lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <VI1PR0402MB34853587C20B018A8F53C2BF98090@VI1PR0402MB3485.eurprd04.prod.outlook.com>
Date:   Wed, 15 May 2019 06:46:48 +0000
From:   Horia Geanta <horia.geanta@....com>
To:     Iuliana Prodan <iuliana.prodan@....com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        Aymen Sghaier <aymen.sghaier@....com>
CC:     "David S. Miller" <davem@...emloft.net>,
        "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        dl-linux-imx <linux-imx@....com>
Subject: Re: [PATCH 1/2] crypto: caam - fix pkcs1pad(rsa-caam, sha256) failure
 because of invalid input

On 5/14/2019 7:45 PM, Iuliana Prodan wrote:
[...]
> diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c
[...]
> @@ -218,27 +230,45 @@ static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req,
>  	struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
>  	struct device *dev = ctx->dev;
>  	struct caam_rsa_req_ctx *req_ctx = akcipher_request_ctx(req);
> +	struct caam_rsa_key *key = &ctx->key;
>  	struct rsa_edesc *edesc;
>  	gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
>  		       GFP_KERNEL : GFP_ATOMIC;
>  	int sg_flags = (flags == GFP_ATOMIC) ? SG_MITER_ATOMIC : 0;
>  	int sgc;
> -	int sec4_sg_index, sec4_sg_len = 0, sec4_sg_bytes;
> +	int sec4_sg_index = 0, sec4_sg_len = 0, sec4_sg_bytes;
Initialization of sec4_sg_index not needed, it's unconditionally set further below.

[...]
> -	if (src_nents > 1)
> -		sec4_sg_len = src_nents;
> +	if (!diff_size && src_nents == 1)
> +		sec4_sg_len = 0; /* no need for an input hw s/g table */
> +	else
> +		sec4_sg_len = src_nents + !!diff_size;
> +	sec4_sg_index = sec4_sg_len;
>  	if (dst_nents > 1)
>  		sec4_sg_len += dst_nents;
>  

[...]
> @@ -1060,6 +1107,12 @@ static int __init caam_pkc_init(void)
>  		goto out_put_dev;
>  	}
>  
> +	/* allocate zero buffer, used for padding input */
> +	zero_buffer = kzalloc(CAAM_RSA_MAX_INPUT_SIZE - 1, GFP_DMA |
> +			      GFP_KERNEL);
> +	if (!zero_buffer)
> +		return -ENOMEM;
Need to take care of freeing resources on error path.

> +
>  	err = crypto_register_akcipher(&caam_rsa);
>  	if (err)
>  		dev_warn(ctrldev, "%s alg registration failed\n",

Thanks,
Horia

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ