Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

Hi Martin, On Tue, Apr 10, 2018 at 7:01 PM, Martin Townsend wrote: > A hexdump of the signature reveals a 0x00 at the start Yes, same is happening here on my mx6ul evk running linux-next: [2.990651] cfg80211: Loading compiled-in X.509 certificates for regulatory

Re: [PATCH v2 1/2] crypto: caam - staticize caam_get_era()

On Tue, Apr 10, 2018 at 10:54 PM, Fabio Estevam wrote: > From: Fabio Estevam > > caam_get_era() is only used locally, so do not export this function > and make it static instead. > > Signed-off-by: Fabio Estevam > --- > Changes

[PATCH v2 1/2] crypto: caam - staticize caam_get_era()

From: Fabio Estevam caam_get_era() is only used locally, so do not export this function and make it static instead. Signed-off-by: Fabio Estevam --- Changes since v1: - None. I previously asked to put the linux-crypto list on Cc

[PATCH v2 2/2] crypto: caam - allow retrieving 'era' from register

From: Fabio Estevam The 'era' information can be retrieved from CAAM registers, so introduce a caam_get_era_from_hw() function that gets it via register reads in case the 'fsl,sec-era' property is not passed in the device tree. This function is based on the U-Boot

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

On Tue, 2018-04-10 at 23:01 +0100, Martin Townsend wrote: > Using openssl to get the signature in my x509 cert > >    Signature Algorithm: sha256WithRSAEncryption > 68:82:cc:5d:f9:ee:fb:1a:77:72:a6:a9:c6:4c:cc:d7:f6:2a: > 17:a5:db:bf:5a:2b:8d:39:60:dc:a0:93:39:45:0f:bc:a7:e8: >  

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

Size Error - A protocol has seen an error in size. When >> running RSA, pdb size N < (size of F) when no formatting is used; or >> pdb si >> ze N < (F + 11) when formatting is used. >> [3.022168] [ cut here ] >> [3.027247] WARNIN

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

sc idx 7: > Protocol Size Error - A protocol has seen an error in size. When > running RSA, pdb size N < (size of F) when no formatting is used; or > pdb si > ze N < (F + 11) when formatting is used. > [3.022168] [ cut here ]---- > [3.027

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

[3.027247] WARNING: CPU: 0 PID: 1 at crypto/asymmetric_keys/public_key.c:148 public_key_verify_signature+0x27c/0x2b0 [3.038075] Modules linked in: [3.041226] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.16.0-next-20180410-2-gf0ccf31-dirty #223 [3.050413] Hardware name: F

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

Hi Fabio, On Tue, Apr 10, 2018 at 5:59 PM, Fabio Estevam wrote: > Hi Martin, > > On Mon, Apr 9, 2018 at 5:41 AM, Martin Townsend > wrote: >> Hi, >> >> I'm trying to get to the bottom of an issue I'm seeing when enabling >> the CAAM in the kernel

Re: CAAM and IMA/EVM : caam_rsa_enc: DECO: desc idx 7: Protocol Size Error

Hi Martin, On Mon, Apr 9, 2018 at 5:41 AM, Martin Townsend wrote: > Hi, > > I'm trying to get to the bottom of an issue I'm seeing when enabling > the CAAM in the kernel with IMA/EVM enabled. I'm using the official > NXP (imx_4.9.11_1.0.0_ga) vendor Kernel. Does it

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

Am Dienstag, 10. April 2018, 17:23:46 CEST schrieb Dmitry Vyukov: Hi Dmitry, > Stephan, > > Do you have any hypothesis as to why this is not detected by KASAN and > causes silent corruptions? > We generally try to understand such cases and improve KASAN so that it > catches such cases more

Re: [PATCH] crypto: DRBG - guard uninstantion by lock

On Mon, Apr 9, 2018 at 9:57 AM, Dmitry Vyukov wrote: > On Mon, Apr 9, 2018 at 7:40 AM, Stephan Mueller wrote: >> Am Montag, 9. April 2018, 00:46:03 CEST schrieb Theodore Y. Ts'o: >> >> Hi Theodore, >>> >>> So the syzbot will run while the patch goes