From patchwork Sun Apr 15 11:03:44 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabio Estevam X-Patchwork-Id: 10341539 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 0553B6016D for ; Sun, 15 Apr 2018 11:06:11 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DF33727FB3 for ; Sun, 15 Apr 2018 11:06:10 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D01F62834A; Sun, 15 Apr 2018 11:06:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F085127FB3 for ; Sun, 15 Apr 2018 11:06:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751166AbeDOLFw (ORCPT ); Sun, 15 Apr 2018 07:05:52 -0400 Received: from mail-qk0-f195.google.com ([209.85.220.195]:46518 "EHLO mail-qk0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751145AbeDOLFv (ORCPT ); Sun, 15 Apr 2018 07:05:51 -0400 Received: by mail-qk0-f195.google.com with SMTP id l16so12762450qke.13; Sun, 15 Apr 2018 04:05:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=C2erTjaxl7i5a5p5LB2QXwszbhOVAZtpjOjq+jpV8+k=; b=qiCJ75QUe5JR6Wnuw0Jk4OUpkLLuWIAaW4f+4irKEW/TE3lEzaO/YiTQJxYZ147Liz n92mPPnwU4jmPurXkw64+7w9ffN6KPdyXYhuA6F2Jjf2fbFhqXITNTc9UwiSvmUIedcZ zgJTvQlyx+uHaNuJu1jop0PVo599fA+kUDlbSJAJJMNOVCmFV80fGH3pjW9k0+WTm2qm NB4MSo8fyh2BgRcQIn1WgjqJQ6kzi4CmkMRWwngUVs6r3IPJN8LDvOmnm6eZulIWsqBY W3kxn0FxYDbPdOBg8fQ1Hp9ppYe8KPM0fGstgUQDwPRO08M7ok3Rmj8S0oZ1hhlbJDyZ u/AQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=C2erTjaxl7i5a5p5LB2QXwszbhOVAZtpjOjq+jpV8+k=; b=fNUgDfxMU62nOJ7HOE4LW/c+LL0iZTNAXBfDNcw8qERHt/VEkXqkWxYvjWKUR38J2z KqkNJ/KZoA+jPxgwz8OSFrhSigs8chriuLJFmCj2Vx2oNRUp+wvQnkjxJGlJ2D/cU7yu gATnp0pw9aqez9teMeZY4dM/6eSynz/IfBhNevC7FS36Jf7nCoTAAekWt3ieToR4aem3 vL6Midt5CbL1xTER6eKlgK7W7yGsKVlEhmNqG/S1stDOMubQaIGbvavGgcjGLDGCnl9Q tuyhDM+LSOFM/Jc8QE1uZqb+16Ui8B6bzwDOEeIpP/HIm+UCjRaJi2W+wpdrg8IVCJ+k eQNQ== X-Gm-Message-State: ALQs6tC4BQkjvQXtZ4XTPbo4ForghbBchU7KfXa1l8GE9hOO1b7LeKqc ARrN/JWSWKfWzQ8KHMuAIJxK8A== X-Google-Smtp-Source: AIpwx4/XyINU3hFEQBsVoKI7ttGFY8nnWvezEIExIpbgw3Od7kWY824E6M16nco3KPkmDlfmzzXWlA== X-Received: by 10.55.33.160 with SMTP id f32mr1395782qki.153.1523790350467; Sun, 15 Apr 2018 04:05:50 -0700 (PDT) Received: from localhost.localdomain ([187.180.183.211]) by smtp.gmail.com with ESMTPSA id u5sm2104892qkk.43.2018.04.15.04.05.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 15 Apr 2018 04:05:49 -0700 (PDT) From: Fabio Estevam To: herbert@gondor.apana.org.au Cc: horia.geanta@nxp.com, aymen.sghaier@nxp.com, mtownsend1973@gmail.com, breno.lima@nxp.com, bryan.odonoghue@linaro.org, linux-crypto@vger.kernel.org, Fabio Estevam , stable@vger.kernel.org Subject: [PATCH v2] crypto: caam: Drop leading zero from input buffer Date: Sun, 15 Apr 2018 08:03:44 -0300 Message-Id: <1523790224-26083-1-git-send-email-festevam@gmail.com> X-Mailer: git-send-email 2.7.4 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Fabio Estevam imx6ul and imx7 report the following error: caam_jr 2142000.jr1: 40000789: DECO: desc idx 7: Protocol Size Error - A protocol has seen an error in size. When running RSA, pdb size N < (size of F) when no formatting is used; or pdb size N < (F + 11) when formatting is used. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 1 at crypto/asymmetric_keys/public_key.c:148 public_key_verify_signature+0x27c/0x2b0 This error happens because the signature contains 257 bytes, including a leading zero as the first element. Fix the problem by stripping off the leading zero from input data before feeding it to the CAAM accelerator. Fixes: 8c419778ab57e497b5 ("crypto: caam - add support for RSA algorithm") Cc: Reported-by: Martin Townsend Signed-off-by: Fabio Estevam --- Changes since v1: - Use a temp pointer - Assign len to req->src_len , so that more than one leading zero can be taken into account drivers/crypto/caam/caampkc.c | 45 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 37 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c index 7a897209..5f3e627 100644 --- a/drivers/crypto/caam/caampkc.c +++ b/drivers/crypto/caam/caampkc.c @@ -166,6 +166,14 @@ static void rsa_priv_f3_done(struct device *dev, u32 *desc, u32 err, akcipher_request_complete(req, err); } +static void caam_rsa_drop_leading_zeros(const u8 **ptr, size_t *nbytes) +{ + while (!**ptr && *nbytes) { + (*ptr)++; + (*nbytes)--; + } +} + static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req, size_t desclen) { @@ -178,7 +186,36 @@ static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req, int sgc; int sec4_sg_index, sec4_sg_len = 0, sec4_sg_bytes; int src_nents, dst_nents; + const u8 *temp; + void *buffer; + size_t len; + + buffer = kzalloc(req->src_len, GFP_ATOMIC); + if (!buffer) + return ERR_PTR(-ENOMEM); + + sg_copy_to_buffer(req->src, sg_nents(req->src), + buffer, req->src_len); + temp = (u8 *)buffer; + len = req->src_len; + /* + * Check if the buffer contains leading zeros and if + * it does, drop the leading zeros + */ + if (temp[0] == 0) { + caam_rsa_drop_leading_zeros(&temp, &len); + if (!temp) { + kfree(buffer); + return ERR_PTR(-ENOMEM); + } + + req->src_len = len; + sg_copy_from_buffer(req->src, sg_nents(req->src), + (void *)temp, req->src_len); + } + + kfree(buffer); src_nents = sg_nents_for_len(req->src, req->src_len); dst_nents = sg_nents_for_len(req->dst, req->dst_len); @@ -683,14 +720,6 @@ static void caam_rsa_free_key(struct caam_rsa_key *key) memset(key, 0, sizeof(*key)); } -static void caam_rsa_drop_leading_zeros(const u8 **ptr, size_t *nbytes) -{ - while (!**ptr && *nbytes) { - (*ptr)++; - (*nbytes)--; - } -} - /** * caam_read_rsa_crt - Used for reading dP, dQ, qInv CRT members. * dP, dQ and qInv could decode to less than corresponding p, q length, as the