From owner-freebsd-arm@FreeBSD.ORG Sun Feb 22 17:50:31 2015 Return-Path: Delivered-To: freebsd-arm@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E29D3406; Sun, 22 Feb 2015 17:50:31 +0000 (UTC) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "gold.funkthat.com", Issuer "gold.funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 9BE96DFD; Sun, 22 Feb 2015 17:50:31 +0000 (UTC) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.14.5/8.14.5) with ESMTP id t1MHoECA084825 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 22 Feb 2015 09:50:14 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.14.5/8.14.5/Submit) id t1MHoDoj084824; Sun, 22 Feb 2015 09:50:13 -0800 (PST) (envelope-from jmg) Date: Sun, 22 Feb 2015 09:50:13 -0800 From: John-Mark Gurney To: Daisuke Aoyama Subject: Re: "geli: Wrong key" unable to attach in RPi/ARM environment Message-ID: <20150222175013.GH46794@funkthat.com> References: <54DB7B07.4080704@ceetonetechnology.com> <640B1015D2984FE0A5FB69DBA9ECD23E@ad.peach.ne.jp> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <640B1015D2984FE0A5FB69DBA9ECD23E@ad.peach.ne.jp> X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (gold.funkthat.com [127.0.0.1]); Sun, 22 Feb 2015 09:50:14 -0800 (PST) Cc: freebsd-arm@freebsd.org, Brenden Bartelt , Pawel Jakub Dawidek X-BeenThere: freebsd-arm@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Porting FreeBSD to ARM processors." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Feb 2015 17:50:32 -0000 Daisuke Aoyama wrote this message on Mon, Feb 23, 2015 at 00:56 +0900: > It seems openssl(/usr/src/crypto/openssl/crypto/evp) doesn't like unaligned buffer. We should fix OpenSSL... I just checked the docs for EVP_CipherUpdate, and there is no documented alignment requirements... and the fact that the parameters are of type char, tells the compiler that there are no requirements... Could you check to see if this is fixed in a more recent version of OpenSSL (say, from ports)? And if it isn't work w/ OpenSSL to fix this bug? > We use it from g_eli_key.c. decrypt() is called with tmpmkey located stack but encrypt() is > called with the value passed to the function. > According to definition in g_eli.h, md_mkeys is located odd address due to "uint8_t md_keys". > So encrypt() is called with odd address! In armv6, it's a bad thing of course. armv6 can't > handle unaligned data by some op. I thought we faulted on this issue? or maybe we don't have the registers for armv6 programmer properly? Could someone who knows out port of armv6 well comment on this? > Fixing is very simple, don't pass mkey directly to openssl. > > Please try the patch attached this mail. (usage is bottom of this mail) > I've only checked "geli init". If it does not work in other place, please follow up this mail. If this patch does work, then we definately need to get OpenSSL to fix their code... If we don't, other parts of our tree could fail due to this too.. Thanks for tracking this down! -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."