[PATCH] lib: rsa: Fix unaligned 64-bit fdt accesses

[PATCH] lib: rsa: Fix unaligned 64-bit fdt accesses

[Jan Kiszka]

From: Jan Kiszka <jan.kiszka@siemens.com>

The fdt only provides 32-bit alignment of data. If the public_exponent
happens to be not 64-bit aligned, we can trigger an exception on certain
architectures. Seen on TI AM64x.

Note that the normal way of accessing such a number would be
fdtdec_get_number. However, this is not available for tools, and this
is one use case for lib/rsa.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 lib/rsa/rsa-mod-exp.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/rsa/rsa-mod-exp.c b/lib/rsa/rsa-mod-exp.c
index 420ab2eba0..4b9c4b1459 100644
--- a/lib/rsa/rsa-mod-exp.c
+++ b/lib/rsa/rsa-mod-exp.c
@@ -246,6 +246,11 @@ static void rsa_convert_big_endian(uint32_t *dst, const uint32_t *src, int len)
 		dst[i] = fdt32_to_cpu(src[len - 1 - i]);
 }
 
+static uint64_t fdt64_get(const uint32_t *data)
+{
+	return ((uint64_t)fdt32_to_cpu(data[0]) << 32) | fdt32_to_cpu(data[1]);
+}
+
 int rsa_mod_exp_sw(const uint8_t *sig, uint32_t sig_len,
 		struct key_prop *prop, uint8_t *out)
 {
@@ -262,8 +267,7 @@ int rsa_mod_exp_sw(const uint8_t *sig, uint32_t sig_len,
 	if (!prop->public_exponent)
 		key.exponent = RSA_DEFAULT_PUBEXP;
 	else
-		key.exponent =
-			fdt64_to_cpu(*((uint64_t *)(prop->public_exponent)));
+		key.exponent = fdt64_get(prop->public_exponent);
 
 	if (!key.len || !prop->modulus || !prop->rr) {
 		debug("%s: Missing RSA key info", __func__);
-- 
2.26.1

[PATCH] lib: rsa: Fix unaligned 64-bit fdt accesses

[Tom Rini]

On Wed, May 06, 2020 at 06:32:03PM +0200, Jan Kiszka wrote:

> From: Jan Kiszka <jan.kiszka@siemens.com>
> 
> The fdt only provides 32-bit alignment of data. If the public_exponent
> happens to be not 64-bit aligned, we can trigger an exception on certain
> architectures. Seen on TI AM64x.
> 
> Note that the normal way of accessing such a number would be
> fdtdec_get_number. However, this is not available for tools, and this
> is one use case for lib/rsa.
> 
> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>

This is the same as:
http://patchwork.ozlabs.org/project/uboot/patch/20200503112634.590399-1-heiko at sntech.de/
I think which I'm testing right now.  Can you please confirm and
tested-by?  Thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200506/87f5ddb8/attachment.sig>

[PATCH] lib: rsa: Fix unaligned 64-bit fdt accesses

[Jan Kiszka]

On 06.05.20 22:00, Tom Rini wrote:
> On Wed, May 06, 2020 at 06:32:03PM +0200, Jan Kiszka wrote:
> 
>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>
>> The fdt only provides 32-bit alignment of data. If the public_exponent
>> happens to be not 64-bit aligned, we can trigger an exception on certain
>> architectures. Seen on TI AM64x.
>>
>> Note that the normal way of accessing such a number would be
>> fdtdec_get_number. However, this is not available for tools, and this
>> is one use case for lib/rsa.
>>
>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
> 
> This is the same as:
> http://patchwork.ozlabs.org/project/uboot/patch/20200503112634.590399-1-heiko at sntech.de/
> I think which I'm testing right now.  Can you please confirm and
> tested-by?  Thanks!
> 

Oh, I should monitor the list better (I'm lacking an nntp archive for 
it, like lore.kernel.org).

Heiko's looks nicer, will test.

Jan

-- 
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux