[PATCH] crypto: rsa - Remove unneeded error assignment

From: Fabio Estevam There is no need to assign an error value to 'ret' prior to calling mpi_read_raw_from_sgl() because in the case of error the 'ret' variable will be assigned to the error code inside the if block. In the case of non failure, 'ret' will be overwritten

[PATCH] crypto: testmgr: Allow different compression results

From: Mahipal Challa The following error is triggered by the ThunderX ZIP driver if the testmanager is enabled: [ 199.069437] ThunderX-ZIP :03:00.0: Found ZIP device 0 177d:a01a on Node 0 [ 199.073573] alg: comp: Compression test 1 failed for deflate-generic: output

Re: [PATCH] crypto: drbg - set freed buffers to NULL

On Wed, Apr 11, 2018 at 04:31:01PM +0200, Stephan Müller wrote: > Sorry, this time with the proper subject line. > > ---8<--- > > During freeing of the internal buffers used by the DRBG, set the pointer > to NULL. It is possible that the context with the freed buffers is > reused. In case of an

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

Hi Horia, On Wed, Apr 11, 2018 at 7:15 AM, Horia Geantă wrote: > You'd want to make sure rsa is offloaded to caam in this case - check in > /proc/crypto. > IIRC there are some i.mx parts that don't have support for Public Key > acceleration (PKHA). PKHA is present on

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

On Wed, Apr 11, 2018 at 4:26 PM, Stephan Müller wrote: > Hi Dimitry, > > This fix prevents the kernel from crashing when injecting the fault. Good! > Stack traces are yet shown but I guess that is expected every time > a fault is injected. Yes, nothing to fix here. > As

RE: [PATCH v2 0/2] crypto: removing various VLAs

From: Salvatore Mesoraca > Sent: 09 April 2018 17:38 ... > > You can also do much better than allocating MAX_BLOCKSIZE + MAX_ALIGNMASK > > bytes by requesting 'long' aligned on-stack memory. > > The easiest way is to define a union like: > > > > union crypto_tmp { > > u8

[PATCH] crypto: drbg - set freed buffers to NULL

Sorry, this time with the proper subject line. ---8<--- During freeing of the internal buffers used by the DRBG, set the pointer to NULL. It is possible that the context with the freed buffers is reused. In case of an error during initialization where the pointers do not yet point to allocated

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

Hi Dimitry, This fix prevents the kernel from crashing when injecting the fault. Stack traces are yet shown but I guess that is expected every time a fault is injected. As to why KASAN did not notice this one, I am not sure. Maybe it is because I use two buffer pointers to point to (almost) the

Re: [PATCH v4 2/2] crypto: caam - allow retrieving 'era' from register

On 4/11/2018 3:45 PM, Fabio Estevam wrote: > From: Fabio Estevam > > The 'era' information can be retrieved from CAAM registers, so > introduce a caam_get_era_from_hw() function that gets it via register > reads in case the 'fsl,sec-era' property is not passed in the

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

Am Mittwoch, 11. April 2018, 14:29:45 CEST schrieb Dmitry Vyukov: Hi Dmitry, > > What do you mean by description of the fault? > It's kernel standard FAULT_INJECTION facility, it injects faults > mainly into kmalloc/slab_alloc (also in a bunch of other things, but > in this case this seems to be

[PATCH v4 1/2] crypto: caam - staticize caam_get_era()

From: Fabio Estevam caam_get_era() is only used locally, so do not export this function and make it static instead. Signed-off-by: Fabio Estevam Reviewed-by: Horia Geantă --- Changes since v3: - None.

[PATCH v4 2/2] crypto: caam - allow retrieving 'era' from register

From: Fabio Estevam The 'era' information can be retrieved from CAAM registers, so introduce a caam_get_era_from_hw() function that gets it via register reads in case the 'fsl,sec-era' property is not passed in the device tree. This function is based on the U-Boot

Re: [PATCH v3 2/2] crypto: caam - allow retrieving 'era' from register

On 4/11/2018 2:59 PM, Fabio Estevam wrote: > From: Fabio Estevam > > The 'era' information can be retrieved from CAAM registers, so > introduce a caam_get_era_from_hw() function that gets it via register > reads in case the 'fsl,sec-era' property is not passed in the

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

On Tue, Apr 10, 2018 at 5:35 PM, Stephan Mueller wrote: > Am Dienstag, 10. April 2018, 17:23:46 CEST schrieb Dmitry Vyukov: > > Hi Dmitry, > >> Stephan, >> >> Do you have any hypothesis as to why this is not detected by KASAN and >> causes silent corruptions? >> We generally

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

On Wed, Apr 11, 2018 at 11:58 AM, Horia Geantă wrote: > On 4/11/2018 1:36 AM, James Bottomley wrote: >> On Tue, 2018-04-10 at 23:01 +0100, Martin Townsend wrote: >>> Using openssl to get the signature in my x509 cert >>> >>>Signature Algorithm: sha256WithRSAEncryption

Re: [PATCH v2 2/2] crypto: caam - allow retrieving 'era' from register

Hi Horia, On Wed, Apr 11, 2018 at 4:47 AM, Horia Geantă wrote: > Have you actually hit a case where the property was missing from DT? Yes, on imx7s.dtsi it is missing. I also started adding CAAM support to mx6ul and I did not pass the ""fsl,sec-era" Thanks for your

[PATCH v3 1/2] crypto: caam - staticize caam_get_era()

From: Fabio Estevam caam_get_era() is only used locally, so do not export this function and make it static instead. Signed-off-by: Fabio Estevam --- Changes since v2: - None. drivers/crypto/caam/ctrl.c | 3 +-- drivers/crypto/caam/ctrl.h | 2 --

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

Hi James, On Tue, Apr 10, 2018 at 11:36 PM, James Bottomley wrote: > On Tue, 2018-04-10 at 23:01 +0100, Martin Townsend wrote: >> Using openssl to get the signature in my x509 cert >> >>Signature Algorithm: sha256WithRSAEncryption >>

Re: [RFC PATCH 0/5] KEYS: add kpp keyctl operations

Am Mittwoch, 11. April 2018, 13:08:11 CEST schrieb Tudor Ambarus: Hi Tudor, > Hi, > > There was a long discussion about which interface to chose to export > akcipher and kpp to user-space. This series came as an alternative to > what Stephan proposed for af_alg[1]. I would like some feedback

Re: [RFC PATCH 0/5] KEYS: add kpp keyctl operations

Hi, There was a long discussion about which interface to chose to export akcipher and kpp to user-space. This series came as an alternative to what Stephan proposed for af_alg[1]. I would like some feedback before diving into tpm. Best, ta [1]

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

On 4/11/2018 1:36 AM, James Bottomley wrote: > On Tue, 2018-04-10 at 23:01 +0100, Martin Townsend wrote: >> Using openssl to get the signature in my x509 cert >> >>    Signature Algorithm: sha256WithRSAEncryption >> 68:82:cc:5d:f9:ee:fb:1a:77:72:a6:a9:c6:4c:cc:d7:f6:2a: >>

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

On 4/11/2018 5:21 AM, Fabio Estevam wrote: > Hi Martin, > > On Tue, Apr 10, 2018 at 7:01 PM, Martin Townsend > wrote: > >> A hexdump of the signature reveals a 0x00 at the start > > Yes, same is happening here on my mx6ul evk running linux-next: > [snip] > > However,

Re: [PATCH v2 2/2] crypto: caam - allow retrieving 'era' from register

On 4/11/2018 4:54 AM, Fabio Estevam wrote: > From: Fabio Estevam > > The 'era' information can be retrieved from CAAM registers, so > introduce a caam_get_era_from_hw() function that gets it via register > reads in case the 'fsl,sec-era' property is not passed in the

Re: [PATCH v2 1/2] crypto: caam - staticize caam_get_era()

On 4/11/2018 4:54 AM, Fabio Estevam wrote: > From: Fabio Estevam > > caam_get_era() is only used locally, so do not export this function > and make it static instead. > > Signed-off-by: Fabio Estevam Reviewed-by: Horia Geantă