Re: [PATCH 1/2] crypto: caam - fix pkcs1pad(rsa-caam, sha256) failure because of invalid input
From: Horia Geanta
Date: Wed May 15 2019 - 02:48:39 EST
On 5/14/2019 7:45 PM, Iuliana Prodan wrote:
[...]
> diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c
[...]
> @@ -218,27 +230,45 @@ static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req,
> struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
> struct device *dev = ctx->dev;
> struct caam_rsa_req_ctx *req_ctx = akcipher_request_ctx(req);
> + struct caam_rsa_key *key = &ctx->key;
> struct rsa_edesc *edesc;
> gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
> GFP_KERNEL : GFP_ATOMIC;
> int sg_flags = (flags == GFP_ATOMIC) ? SG_MITER_ATOMIC : 0;
> int sgc;
> - int sec4_sg_index, sec4_sg_len = 0, sec4_sg_bytes;
> + int sec4_sg_index = 0, sec4_sg_len = 0, sec4_sg_bytes;
Initialization of sec4_sg_index not needed, it's unconditionally set further below.
[...]
> - if (src_nents > 1)
> - sec4_sg_len = src_nents;
> + if (!diff_size && src_nents == 1)
> + sec4_sg_len = 0; /* no need for an input hw s/g table */
> + else
> + sec4_sg_len = src_nents + !!diff_size;
> + sec4_sg_index = sec4_sg_len;
> if (dst_nents > 1)
> sec4_sg_len += dst_nents;
>
[...]
> @@ -1060,6 +1107,12 @@ static int __init caam_pkc_init(void)
> goto out_put_dev;
> }
>
> + /* allocate zero buffer, used for padding input */
> + zero_buffer = kzalloc(CAAM_RSA_MAX_INPUT_SIZE - 1, GFP_DMA |
> + GFP_KERNEL);
> + if (!zero_buffer)
> + return -ENOMEM;
Need to take care of freeing resources on error path.
> +
> err = crypto_register_akcipher(&caam_rsa);
> if (err)
> dev_warn(ctrldev, "%s alg registration failed\n",
Thanks,
Horia