[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <VI1PR0402MB34853587C20B018A8F53C2BF98090@VI1PR0402MB3485.eurprd04.prod.outlook.com>
Date: Wed, 15 May 2019 06:46:48 +0000
From: Horia Geanta <horia.geanta@....com>
To: Iuliana Prodan <iuliana.prodan@....com>,
Herbert Xu <herbert@...dor.apana.org.au>,
Aymen Sghaier <aymen.sghaier@....com>
CC: "David S. Miller" <davem@...emloft.net>,
"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
dl-linux-imx <linux-imx@....com>
Subject: Re: [PATCH 1/2] crypto: caam - fix pkcs1pad(rsa-caam, sha256) failure
because of invalid input
On 5/14/2019 7:45 PM, Iuliana Prodan wrote:
[...]
> diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c
[...]
> @@ -218,27 +230,45 @@ static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req,
> struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
> struct device *dev = ctx->dev;
> struct caam_rsa_req_ctx *req_ctx = akcipher_request_ctx(req);
> + struct caam_rsa_key *key = &ctx->key;
> struct rsa_edesc *edesc;
> gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
> GFP_KERNEL : GFP_ATOMIC;
> int sg_flags = (flags == GFP_ATOMIC) ? SG_MITER_ATOMIC : 0;
> int sgc;
> - int sec4_sg_index, sec4_sg_len = 0, sec4_sg_bytes;
> + int sec4_sg_index = 0, sec4_sg_len = 0, sec4_sg_bytes;
Initialization of sec4_sg_index not needed, it's unconditionally set further below.
[...]
> - if (src_nents > 1)
> - sec4_sg_len = src_nents;
> + if (!diff_size && src_nents == 1)
> + sec4_sg_len = 0; /* no need for an input hw s/g table */
> + else
> + sec4_sg_len = src_nents + !!diff_size;
> + sec4_sg_index = sec4_sg_len;
> if (dst_nents > 1)
> sec4_sg_len += dst_nents;
>
[...]
> @@ -1060,6 +1107,12 @@ static int __init caam_pkc_init(void)
> goto out_put_dev;
> }
>
> + /* allocate zero buffer, used for padding input */
> + zero_buffer = kzalloc(CAAM_RSA_MAX_INPUT_SIZE - 1, GFP_DMA |
> + GFP_KERNEL);
> + if (!zero_buffer)
> + return -ENOMEM;
Need to take care of freeing resources on error path.
> +
> err = crypto_register_akcipher(&caam_rsa);
> if (err)
> dev_warn(ctrldev, "%s alg registration failed\n",
Thanks,
Horia
Powered by blists - more mailing lists