Is CPUTYPE=cortex-A7 supposed to work?

Mark Millard markmi at dsl-only.net
Sat Mar 4 23:33:02 UTC 2017 

On 2017-Mar-4, at 1:47 PM, Andrew Gierth <andrew at tao11.riddles.org.uk> wrote:
> 
>>>>>> "Warner" == Warner Losh <imp at bsdimp.com> writes:
> 
>>> Is building with CPUTYPE=cortex-A7 (this is on an RPI2) known to
>>> work, known to not work, or of unknown working status?
> 
> Warner> I've not had good luck getting it to work. (cortex-a7 is the
> Warner> proper type name, btw). It kinda works, but ports are kinda
> Warner> wonky.
> 
> My findings so far:
> 
> 1. openssl speed (base system's openssl, not a port) produces a bunch of
> errors, such as:
> 
> 542635024:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:/home/FreeBSD/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_pk1.c:103:
> 542635024:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:/home/FreeBSD/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/rsa/rsa_eay.c:705:
> 
> 2. git fails with semi-random sha1 failures when cloning a repo of any
> size; these failures go away if you make it use its internal sha1 rather
> than the openssl one it defaults to. HOWEVER, testing in a world build
> without CPUTYPE and shoehorning the vectorized sha1 from openssl back in
> does not reproduce the failure. Also, extensive testing with "openssl
> dgst -sha1" did not produce any failure.
> 
> (I've confirmed that both the above go away from recompiling without
> CPUTYPE.)
> 
> I've also noticed some breakage probably not related to openssl for
> which I'm still waiting on recompilations in order to definitively test.
> 
> -- 
> Andrew.

Trying (1) on a bpim3 with head instead (still clang 3.9.1
based), I get such notices for:

Doing 512 bit public rsa's for 10s: RSA verify failure
Doing 2048 bit public rsa's for 10s: RSA verify failure
Doing 4096 bit public rsa's for 10s: RSA verify failure

I also get:

Doing 512 bit sign dsa's for 10s: 10527 512 bit DSA signs in 10.09s
DSA verify failure.  No DSA verify will be done.
Doing 1024 bit sign dsa's for 10s: 4035 1024 bit DSA signs in 10.02s
Doing 1024 bit verify dsa's for 10s: DSA verify failure
1 1024 bit DSA verify in 10.00s
Doing 2048 bit sign dsa's for 10s: 1239 2048 bit DSA signs in 10.07s
DSA verify failure.  No DSA verify will be done.

Doing 409 bit verify ecdsa's for 10s: ECDSA verify failure
1 409 bit ECDSA verify in 10.02s


# uname -paKU
FreeBSD bpim3 12.0-CURRENT FreeBSD 12.0-CURRENT  r314479M  arm armv6 1200022 1200022

The openssl issue likely is worth submitting as a bugzilla report,
with speed as an example way to see the issue.


(Note: I use CFLAGS and the like because sometimes I experiment with
other options as well. No such extra options involved for the above.)

===
Mark Millard
markmi at dsl-only.net

More information about the freebsd-arm mailing list