10 @@
> sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key,
> (unsigned char *)dsa_key->d);
> sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
> + crit_sect_on(sigctx, sizeof(sigctx));
> /* Attach the key params */
> sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
> + crit_sect_off(sigctx, sizeof(sigctx));
> switch(sw_status)
> {
> case SW_OK:
> @@ -804,9 +858,11 @@
> res.nbytes = BN_num_bytes(dsa->p);
> memset(result->d, 0, res.nbytes);
> res.value = (unsigned char *)result->d;
> + crit_sect_on(sigctx, sizeof(sigctx));
> /* Perform the operation */
> sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1,
> &res, 1);
> + crit_sect_off(sigctx, sizeof(sigctx));
> if(sw_status != SW_OK)
> {
> char tmpbuf[20];
> @@ -849,6 +905,7 @@
> BIGNUM *argument = NULL;
> int to_return = -1;
> int acquired = 0;
> + char sigctx[32];
>
> if((ctx = BN_CTX_new()) == NULL)
> goto err;
> @@ -892,8 +949,10 @@
> sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key,
> (unsigned char *)dsa_key->d);
> sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
> + crit_sect_on(sigctx, sizeof(sigctx));
> /* Attach the key params */
> sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
> + crit_sect_off(sigctx, sizeof(sigctx));
> switch(sw_status)
> {
> case SW_OK:
> @@ -920,9 +979,11 @@
> BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s));
> res.nbytes = 4; /* unsigned long */
> res.value = (unsigned char *)(&sig_result);
> + crit_sect_on(sigctx, sizeof(sigctx));
> /* Perform the operation */
> sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2,
> &res, 1);
> + crit_sect_off(sigctx, sizeof(sigctx));
> if(sw_status != SW_OK)
> {
> char tmpbuf[20];
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
