Slow startup due to FIPS selftest if openssl loaded
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openssl (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
I recently noticed that the PHP testsuite runs significantly slower if openssl is enabled. E.g. running "make test TESTS=tests" takes 7 seconds without openssl and 37 seconds with. This is a factor of five difference.
After a quick check using callgrind, it turns out that the vast majority of the time is spent in performing a FIPS_selftest(). This was very surprising, and I was initially afraid that Ubuntu had enabled the OpenSSL FIPS mode, which is well known to degrade security. However, it seems that this is not the case, and Ubuntu has simply patched OpenSSL to always perform the FIPS_selftest(), independently of whether FIPS mode is used.
I'm not entirely sure what should/can be done about this. I understand the motivation for always performing a self-test and that it is not a common workload to start a process many hundreds of times in a row to perform a small task. However, it should be noted that OpenSSL acknowledges [0] that the test is unnecessarily slow, because they cannot change the current implementation without invalidating the FIPS certification. This indicates that it should be possible to perform a cheaper self-test.
[0]: https:/
---
Description: Ubuntu 16.04.1 LTS
Release: 16.04
libssl-dev:
Installed: 1.0.2g-1ubuntu4.2
Candidate: 1.0.2g-1ubuntu4.2
| Nikita Popov (nikita-ppv) wrote | #1 |
| Seth Arnold (seth-arnold) wrote | #2 |
From a quick isolated test, running
#include <openssl/ssl.h>
int main() {
return 0;
}
in
time for i in `seq 1 1000`; do ./a.out; done
takes 15 seconds for me due to the FIPS_selftest() call. This is just 15ms per process start, but it adds up if you have a workload where you're quickly spawning many processes.