OpenSSL builds a number of seperate engines that provide cryptographic API and hardware offload support. This is currently configured from Buildroot via the BR2_PACKAGE_LIBOPENSSL_ENGINES option. Previously disabling this option would remove these engines from the completed filesystem, disabling their use. However, recent versions of OpenSSL build the devcrypto engine in to libcrypto as default, rather than as a dynamic library. This can lead to Cryptodev being used even if it was not intended. The libopenssl.mk file currently checks if BR2_PACKAGE_HAS_CRYPTODEV is set and will enable the Cryptodev engine via the "enable-devcryptoeng" configure flag if true. This is a manual override as all the other engines can be specified in a similar manner (ie enable-afalgeng) but Buildroot seems to imply that enabling the Cryptodev Package should also force OpenSSL to use it (which is incorrect). OpenSSL's Cryptodev engine should either be overridden by the additional engines option (disabling it if BR2_PACKAGE_LIBOPENSSL_ENGINES is not set) or should be a manual override due to it's ability to be built statically in to libcrypto.
Thanks for your bug report. It is pretty common in Buildroot to enable an optional feature in a package (here OpenSSL) if the dependencies needed for that feature (here cryptodev) are available. Do you have a practical situation where one cryptodev implementation (BR2_PACKAGE_CRYPTODEV_LINUX or BR2_PACKAGE_OCF_LINUX) is enabled, but for some reason OpenSSL cannot / should not use cryptodev ?
Thank you for your report. The issue tracker for the Buildroot project has been moved to the Gitlab.com issue tracker: https://gitlab.com/buildroot.org/buildroot/-/issues We are taking this opportunity to close old issues in this old tracker. If you believe your issue is still relevant, please open one in the new issue tracker. Thank you!