[asterisk-dev] Seeing kernel oops in crypto (linux ocf)

Tilghman Lesher tilghman at meg.abyt.es
Wed Jun 29 12:18:24 CDT 2011 

On Wednesday 29 June 2011 11:58:35 Philip Prindeville wrote:
> On 6/29/11 9:40 AM, Kevin P. Fleming wrote:
> > On 06/29/2011 11:36 AM, Philip Prindeville wrote:
> >> On 6/29/11 9:34 AM, Kevin P. Fleming wrote:
> >>> On 06/29/2011 11:29 AM, Philip Prindeville wrote:
> >>>> I'm running 2.6.38.8 on a Geode processor (alix 6F2) with OpenWRT
> >>>> trunk, and Asterisk 1.8.
> >>>> 
> >>>> At startup, Asterisk causes an oops:
> >>>> 
> >>>> general protection fault: 0000 [#1]
> >>>> last sysfs file: /sys/kernel/uevent_seqnum
> >>>> Modules linked in: lm90 scx200_acb i2c_gpio i2c_algo_pcf
> >>>> i2c_algo_pca i2c_algo_bit i2c_dev i2c_core geodewdt via_rhine
> >>>> ohci_hcd cs5535_gpio cs5535_clockevt nf_nat_irc nf_conntrack_irc
> >>>> nf_nat_ftp nf_conntrack_ftp cs5535_mfgpt cs5535_mfd mfd_core
> >>>> ipt_MASQUERADE iptable_nat nf_nat xt_conntrack xt_NOTRACK
> >>>> iptable_raw xt_state nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack
> >>>> ehci_hcd pppoe pppox pppoatm ipt_REJECT xt_TCPMSS ipt_LOG
> >>>> xt_comment xt_multiport xt_mac xt_limit iptable_mangle
> >>>> iptable_filter ip_tables xt_tcpudp x_tables nsc_gpio gpio_dev
> >>>> dummy ppp_mppeppp_async ppp_generic slhc br2684 atm ath9k
> >>>> ath9k_common ath9k_hw ath5k ath mac80211 usbcore nls_base
> >>>> crc_ccitt cfg80211 compat sha1_generic cryptosoft cryptodev(P)
> >>>> ocf(P) geode_aes ecb arc4 aes_i586 aes_generic crypto_blkcipher
> >>>> cryptomgr aead crypto_hash crypto_algapi
> >>>> 
> >>>> Pid: 1263, comm: asterisk Tainted: P            2.6.38.8 #1
> >>>> EIP: 0060:[<d091a620>] EFLAGS: 00010282 CPU: 0
> >>>> EIP is at 0xd091a620
> >>>> EAX: fffffffe EBX: cee44004 ECX: cfdf606c EDX: 00008010
> >>>> ESI: 00000000 EDI: ce467200 EBP: ce403ea0 ESP: ce403d94
> >>>> 
> >>>>    DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
> >>>> 
> >>>> Process asterisk (pid: 1263, ti=ce402000 task=cf829c20
> >>>> task.ti=ce402000)
> >>>> 
> >>>> Stack:
> >>>>    00000001 00000000 d091b6e0 cfb96400 ce403ea0 00000000 d08e94ef
> >>>>    00000004 02000000 ce403ea0 00000282 00000282 cfb96400 ce403f24
> >>>>    00000001 ce403ec4 cee2c1d0 03000000 c01c6365 d090a96f bfd7ca94
> >>>>    00000001 06000000 00000014
> >>>> 
> >>>> Call Trace:
> >>>>    [<d08e94ef>] ? crypto_newsession+0x1d2/0x27f [ocf]
> >>>>    [<d090a96f>] ? 0xd090a96f
> >>>>    [<c10edc63>] ? kobject_get+0xf/0x13
> >>>>    [<c106aaef>] ? chrdev_open+0xb4/0xf9
> >>>>    [<c10576e1>] ? __do_fault.clone.72+0x2db/0x325
> >>>>    [<d090b99c>] ? 0xd090b99c
> >>>>    [<c10735ea>] ? do_vfs_ioctl+0x46e/0x4c6
> >>>>    [<c1073669>] ? sys_ioctl+0x27/0x4a
> >>>>    [<c11c44bd>] ? syscall_call+0x7/0xb
> >>>> 
> >>>> Code: c2 c1 f8 03 39 04 24 72 b9 85 ff 75 07 8b 13 8b 42 08 eb 10
> >>>> 68 29 ac 91 d0
> >>>> 
> >>>>    e8 f0 8a 8a f0 8b 13 8b 42 08 59 8b 12 80 e6 80 74 25<81>   08
> >>>>    00 01 00 00 8b 03 8b 4d 04 8b 70 08 8d 41 0e 83 c1 07 0f
> >>>> 
> >>>> EIP: [<d091a620>] 0xd091a620 SS:ESP 0068:ce403d94
> >>>> ---[ end trace a7dc158c2c15d886 ]---
> >>>> 
> >>>> 
> >>>> I'm wondering if anyone else has seen this, or if there's an
> >>>> obvious set of crypto modules that Asterisk needs when using
> >>>> linux-ocf.
> >>>> 
> >>>> For instance, des, hmac, and md5 weren't turned on (but aes and
> >>>> sha1 were).
> >>> 
> >>> Asterisk does not use kernel crypto modules at all. It is possible
> >>> that Asterisk's usage of OpenSSL may result in *it* using kernel
> >>> crypto modules, but I don't think that's likely either.
> >> 
> >> We're building openssl with OCF patched in, so it's likely in this
> >> case.
> >> 
> >> Asking the question differently, what crypto algorithms does Asterisk
> >> import from Openssl?
> > 
> > I don't think we 'import' any crypto algorithms. We initialize the
> > library and tell it to enable everything it has, I believe. You'd have
> > to check the source code to be sure. Keep in mind you could also have
> > Asterisk modules that use OpenSSL (for example, the Postgres modules
> > link to OpenSSL).
> 
> Maybe I'm asking the question the wrong way: I know that the digest
> based authentication uses MD5, for instance.

Yes, but not from the openssl library.  There's an internal implementation
of MD5 in main/md5.c.  We also have an internal implementation of SHA-1.

> What other algorithms are used by Asterisk that it links from external
> libraries?

RSA is the main one, although we also use AES in certain contexts.

-- 
Tilghman

More information about the asterisk-dev mailing list