Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

normal world CA is hanging at getentropy( ) syscall #3396

Closed
nageshshamnur opened this issue Nov 14, 2019 · 2 comments · Fixed by OP-TEE/build#405
Closed

normal world CA is hanging at getentropy( ) syscall #3396

nageshshamnur opened this issue Nov 14, 2019 · 2 comments · Fixed by OP-TEE/build#405

Comments

@nageshshamnur
Copy link

Hi,
I am running openssl in CA application and do the test on QEMU default environment (QEMU v7). Version of optee used is 3.6.0.

When my CA application invokes SSL_CTX_new( ), it hangs at RAND_bytes( ), analysing the call stack revealed that syscall to getentropy( ) function at UNIX blocked. Callstack as below:

3004 if ((RAND_bytes(ret->ext.tick_key_name,
(gdb)

^C
Program received signal SIGINT, Interrupt.
__libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:46
46 swi 0x0
(gdb) bt
#0 _libc_do_syscall () at ../sysdeps/unix/sysv/linux/arm/libc-do-syscall.S:46
#1 0x76b4abe6 in getentropy (buffer=0x3a778, length=) at ../sysdeps/unix/sysv/linux/getentropy.c:45
#2 0x76e1dec8 in syscall_random (buf=0x3a778, buflen=32) at crypto/rand/rand_unix.c:324
#3 0x76e1e5d4 in rand_pool_acquire_entropy (pool=0x3a750) at crypto/rand/rand_unix.c:589
#4 0x76e1c590 in rand_drbg_get_entropy (drbg=0x3a508, pout=0x7efffb44, entropy=256, min_len=32, max_len=2147483647, prediction_resistance=0) at crypto/rand/rand_lib.c:198
#5 0x76e1a964 in RAND_DRBG_instantiate (drbg=0x3a508, pers=0x76eef35c <ossl_pers_string> "OpenSSL NIST SP 800-90A DRBG", perslen=28) at crypto/rand/drbg_lib.c:338
#6 0x76e1bbac in drbg_setup (parent=0x0) at crypto/rand/drbg_lib.c:895
#7 0x76e1bc80 in do_rand_drbg_init () at crypto/rand/drbg_lib.c:924
#8 0x76e1bbe8 in do_rand_drbg_init_ossl () at crypto/rand/drbg_lib.c:909
#9 0x76c5988e in pthread_once_slow (once_control=0x76f26f8c <rand_drbg_init>, init_routine=0x76e1bbdc <do_rand_drbg_init_ossl>) at pthread_once.c:116
#10 0x76e63370 in CRYPTO_THREAD_run_once (once=0x76f26f8c <rand_drbg_init>, init=0x76e1bbdc <do_rand_drbg_init_ossl>) at crypto/threads_pthread.c:118
#11 0x76e1c164 in RAND_DRBG_get0_public () at crypto/rand/drbg_lib.c:1116
#12 0x76e1be18 in drbg_bytes (out=0x39e38 "", count=16) at crypto/rand/drbg_lib.c:966
#13 0x76e1ddb4 in RAND_bytes (buf=0x39e38 "", num=16) at crypto/rand/rand_lib.c:938
#14 0x76f687c8 in SSL_CTX_new (meth=0x76fcfef0 <TLS_server_method_data.26172>) at ssl/ssl_lib.c:3004
#15 0x00012878 in server_create_context () at test/src/vpp_openssl_adpt_server.c:75
#16 0x00012b64 in tls12_server () at test/src/vpp_openssl_adpt_server.c:169
#17 0x00012ccc in main () at test/src/vpp_openssl_adpt_server.c:215
@vivinamartins16
Copy link

I get the same problem!
I can't even get curl to work with https. Any help with this would be much appreciated :)

@jforissier
Copy link
Contributor

It looks like the guest doesn't have enough entropy. Please try enabling the VirtIORNG device, see here: https://wiki.qemu.org/Features/VirtIORNG
(Note: there is a QEMU parameter plus a command in the guest)

@crtxcr crtxcr mentioned this issue Dec 22, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

qemu: Add VirtIORNG to prevent hangs on getentropy() calls
3 participants
@jforissier @nageshshamnur @vivinamartins16