[strongSwan] charon-systemd: 11[KNL] received netlink error: No such file or directory (2)
Michael Schwartzkopff
ms at sys4.de
Thu Sep 15 14:54:49 CEST 2022
On 15.09.22 14:03, Tobias Brunner wrote:
> Hi Michael,
>
>> On the embedded device we have the following logs entries:
>>
>> SYS DLOG 346 log info verbose 1 charon-systemd: 11[CHD] CHILD_SA
>> imx-nad{1004} state change: CREATED => INSTALLING
>> SYS DLOG 346 log info verbose 1 charon-systemd: 11[CHD] using
>> CHACHA20_POLY1305 for encryption
>> SYS DLOG 346 log info verbose 1 charon-systemd: 11[CHD] adding inbound
>> ESP SA
>> SYS DLOG 346 log info verbose 1 charon-systemd: 11[KNL] received netlink
>> error: No such file or directory (2)
>> SYS DLOG 346 log info verbose 1 charon-systemd: 11[KNL] unable to add
>> SAD entry with SPI c106f683 (FAILED)
>>
>> lsmod shows that the module is loaded:
>>
>> # lsmod
>> Module Size Used by
>> chacha_generic 16384 0
>> poly1305_generic 16384 0
>> chacha20poly1305 20480 0
>>
>> Any ideas what might be wrong in the setup? Any ideas howto debug
>> further?
>
> Do you by any chance have FIPS mode enabled? (The kernel's crypto API
> will return ENOENT when trying to instantiate an algorithm that's not
> FIPS-approved, which I think chacha20poly1305 isn't.)
>
> Regards,
> Tobias
fips_mode is default, i.e. disabled. At least according to
charon/openssl.conf.
Mit freundlichen Grüßen,
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the Users
mailing list