From owner-freebsd-arm@freebsd.org Sun Mar 5 00:02:38 2017 Return-Path: Delivered-To: freebsd-arm@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A6974CF9B8B for ; Sun, 5 Mar 2017 00:02:38 +0000 (UTC) (envelope-from andrew@tao11.riddles.org.uk) Received: from lungold.riddles.org.uk (lungold.riddles.org.uk [82.68.208.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 565F810F3 for ; Sun, 5 Mar 2017 00:02:38 +0000 (UTC) (envelope-from andrew@tao11.riddles.org.uk) Received: from [192.168.127.1] (port=41171 helo=caithnard.riddles.org.uk) by lungold.riddles.org.uk with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.88 (FreeBSD)) (envelope-from ) id 1ckJdC-0000Xu-Ty; Sun, 05 Mar 2017 00:02:34 +0000 Received: from localhost ([127.0.0.1]:10613 helo=caithnard.riddles.org.uk) by caithnard.riddles.org.uk with esmtp (Exim 4.84 (FreeBSD)) (envelope-from ) id 1ckJdC-00043q-5j; Sun, 05 Mar 2017 00:02:34 +0000 From: Andrew Gierth To: Mark Millard Cc: "freebsd-arm\@freebsd.org" Subject: Re: Is CPUTYPE=cortex-A7 supposed to work? In-Reply-To: <644D1F49-BF5D-409D-BFC4-4F7E6E73085B@dsl-only.net> (Mark Millard's message of "Sat, 4 Mar 2017 15:32:52 -0800") Message-ID: <87lgsk1udz.fsf@news-spur.riddles.org.uk> References: <871suc3nv8.fsf@news-spur.riddles.org.uk> <87tw7820fc.fsf@news-spur.riddles.org.uk> <644D1F49-BF5D-409D-BFC4-4F7E6E73085B@dsl-only.net> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) Date: Sun, 05 Mar 2017 00:02:34 +0000 MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-arm@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Porting FreeBSD to ARM processors." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Mar 2017 00:02:38 -0000 >>>>> "Mark" == Mark Millard writes: Mark> Trying (1) on a bpim3 with head instead (still clang 3.9.1 Mark> based), I get such notices for: Mark> Doing 512 bit public rsa's for 10s: RSA verify failure Mark> Doing 2048 bit public rsa's for 10s: RSA verify failure Mark> Doing 4096 bit public rsa's for 10s: RSA verify failure Mark> I also get: Mark> Doing 512 bit sign dsa's for 10s: 10527 512 bit DSA signs in 10.09s Mark> DSA verify failure. No DSA verify will be done. Mark> Doing 1024 bit sign dsa's for 10s: 4035 1024 bit DSA signs in 10.02s Mark> Doing 1024 bit verify dsa's for 10s: DSA verify failure Mark> 1 1024 bit DSA verify in 10.00s Mark> Doing 2048 bit sign dsa's for 10s: 1239 2048 bit DSA signs in 10.07s Mark> DSA verify failure. No DSA verify will be done. Mark> Doing 409 bit verify ecdsa's for 10s: ECDSA verify failure Mark> 1 409 bit ECDSA verify in 10.02s Yes, that seems identical to what I got. Just to be clear: what compile options is that with? But I'm not convinced this is a problem in openssl (rather than somewhere else). Here's why: 1. When looking at git, I tried logging the input and output of all the SHA1 calls, and replaying them through a test program that called the same openssl functions on the same data (with the same alignment); the test program always got the correct hashes, even for cases where the logged data showed that the hash had been computed incorrectly 2. Running openssl speed under gdb with a conditional breakpoint set to look for padding failures stops the error from occurring at all (!). 3. The errors aren't consistent at all. For example, sometimes I run openssl speed rsa512 and it succeeds without error. When testing with git, the failures were not always at the same place. -- Andrew.