From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.kernel.org ([198.145.29.99]:43830 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755847AbeFOINW (ORCPT ); Fri, 15 Jun 2018 04:13:22 -0400 Date: Fri, 15 Jun 2018 10:12:58 +0200 From: Greg KH To: Martin Townsend Cc: Horia =?utf-8?Q?Geant=C4=83?= , Fabio Estevam , Herbert Xu , stable@vger.kernel.org, Tudor Ambarus Subject: Re: FAILED: patch "[PATCH] crypto: caam - strip input zeros from RSA input buffer" failed to apply to 4.9-stable tree Message-ID: <20180615081258.GA3919@kroah.com> References: <152898168181115@kroah.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Sender: stable-owner@vger.kernel.org List-ID: On Fri, Jun 15, 2018 at 09:07:24AM +0100, Martin Townsend wrote: > On Thu, Jun 14, 2018 at 2:08 PM wrote: > > > > > > The patch below does not apply to the 4.9-stable tree. > > If someone wants it applied there, or to any other stable or longterm > > tree, then please email the backport, including the original git commit > > id to . > > > > thanks, > > > > greg k-h > > > > ------------------ original commit in Linus's tree ------------------ > > > > From 8a2a0dd35f2e54c023d9041a5428b6c5639af86c Mon Sep 17 00:00:00 2001 > > From: =?UTF-8?q?Horia=20Geant=C4=83?= > > Date: Mon, 16 Apr 2018 08:07:05 -0500 > > Subject: [PATCH] crypto: caam - strip input zeros from RSA input buffer > > MIME-Version: 1.0 > > Content-Type: text/plain; charset=UTF-8 > > Content-Transfer-Encoding: 8bit > > > > Sometimes the provided RSA input buffer provided is not stripped > > of leading zeros. This could cause its size to be bigger than that > > of the modulus, making the HW complain: > > > > caam_jr 2142000.jr1: 40000789: DECO: desc idx 7: > > Protocol Size Error - A protocol has seen an error in size. When > > running RSA, pdb size N < (size of F) when no formatting is used; or > > pdb size N < (F + 11) when formatting is used. > > > > Fix the problem by stripping off the leading zero from input data > > before feeding it to the CAAM accelerator. > > > > Fixes: 8c419778ab57e ("crypto: caam - add support for RSA algorithm") > > Cc: # 4.8+ > > Reported-by: Martin Townsend > > Link: https://lkml.kernel.org/r/CABatt_ytYORYKtApcB4izhNanEKkGFi9XAQMjHi_n-8YWoCRiw@mail.gmail.com > > Signed-off-by: Horia Geantă > > Tested-by: Fabio Estevam > > Reviewed-by: Tudor Ambarus > > Signed-off-by: Herbert Xu > > > > diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c > > index 7a897209f181..979072b25eaa 100644 > > --- a/drivers/crypto/caam/caampkc.c > > +++ b/drivers/crypto/caam/caampkc.c > > @@ -166,18 +166,71 @@ static void rsa_priv_f3_done(struct device *dev, u32 *desc, u32 err, > > akcipher_request_complete(req, err); > > } > > > > +static int caam_rsa_count_leading_zeros(struct scatterlist *sgl, > > + unsigned int nbytes, > > + unsigned int flags) > > +{ > > + struct sg_mapping_iter miter; > > + int lzeros, ents; > > + unsigned int len; > > + unsigned int tbytes = nbytes; > > + const u8 *buff; > > + > > + ents = sg_nents_for_len(sgl, nbytes); > > + if (ents < 0) > > + return ents; > > + > > + sg_miter_start(&miter, sgl, ents, SG_MITER_FROM_SG | flags); > > + > > + lzeros = 0; > > + len = 0; > > + while (nbytes > 0) { > > + while (len && !*buff) { > > + lzeros++; > > + len--; > > + buff++; > > + } > > + > > + if (len && *buff) > > + break; > > + > > + sg_miter_next(&miter); > > + buff = miter.addr; > > + len = miter.length; > > + > > + nbytes -= lzeros; > > + lzeros = 0; > > + } > > + > > + miter.consumed = lzeros; > > + sg_miter_stop(&miter); > > + nbytes -= lzeros; > > + > > + return tbytes - nbytes; > > +} > > + > > static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req, > > size_t desclen) > > { > > struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); > > struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm); > > struct device *dev = ctx->dev; > > + struct caam_rsa_req_ctx *req_ctx = akcipher_request_ctx(req); > > struct rsa_edesc *edesc; > > gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? > > GFP_KERNEL : GFP_ATOMIC; > > + int sg_flags = (flags == GFP_ATOMIC) ? SG_MITER_ATOMIC : 0; > > int sgc; > > int sec4_sg_index, sec4_sg_len = 0, sec4_sg_bytes; > > int src_nents, dst_nents; > > + int lzeros; > > + > > + lzeros = caam_rsa_count_leading_zeros(req->src, req->src_len, sg_flags); > > + if (lzeros < 0) > > + return ERR_PTR(lzeros); > > + > > + req->src_len -= lzeros; > > + req->src = scatterwalk_ffwd(req_ctx->src, req->src, lzeros); > > > > src_nents = sg_nents_for_len(req->src, req->src_len); > > dst_nents = sg_nents_for_len(req->dst, req->dst_len); > > @@ -953,6 +1006,7 @@ static struct akcipher_alg caam_rsa = { > > .max_size = caam_rsa_max_size, > > .init = caam_rsa_init_tfm, > > .exit = caam_rsa_exit_tfm, > > + .reqsize = sizeof(struct caam_rsa_req_ctx), > > .base = { > > .cra_name = "rsa", > > .cra_driver_name = "rsa-caam", > > diff --git a/drivers/crypto/caam/caampkc.h b/drivers/crypto/caam/caampkc.h > > index fd145c46eae1..82645bcf8b27 100644 > > --- a/drivers/crypto/caam/caampkc.h > > +++ b/drivers/crypto/caam/caampkc.h > > @@ -95,6 +95,14 @@ struct caam_rsa_ctx { > > struct device *dev; > > }; > > > > +/** > > + * caam_rsa_req_ctx - per request context. > > + * @src: input scatterlist (stripped of leading zeros) > > + */ > > +struct caam_rsa_req_ctx { > > + struct scatterlist src[2]; > > +}; > > + > > /** > > * rsa_edesc - s/w-extended rsa descriptor > > * @src_nents : number of segments in input scatterlist > > > > > I have back ported this to 4.9 and have it running on an i.MX6UL > board. I am happy to submit this if someone can tell me the best way > to do this. Just send it to stable@vger.kernel.org and say "here is the backport to 4.9 of commit id XXXX, can you please apply it?" nothing fancy needed :) thanks, greg k-h