Message ID | CAOMZO5CLYRidtr9z_dhFLrVNau-Sn-s__RBeLe0N_J3-D51yEg@mail.gmail.com (mailing list archive) |
---|---|
State | Not Applicable |
Delegated to: | Herbert Xu |
Headers | show |
On 4/13/2018 3:12 AM, Fabio Estevam wrote: > Hi Horia, > > On Thu, Apr 12, 2018 at 4:12 AM, Horia Geantă <horia.geanta@nxp.com> wrote: > >> Yes, driver needs to strip off leading zeros from input data before feeding it >> to the accelerator. >> I am working at a fix. > > I was able to to strip off the leading zeros from input data as you suggested. > > My changes are like this at the moment: > [snip] > but still get the original error as shown below. > > Any ideas? > Stripping should happen before set_rsa_pub_pdb() is called since the Protocol Data Block contains the input length that is used by the accelerator: pdb->f_len = req->src_len; It should probably be moved at the top of rsa_edesc_alloc(). Ideally stripping would avoid copying data (and memory allocation for temporary buffers). Horia
Hi Horia, On Fri, Apr 13, 2018 at 3:18 AM, Horia Geantă <horia.geanta@nxp.com> wrote: > Stripping should happen before set_rsa_pub_pdb() is called since the Protocol > Data Block contains the input length that is used by the accelerator: > pdb->f_len = req->src_len; > > It should probably be moved at the top of rsa_edesc_alloc(). That did the trick, thanks! > Ideally stripping would avoid copying data (and memory allocation for temporary > buffers). I will try to optimize this aspect and will post a proper patch. Martin, Before I try to optimize it, I would like to share the patch (generated against linux-next) so that you can try it in your IMA usecase: http://code.bulix.org/n77z3e-318473 Does it work for you? Thanks
diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c index 7a897209..ef9b9c2 100644 --- a/drivers/crypto/caam/caampkc.c +++ b/drivers/crypto/caam/caampkc.c @@ -500,6 +500,14 @@ static int set_rsa_priv_f3_pdb(struct akcipher_request *req, return -ENOMEM; } +static void caam_rsa_drop_leading_zeros(const u8 **ptr, size_t *nbytes) +{ + while (!**ptr && *nbytes) { + (*ptr)++; + (*nbytes)--; + } +} + static int caam_rsa_enc(struct akcipher_request *req) {