It's been a long time since I last poked at Linux on my Segate GoFlex Net,
a Marvell Kirkwood armel platform. Kirkwoods have hardware crypto support
for AES, and I tried setting it up on a fresh Debian Testing install like I
used to back in the day and... no joy, with afalg enabled in OpenSSL I
could not complete ssh sessions in or out.
After some digging and reading I see this has been the norm for a few years
and traces back to privilege separation being added. The few notes from
after that period talk about rebuilding OpenSSH and forcing priv-sep off,
not something I'd like to do. So, I set out to try and sort what's
actually
breaking under the hood.
I hit two issues, the first being that digests just aren't performant
through the afalg engine, and cause a failure when enabled and attempting
ssh. The second that the security sandbox was blocking the socket call to
afalg.
--- ../../openssh-orig/openssh-9.9p1/sandbox-seccomp-filter.c 2024-09-19
18:20:48.000000000 -0400
+++ sandbox-seccomp-filter.c 2025-01-03 18:20:19.803149104 -0500
@@ -402,6 +402,12 @@
SC_ALLOW_ARG(__NR_socketcall, 0, SYS_SHUTDOWN),
SC_DENY(__NR_socketcall, EACCES),
#endif
+
+ /* Kurlon testing alfag */
+#ifdef __NR_socket
+ SC_ALLOW_ARG(__NR_socket, 0, AF_ALG),
+#endif
+
#if defined(__NR_ioctl) && defined(__s390__)
/* Allow ioctls for ICA crypto card on s390 */
SC_ALLOW_ARG(__NR_ioctl, 1, Z90STAT_STATUS_MASK),
This satisfies the sandbox. Looking at OpenSSL's code, I think the rule
could possibly be restricted further to require the 2nd argument to
NR_socket to be SOCK_SEQPACKET? Line 453 at
https://github.com/openssl/openssl/blob/master/engines/e_afalg.c is what I
based that on after reversing SSH's initial fail for a sysreq call 281 back
to socket on armel.
I've rebuilt OpenSSH 9.9p1 from Debian Testing with this addition. That
plus setting up afalg in openssl.cnf to only do ciphers and not hashes, and
preferencing aes256-cbc in my ssh_config/sshd_config is resulting in
working connections now.
Is my methodology wrong, is this something OpenSSH would accept for
mainline inclusion?
Josh Coombs / Kurlon