Using IPQ806x, I have added cryptographic hardware accelerators packages to improve openssl speed performance, and they seems properly installed.
However I found that the crypto offload is not running.
Regardless what openssl commands, e.g. openssl speed md5, the syslog will return a error namely "unable to allocate session: status 6".
From my debugging, I found the cipher algorithm supported between nss_cfi_ocf.c and nss_crypto.h are not match, at nss_cfi_ocf.c line 58:
static struct nss_cfi_ocf_algo cfi_algo[CRYPTO_ALGORITHM_MAX + 1] = {
[CRYPTO_AES_CBC] = {
NSS_CRYPTO_CIPHER_AES_CBC,
NSS_CRYPTO_MAX_KEYLEN_AES,
NSS_CRYPTO_MAX_IVLEN_AES,
NSS_CRYPTO_MAX_BLKLEN_AES,
0,
NSS_CFI_OCF_ALGO_TYPE_IS_CIPHER
},
referred to cryptodev.h and nss_crypto.h, you will get
cfi_algo[11].core_algo = 1
So at nss_cfi_ocf.c line 186 function nss_cfi_ocf_newsession:
If you send cipher algo of 1, the code will refer to cipher algo of 11.
Then the crypto session will get invalid session index thus unable to request any crypto transaction to hardware.
Is it the firmware bug or I have missed out something caused the allocate session failed?
Please correct me if I am wrong, thank you all!