Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp214292pxf; Wed, 10 Mar 2021 04:48:36 -0800 (PST) X-Google-Smtp-Source: ABdhPJy/hy13j/Hjy2VUUxQ6YC27osCLwdAHUFO8VcRyokh4Sogn31jHHc0fZjiiNj6u1P+7dz1l X-Received: by 2002:a17:906:7015:: with SMTP id n21mr3428938ejj.391.1615380516010; Wed, 10 Mar 2021 04:48:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615380516; cv=none; d=google.com; s=arc-20160816; b=brSZFc8Z3iOAM49TAsENmf7A3X0Ju7pIsHD6/OaSGWNArPQ8BDy4rWZFA5X5BXORnZ ciI2sjGfrTU0p/RTygvQnQkN0r4jUGNsj1wOwaO5rVRc0OOwkEZZFbgeAE80Zl8vOfEy myOJlssILfBitAQzXEticapE1Hmp9sHHNsK1+uQGDLf45Q8oZHJ2pLo+KTI3ZTBOeUbx NSx8mUgzMf1q817XQDffIoe1AEsik12jxL8t/bHF/QT0zmWYMDbM/gZnAQ1bBlmh2Qkh zeKfOK/B3cg4C6ZXSNKBQ+LBswipExkCKDgKDCi9N35J3lZToSTWP3iDuFFr7QFUnOAE EzyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=Q776OBwbZSr/fiDdMZELA007TChWBSKdlrh1asmzN6w=; b=nAQjadzb/KXqgEX7vNBLZbtohaTAyuxmfwCeuatoMyoVS8EZ3SqGBX0XbHgC6dmiLd mZf53XZc6kDC4wCv14GcIXHhWJSTS/8nZ0AKKFbJ4jnyR49+/WNRSwuUo+vP1QpPM9ae ovu8j+L9IPL/+sHNyE8+yhMT8p6lGMYXKIaZ6CktXwg5+Cenwc2+me/6lfk/WB1CQgzI hhTdzHkZADj1nBzQztQode6mP1eYBsw9/O3z68TqqiQ/bQFC65wSvvffSvp4L0L0DI9y imiusJuoxNIkw5Kq1WeMaJyUSTwV/+dDzharK6Q3MNCmMv4e2epWORf/SALE89+JwfcD LDpw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d15si4277760edu.375.2021.03.10.04.48.13; Wed, 10 Mar 2021 04:48:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232268AbhCJMpK (ORCPT + 99 others); Wed, 10 Mar 2021 07:45:10 -0500 Received: from out30-132.freemail.mail.aliyun.com ([115.124.30.132]:37202 "EHLO out30-132.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229948AbhCJMos (ORCPT ); Wed, 10 Mar 2021 07:44:48 -0500 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R101e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e04395;MF=zhang.jia@linux.alibaba.com;NM=1;PH=DS;RN=13;SR=0;TI=SMTPD_---0URK2fWn_1615380284; Received: from ali-6c96cfd98fb5.local(mailfrom:zhang.jia@linux.alibaba.com fp:SMTPD_---0URK2fWn_1615380284) by smtp.aliyun-inc.com(127.0.0.1); Wed, 10 Mar 2021 20:44:45 +0800 Subject: Re: [PATCH] selftests/sgx: fix EINIT failure dueto SGX_INVALID_SIGNATURE To: Jarkko Sakkinen , Andy Lutomirski Cc: Tianjia Zhang , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Sean Christopherson , Shuah Khan , X86 ML , linux-sgx@vger.kernel.org, "open list:KERNEL SELFTEST FRAMEWORK" , LKML References: <20210301051836.30738-1-tianjia.zhang@linux.alibaba.com> <3bcdcf04-4bed-ed95-84b6-790675f18240@linux.alibaba.com> From: Jia Zhang Message-ID: <1f5c2375-39e2-65a8-3ad3-8dc43422f568@linux.alibaba.com> Date: Wed, 10 Mar 2021 20:44:44 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2021/3/2 下午9:47, Jarkko Sakkinen wrote: > On Mon, Mar 01, 2021 at 09:54:37PM -0800, Andy Lutomirski wrote: >> On Mon, Mar 1, 2021 at 9:06 PM Tianjia Zhang >> wrote: >>> >>> >>> >>> On 3/1/21 5:54 PM, Jarkko Sakkinen wrote: >>>> On Mon, Mar 01, 2021 at 01:18:36PM +0800, Tianjia Zhang wrote: >>>>> q2 is not always 384-byte length. Sometimes it only has 383-byte. >>>> >>>> What does determine this? >>>> >>>>> In this case, the valid portion of q2 is reordered reversely for >>>>> little endian order, and the remaining portion is filled with zero. >>>> >>>> I'm presuming that you want to say "In this case, q2 needs to be reversed because...". >>>> >>>> I'm lacking these details: >>>> >>>> 1. Why the length of Q2 can vary? >>>> 2. Why reversing the bytes is the correct measure to counter-measure >>>> this variation? >>>> >>>> /Jarkko >>>> >>> >>> When use openssl to generate a key instead of using the built-in >>> sign_key.pem, there is a probability that will encounter this problem. >>> >>> Here is a problematic key I encountered. The calculated q1 and q2 of >>> this key are both 383 bytes, If the length is not processed, the >>> hardware signature will fail. >> >> Presumably the issue is that some keys have parameters that have >> enough leading 0 bits to be effectively shorter. The openssl API >> (and, sadly, a bunch of the ASN.1 stuff) treats these parameters as >> variable-size integers. > > But the test uses a static key. It used to generate a key on fly but IMO even though the test code, it comes from the linux kernel, meaning that its quality has a certain guarantee and it is a good reference, so the test code still needs to ensure its correctness. Jia > in some of the last versions I replaced key generation with a static > key: > > static RSA *gen_sign_key(void) > { > unsigned long sign_key_length; > BIO *bio; > RSA *key; > > sign_key_length = (unsigned long)&sign_key_end - > (unsigned long)&sign_key; > > bio = BIO_new_mem_buf(&sign_key, sign_key_length); > if (!bio) > return NULL; > > key = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL); > BIO_free(bio); > > return key; > } > > /Jarkko >