[Bug 2023545] Re: [UBUNTU 22.04] openssl with ibmca engine configured dumps core when creating a new certificate
Adrien Nader
2023545 at bugs.launchpad.net
Thu Oct 19 20:50:27 UTC 2023
Hi Lucas,
Sorry, this is part of an SRU with 4 patches but that we've decided to
hold back for a bit (a few days after the current release). I've removed
ubuntu-sponsors from the "main" LP bug (link near the top of the bug
report) but not from the others. I'll do it now and I think maybe it's
better to only add ~ubuntu-sponsors to that main ticket.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/2023545
Title:
[UBUNTU 22.04] openssl with ibmca engine configured dumps core when
creating a new certificate
Status in Ubuntu on IBM z Systems:
In Progress
Status in openssl package in Ubuntu:
In Progress
Status in openssl source package in Jammy:
In Progress
Status in openssl source package in Lunar:
Fix Released
Bug description:
=== SRU information ===
[Meta]
This bug is part of a series of four bugs for a single SRU.
The "central" bug with the global information and debdiff is http://pad.lv/2033422
[Impact]
Openssl using an engine dumps core upon certificate creation; other operations are probably affected too. Overall, engines are likely mostly unusable.
[Test plan]
An engine is needed to test the fix and I don't think we have many in the archive. This complicates reproducing the issue. I have been relying on user reports which have been very detailled and helpful.
The issue has also been reported independently and with another engine (devcrypto).
The issue is fixed in openssl 3.0.8 which landed in lunar.
[Where problems could occur]
I don't pretend to understand the lifecycle of providers in openssl3 but the patch is simple and has been widely tested by now, including on ubuntu. Thus, I see little chance an unexpected problem would occur with it.
[Patches]
The patches come directly from upstream and apply cleanly.
https://github.com/openssl/openssl/issues/18578
*
https://git.launchpad.net/~adrien-n/ubuntu/+source/openssl/tree/debian/patches/jammy-
sru-0001-Release-the-drbg-in-the-global-default-context-
befor.patch?h=jammy-sru&id=04ef023920ab08fba214817523fba897527dfff0
=== Original description ===
openssl req -new -newkey rsa:2048 -x509 -sha256 -nodes -out __cert.pem
-keyout __key.pem --subj '/CN=US'
---Problem Description---
OpenSSL with ibmca engine configured dumps core when creating a new certificate.
# openssl engine
(dynamic) Dynamic engine loading support
(ibmca) Ibmca hardware engine support
# openssl req -new -newkey rsa:2048 -x509 -sha256 -nodes -out __cert.pem -keyout __key.pem --subj '/CN=US'
Segmentation fault (core dumped)
# journalctl
Jun 07 13:06:08 SYSTEM kernel: User process fault: interruption code 003b ilc:2 in libc.so.6[3ffae080000+1ca000]
Jun 07 13:06:08 SYSTEM kernel: Failing address: 0000000000000000 TEID: 0000000000000800
Jun 07 13:06:08 SYSTEM kernel: Fault in primary space mode while using user ASCE.
Jun 07 13:06:08 SYSTEM kernel: AS:000000009c2941c7 R3:0000000000000024
Jun 07 13:06:08 SYSTEM kernel: CPU: 2 PID: 2344 Comm: openssl Kdump: loaded Not tainted 5.15.0-73-generic #80-Ubuntu
Jun 07 13:06:08 SYSTEM kernel: Hardware name: IBM 3931 A01 703 (z/VM 7.3.0)
Jun 07 13:06:08 SYSTEM kernel: User PSW : 0705000180000000 000003ffae11c708
Jun 07 13:06:08 SYSTEM kernel: R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:1 AS:0 CC:0 PM:0 RI:0 EA:3
Jun 07 13:06:08 SYSTEM kernel: User GPRS: 0000000000000007 000003ffae11c6f0 0000000000000000 000002aa3289f9d0
Jun 07 13:06:08 SYSTEM kernel: 000002aa1825980f 000002aa3289f9d0 0000000000000000 000002aa328a4300
Jun 07 13:06:08 SYSTEM kernel: 000003ffae870720 000003ffae657128 000002aa000003ff 0000000000000000
Jun 07 13:06:08 SYSTEM kernel: 000003ffae24dd10 000003ffae657120 000003ffae437c22 000003ffec2fe000
Jun 07 13:06:08 SYSTEM kernel: User Code: 000003ffae11c6fc: b90400b2 lgr %r11,%r2
000003ffae11c700: 47000000 bc 0,0
#000003ffae11c704: b24f00a0 ear %r10,%a0
>000003ffae11c708: 58102018 l %r1,24(%r2)
000003ffae11c70c: ebaa0020000d sllg %r10,%r10,32
000003ffae11c712: b24f00a1 ear %r10,%a1
000003ffae11c716: 5910a0d0 c %r1,208(%r10)
000003ffae11c71a: a7840033 brc 8,000003ffae11c780
Jun 07 13:06:08 SYSTEM kernel: Last Breaking-Event-Address:
Jun 07 13:06:08 SYSTEM kernel: [<000003ffae33242c>] 0x3ffae33242c
Jun 07 13:06:08 SYSTEM systemd[1]: Started Process Core Dump (PID 2345/UID 0).
Jun 07 13:06:08 SYSTEM systemd-coredump[2350]: Process 2344 (openssl) of user 0 dumped core.
Found module linux-vdso64.so.1 with build-id: bcfab8ac8dbd44c758c3c5494e2952db16905d2e
Found module libica.so.4 with build-id: 0cc5ace50644dfba6d0ecf4f783477cd04a55731
Found module ibmca.so with build-id: 27daaf0ed1857fdad3761c2b3db21020999eee08
Found module ld64.so.1 with build-id: 31d4856f0ba9ea058c91a34f4d684ae0fe01964c
Found module libc.so.6 with build-id: 74250317950da91d3345f258cb2dd12d22c3f2e5
Found module libcrypto.so.3 with build-id: a27f20e6cf293f214d459530ce2c0b2b52fdbdb4
Found module libssl.so.3 with build-id: e2c031c3dac06b5ce43bdea022aee7989f78dde4
Found module openssl with build-id: ed0fe325182e99d135ee6b08e6d90a9d1c42af7f
Stack trace of thread 2344:
#0 0x000003ffae11c708 __pthread_rwlock_wrlock_full64 (libc.so.6 + 0x9c708)
#1 0x000003ffae437c22 CRYPTO_THREAD_write_lock (libcrypto.so.3 + 0x1b7c22)
#2 0x000003ffae3e3472 ENGINE_finish (libcrypto.so.3 + 0x163472)
#3 0x000003ffae406844 EVP_CIPHER_CTX_reset (libcrypto.so.3 + 0x186844)
#4 0x000003ffae40688c EVP_CIPHER_CTX_free (libcrypto.so.3 + 0x18688c)
#5 0x000003ffae4f903c n/a (libcrypto.so.3 + 0x27903c)
#6 0x000003ffae40ca98 EVP_RAND_CTX_free (libcrypto.so.3 + 0x18ca98)
#7 0x000003ffae461a92 n/a (libcrypto.so.3 + 0x1e1a92)
#8 0x000003ffae430b9c CRYPTO_free_ex_data (libcrypto.so.3 + 0x1b0b9c)
#9 0x000003ffae4293ca n/a (libcrypto.so.3 + 0x1a93ca)
#10 0x000003ffae4335e8 OPENSSL_cleanup (libcrypto.so.3 + 0x1b35e8)
#11 0x000003ffae0cb6cc __run_exit_handlers (libc.so.6 + 0x4b6cc)
#12 0x000003ffae0cb790 __GI_exit (libc.so.6 + 0x4b790)
#13 0x000002aa31847c06 main (openssl + 0x47c06)
#14 0x000003ffae0aa712 __libc_start_call_main (libc.so.6 + 0x2a712)
#15 0x000003ffae0aa7f0 __libc_start_main_impl (libc.so.6 + 0x2a7f0)
#16 0x000002aa31848070 n/a (openssl + 0x48070)
Jun 07 13:06:08 SYSTEM systemd[1]: systemd-coredump at 12-2345-0.service: Deactivated successfully.
Jun 07 13:06:31 SYSTEM kernel: User process fault: interruption code 003b ilc:2 in libc.so.6[3ffbee00000+1ca000]
Jun 07 13:06:31 SYSTEM kernel: Failing address: 0000000000000000 TEID: 0000000000000800
Jun 07 13:06:31 SYSTEM kernel: Fault in primary space mode while using user ASCE.
Jun 07 13:06:31 SYSTEM kernel: AS:000000009c2941c7 R3:0000000000000024
Jun 07 13:06:31 SYSTEM kernel: CPU: 2 PID: 2356 Comm: openssl Kdump: loaded Not tainted 5.15.0-73-generic #80-Ubuntu
Jun 07 13:06:31 SYSTEM kernel: Hardware name: IBM 3931 A01 703 (z/VM 7.3.0)
Jun 07 13:06:31 SYSTEM kernel: User PSW : 0705000180000000 000003ffbee9c708
Jun 07 13:06:31 SYSTEM kernel: R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:1 AS:0 CC:0 PM:0 RI:0 EA:3
Jun 07 13:06:31 SYSTEM kernel: User GPRS: 0000000000000007 000003ffbee9c6f0 0000000000000000 000002aa176569d0
Jun 07 13:06:31 SYSTEM kernel: 000002aa3dc356c6 000002aa176569d0 0000000000000000 000002aa1765b300
Jun 07 13:06:31 SYSTEM kernel: 000003ffbf5f0720 000003ffbf3d7128 000002aa000003ff 0000000000000000
Jun 07 13:06:31 SYSTEM kernel: 000003ffbefcdd10 000003ffbf3d7120 000003ffbf1b7c22 000003ffc4efdd40
Jun 07 13:06:31 SYSTEM kernel: User Code: 000003ffbee9c6fc: b90400b2 lgr %r11,%r2
000003ffbee9c700: 47000000 bc 0,0
#000003ffbee9c704: b24f00a0 ear %r10,%a0
>000003ffbee9c708: 58102018 l %r1,24(%r2)
000003ffbee9c70c: ebaa0020000d sllg %r10,%r10,32
000003ffbee9c712: b24f00a1 ear %r10,%a1
000003ffbee9c716: 5910a0d0 c %r1,208(%r10)
000003ffbee9c71a: a7840033 brc 8,000003ffbee9c780
Jun 07 13:06:31 SYSTEM kernel: Last Breaking-Event-Address:
Jun 07 13:06:31 SYSTEM kernel: [<000003ffbf0b242c>] 0x3ffbf0b242c
Jun 07 13:06:32 SYSTEM systemd[1]: Started Process Core Dump (PID 2357/UID 0).
Jun 07 13:06:32 SYSTEM systemd-coredump[2362]: Process 2356 (openssl) of user 0 dumped core.
Found module linux-vdso64.so.1 with build-id: bcfab8ac8dbd44c758c3c5494e2952db16905d2e
Found module libica.so.4 with build-id: 0cc5ace50644dfba6d0ecf4f783477cd04a55731
Found module ibmca.so with build-id: 27daaf0ed1857fdad3761c2b3db21020999eee08
Found module ld64.so.1 with build-id: 31d4856f0ba9ea058c91a34f4d684ae0fe01964c
Found module libc.so.6 with build-id: 74250317950da91d3345f258cb2dd12d22c3f2e5
Found module libcrypto.so.3 with build-id: a27f20e6cf293f214d459530ce2c0b2b52fdbdb4
Found module libssl.so.3 with build-id: e2c031c3dac06b5ce43bdea022aee7989f78dde4
Found module openssl with build-id: ed0fe325182e99d135ee6b08e6d90a9d1c42af7f
Stack trace of thread 2356:
#0 0x000003ffbee9c708 __pthread_rwlock_wrlock_full64 (libc.so.6 + 0x9c708)
#1 0x000003ffbf1b7c22 CRYPTO_THREAD_write_lock (libcrypto.so.3 + 0x1b7c22)
#2 0x000003ffbf163472 ENGINE_finish (libcrypto.so.3 + 0x163472)
#3 0x000003ffbf186844 EVP_CIPHER_CTX_reset (libcrypto.so.3 + 0x186844)
#4 0x000003ffbf18688c EVP_CIPHER_CTX_free (libcrypto.so.3 + 0x18688c)
#5 0x000003ffbf27903c n/a (libcrypto.so.3 + 0x27903c)
#6 0x000003ffbf18ca98 EVP_RAND_CTX_free (libcrypto.so.3 + 0x18ca98)
#7 0x000003ffbf1e1a92 n/a (libcrypto.so.3 + 0x1e1a92)
#8 0x000003ffbf1b0b9c CRYPTO_free_ex_data (libcrypto.so.3 + 0x1b0b9c)
#9 0x000003ffbf1a93ca n/a (libcrypto.so.3 + 0x1a93ca)
#10 0x000003ffbf1b35e8 OPENSSL_cleanup (libcrypto.so.3 + 0x1b35e8)
#11 0x000003ffbee4b6cc __run_exit_handlers (libc.so.6 + 0x4b6cc)
#12 0x000003ffbee4b790 __GI_exit (libc.so.6 + 0x4b790)
#13 0x000002aa161c7c06 main (openssl + 0x47c06)
#14 0x000003ffbee2a712 __libc_start_call_main (libc.so.6 + 0x2a712)
#15 0x000003ffbee2a7f0 __libc_start_main_impl (libc.so.6 + 0x2a7f0)
#16 0x000002aa161c8070 n/a (openssl + 0x48070)
Contact Information = grgo.mariani at ibm.com christian.rund at de.ibm.com
---uname output---
Linux SYSTEM 5.15.0-73-generic #80-Ubuntu SMP Mon May 15 15:23:03 UTC 2023 s390x s390x s390x GNU/Linux
Machine Type = Manufacturer: IBM Type: 3931
Model: 703 A01
---Steps to Reproduce---
1. Configure openssl to be used with ibmca engine.
2. run the following command:
# openssl req -new -newkey rsa:2048 -x509 -sha256 -nodes -out __cert.pem -keyout __key.pem --subj '/CN=US'
3. Check the syslog
Userspace tool common name: openssl
The userspace tool has the following bit modes: 64
Userspace rpm: openssl 3.0.2-0ubuntu1.10
s390x
Userspace tool obtained from project website: na
== Comment: #1 - Grgo ===============================================
Further investigations point to this open issue on openssl repository https://github.com/openssl/openssl/issues/18578
The default_algorithms declaration of RAND and others has no effect on
the behaviour of this problem.
== Comment: #2 - Ingo - 2023-06-12 06:05:20 =========================
The OpenSSL fix for the mentioned issue https://github.com/openssl/openssl/issues/18578 is commit
https://github.com/openssl/openssl/commit/a88e97fcace01ecf557b207f04328a72df5110df in the master branch.
The corresponding commit for the openssl-3.0 branch is
https://github.com/openssl/openssl/commit/d0f8056c47f7aea40a34815fe459404f14501e81
This commit is included in OpenSSL 3.0.8.
Please include this commit into the OpenSSL package shipped with 22.04
(and later releases).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/2023545/+subscriptions
More information about the foundations-bugs
mailing list