[PATCH] DM: crypto/fsl: fix unaligned exponent handling in fsl_rsa

public inbox for u-boot@lists.denx.de
 help / color / mirror / Atom feed

From: Oleksandr Suvorov <cryosay@gmail.com>
To: u-boot@lists.denx.de
Cc: Oleksandr Suvorov <cryosay@gmail.com>,
	Gaurav Jain <gaurav.jain@nxp.com>,
	Ruchika Gupta <ruchika.gupta@nxp.com>,
	Simon Glass <sjg@chromium.org>, Tom Rini <trini@konsulko.com>
Subject: [PATCH] DM: crypto/fsl: fix unaligned exponent handling in fsl_rsa
Date: Sun,  5 Apr 2026 16:54:43 +0300	[thread overview]
Message-ID: <20260405135446.415680-1-cryosay@gmail.com> (raw)

The RSA verification path loads the public exponent from the FIT key
node with fdt_getprop(). That property buffer is not guaranteed to be
naturally aligned. On ARM64 this can lead to a synchronous abort when
fsl_rsa uses the exponent value directly during verified boot.

Fix the driver by copying the exponent into an aligned local buffer
before building the CAAM RSA job descriptor. Read the value with the
pointer-safe fdt64_to_cpu() helper and pass the aligned copy to the
engine instead of the original FDT property buffer.

Also flush the cache for the aligned exponent buffer actually consumed
by CAAM so the cache maintenance matches the data path used by the
hardware.

This keeps RSA verification functional while avoiding crashes caused by
unaligned FDT property access.

[1]
---

Trying to boot from MMC2
    sha256,rsa2048:dev"Synchronous Abort" handler, esr 0x96000021
    elr: 00000000007e737c lr : 00000000007e6e78
    x 0: 00000000007fd1e4 x 1: 0000000000000100
    x 2: 0000000000000800 x 3: 000000000091d420
    x 4: 000000000091d420 x 5: 000000000091d588
    x 6: 00000000401ff9b8 x 7: 0000000000000003
    x 8: 000000000091d49c x 9: 0000000000000002
...
    Code: f94008a0 2a0103f4 aa0303f5 b40005c0 (f9400003)
    Resetting CPU ...
---

Fixes: 34276478f7b7 ("DM: crypto/fsl - Add Freescale rsa DM driver")
Signed-off-by: Oleksandr Suvorov <cryosay@gmail.com>
---
 drivers/crypto/fsl/fsl_rsa.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/crypto/fsl/fsl_rsa.c b/drivers/crypto/fsl/fsl_rsa.c
index 125a72ae6d3..053e1862bc4 100644
--- a/drivers/crypto/fsl/fsl_rsa.c
+++ b/drivers/crypto/fsl/fsl_rsa.c
@@ -23,6 +23,7 @@ int fsl_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
 	struct pk_in_params pkin;
 	uint32_t desc[MAX_CAAM_DESCSIZE];
 	int ret;
+	fdt64_t exp = fdt64_to_cpu(prop->public_exponent);
 
 	/* Length in bytes */
 	keylen = prop->num_bits / 8;
@@ -31,15 +32,14 @@ int fsl_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
 	pkin.a_siz = sig_len;
 	pkin.n = prop->modulus;
 	pkin.n_siz = keylen;
-	pkin.e = prop->public_exponent;
+	pkin.e = (void *)&exp;
 	pkin.e_siz = prop->exp_len;
 
 	inline_cnstr_jobdesc_pkha_rsaexp(desc, &pkin, out, sig_len);
 
 	flush_dcache_range((ulong)sig, (ulong)sig + sig_len);
 	flush_dcache_range((ulong)prop->modulus, (ulong)(prop->modulus) + keylen);
-	flush_dcache_range((ulong)prop->public_exponent,
-			   (ulong)(prop->public_exponent) + prop->exp_len);
+	flush_dcache_range((ulong)&exp, (ulong)&exp + prop->exp_len);
 	flush_dcache_range((ulong)desc, (ulong)desc + (sizeof(uint32_t) * MAX_CAAM_DESCSIZE));
 	flush_dcache_range((ulong)out, (ulong)out + sig_len);
 
-- 
2.43.0

base-commit: 214aababe07de0598bd26ecb0c8fb2e2843ff7d5
branch: master-20260404-rsa-verify

next             reply	other threads:[~2026-04-05 14:20 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-05 13:54 Oleksandr Suvorov [this message]
2026-04-09  7:37 ` [PATCH] DM: crypto/fsl: fix unaligned exponent handling in fsl_rsa Peng Fan

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:125a72ae6d dfblob:053e1862bc )
 OR (
bs:"[PATCH] DM: crypto/fsl: fix unaligned exponent handling in fsl_rsa" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260405135446.415680-1-cryosay@gmail.com \
    --to=cryosay@gmail.com \
    --cc=gaurav.jain@nxp.com \
    --cc=ruchika.gupta@nxp.com \
    --cc=sjg@chromium.org \
    --cc=trini@konsulko.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox