From: Greg KH <gregkh@linuxfoundation.org>
To: Martin Townsend <mtownsend1973@gmail.com>
Cc: "Horia Geantă" <horia.geanta@nxp.com>,
"Fabio Estevam" <fabio.estevam@nxp.com>,
"Herbert Xu" <herbert@gondor.apana.org.au>,
stable@vger.kernel.org,
"Tudor Ambarus" <tudor.ambarus@microchip.com>
Subject: Re: FAILED: patch "[PATCH] crypto: caam - strip input zeros from RSA input buffer" failed to apply to 4.9-stable tree
Date: Fri, 15 Jun 2018 10:12:58 +0200 [thread overview]
Message-ID: <20180615081258.GA3919@kroah.com> (raw)
In-Reply-To: <CABatt_yzFVYc2k6kjnC0CxCi_LHuU8huxa+XFQ5Wq53g8A78=Q@mail.gmail.com>
On Fri, Jun 15, 2018 at 09:07:24AM +0100, Martin Townsend wrote:
> On Thu, Jun 14, 2018 at 2:08 PM <gregkh@linuxfoundation.org> wrote:
> >
> >
> > The patch below does not apply to the 4.9-stable tree.
> > If someone wants it applied there, or to any other stable or longterm
> > tree, then please email the backport, including the original git commit
> > id to <stable@vger.kernel.org>.
> >
> > thanks,
> >
> > greg k-h
> >
> > ------------------ original commit in Linus's tree ------------------
> >
> > From 8a2a0dd35f2e54c023d9041a5428b6c5639af86c Mon Sep 17 00:00:00 2001
> > From: =?UTF-8?q?Horia=20Geant=C4=83?= <horia.geanta@nxp.com>
> > Date: Mon, 16 Apr 2018 08:07:05 -0500
> > Subject: [PATCH] crypto: caam - strip input zeros from RSA input buffer
> > MIME-Version: 1.0
> > Content-Type: text/plain; charset=UTF-8
> > Content-Transfer-Encoding: 8bit
> >
> > Sometimes the provided RSA input buffer provided is not stripped
> > of leading zeros. This could cause its size to be bigger than that
> > of the modulus, making the HW complain:
> >
> > caam_jr 2142000.jr1: 40000789: DECO: desc idx 7:
> > Protocol Size Error - A protocol has seen an error in size. When
> > running RSA, pdb size N < (size of F) when no formatting is used; or
> > pdb size N < (F + 11) when formatting is used.
> >
> > Fix the problem by stripping off the leading zero from input data
> > before feeding it to the CAAM accelerator.
> >
> > Fixes: 8c419778ab57e ("crypto: caam - add support for RSA algorithm")
> > Cc: <stable@vger.kernel.org> # 4.8+
> > Reported-by: Martin Townsend <mtownsend1973@gmail.com>
> > Link: https://lkml.kernel.org/r/CABatt_ytYORYKtApcB4izhNanEKkGFi9XAQMjHi_n-8YWoCRiw@mail.gmail.com
> > Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
> > Tested-by: Fabio Estevam <fabio.estevam@nxp.com>
> > Reviewed-by: Tudor Ambarus <tudor.ambarus@microchip.com>
> > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
> >
> > diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c
> > index 7a897209f181..979072b25eaa 100644
> > --- a/drivers/crypto/caam/caampkc.c
> > +++ b/drivers/crypto/caam/caampkc.c
> > @@ -166,18 +166,71 @@ static void rsa_priv_f3_done(struct device *dev, u32 *desc, u32 err,
> > akcipher_request_complete(req, err);
> > }
> >
> > +static int caam_rsa_count_leading_zeros(struct scatterlist *sgl,
> > + unsigned int nbytes,
> > + unsigned int flags)
> > +{
> > + struct sg_mapping_iter miter;
> > + int lzeros, ents;
> > + unsigned int len;
> > + unsigned int tbytes = nbytes;
> > + const u8 *buff;
> > +
> > + ents = sg_nents_for_len(sgl, nbytes);
> > + if (ents < 0)
> > + return ents;
> > +
> > + sg_miter_start(&miter, sgl, ents, SG_MITER_FROM_SG | flags);
> > +
> > + lzeros = 0;
> > + len = 0;
> > + while (nbytes > 0) {
> > + while (len && !*buff) {
> > + lzeros++;
> > + len--;
> > + buff++;
> > + }
> > +
> > + if (len && *buff)
> > + break;
> > +
> > + sg_miter_next(&miter);
> > + buff = miter.addr;
> > + len = miter.length;
> > +
> > + nbytes -= lzeros;
> > + lzeros = 0;
> > + }
> > +
> > + miter.consumed = lzeros;
> > + sg_miter_stop(&miter);
> > + nbytes -= lzeros;
> > +
> > + return tbytes - nbytes;
> > +}
> > +
> > static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req,
> > size_t desclen)
> > {
> > struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
> > struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
> > struct device *dev = ctx->dev;
> > + struct caam_rsa_req_ctx *req_ctx = akcipher_request_ctx(req);
> > struct rsa_edesc *edesc;
> > gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
> > GFP_KERNEL : GFP_ATOMIC;
> > + int sg_flags = (flags == GFP_ATOMIC) ? SG_MITER_ATOMIC : 0;
> > int sgc;
> > int sec4_sg_index, sec4_sg_len = 0, sec4_sg_bytes;
> > int src_nents, dst_nents;
> > + int lzeros;
> > +
> > + lzeros = caam_rsa_count_leading_zeros(req->src, req->src_len, sg_flags);
> > + if (lzeros < 0)
> > + return ERR_PTR(lzeros);
> > +
> > + req->src_len -= lzeros;
> > + req->src = scatterwalk_ffwd(req_ctx->src, req->src, lzeros);
> >
> > src_nents = sg_nents_for_len(req->src, req->src_len);
> > dst_nents = sg_nents_for_len(req->dst, req->dst_len);
> > @@ -953,6 +1006,7 @@ static struct akcipher_alg caam_rsa = {
> > .max_size = caam_rsa_max_size,
> > .init = caam_rsa_init_tfm,
> > .exit = caam_rsa_exit_tfm,
> > + .reqsize = sizeof(struct caam_rsa_req_ctx),
> > .base = {
> > .cra_name = "rsa",
> > .cra_driver_name = "rsa-caam",
> > diff --git a/drivers/crypto/caam/caampkc.h b/drivers/crypto/caam/caampkc.h
> > index fd145c46eae1..82645bcf8b27 100644
> > --- a/drivers/crypto/caam/caampkc.h
> > +++ b/drivers/crypto/caam/caampkc.h
> > @@ -95,6 +95,14 @@ struct caam_rsa_ctx {
> > struct device *dev;
> > };
> >
> > +/**
> > + * caam_rsa_req_ctx - per request context.
> > + * @src: input scatterlist (stripped of leading zeros)
> > + */
> > +struct caam_rsa_req_ctx {
> > + struct scatterlist src[2];
> > +};
> > +
> > /**
> > * rsa_edesc - s/w-extended rsa descriptor
> > * @src_nents : number of segments in input scatterlist
> >
>
>
> I have back ported this to 4.9 and have it running on an i.MX6UL
> board. I am happy to submit this if someone can tell me the best way
> to do this.
Just send it to stable@vger.kernel.org and say "here is the backport to
4.9 of commit id XXXX, can you please apply it?"
nothing fancy needed :)
thanks,
greg k-h
prev parent reply other threads:[~2018-06-15 8:13 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-14 13:08 FAILED: patch "[PATCH] crypto: caam - strip input zeros from RSA input buffer" failed to apply to 4.9-stable tree gregkh
2018-06-15 8:07 ` Martin Townsend
2018-06-15 8:12 ` Greg KH [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180615081258.GA3919@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=fabio.estevam@nxp.com \
--cc=herbert@gondor.apana.org.au \
--cc=horia.geanta@nxp.com \
--cc=mtownsend1973@gmail.com \
--cc=stable@vger.kernel.org \
--cc=tudor.ambarus@microchip.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).