Hi Kamila, On Thu, Feb 20, 2025 at 02:02:03PM +0000, Kamila Sionek wrote:
Dear Maintainers, I would like to bring to your attention the need for a backport of several patches to the 5.10.X kernel to address issues with self-tests for rsa-caam. In kernel version 5.10.231-rt123, the introduction of commit dead96e1c748ff84ecac83ea3c5a4d7a2e57e051 (crypto: caam - add error check to caam_rsa_set_priv_key_form), which added checks for memory allocation errors, has caused the self-test for rsa-caam to fail in FIPS mode, resulting in the following error message: alg: akcipher: test 1 failed for rsa-caam, err=-12 Kernel panic - not syncing: alg: self-tests for rsa-caam (rsa) failed in fips mode! The following patches should be backported to resolve this issue:
Thanks for the heads up, I've queued them for the next release. One nit:
8aaa4044999863199124991dfa489fd248d73789 (crypto: testmgr - some more fixes to RSA test vectors) d824c61df41758f8c045e9522e850b615ee0ca1c (crypto: testmgr - populate RSA CRT parameters in RSA test vectors) ceb31f1c4c6894c4f9e65f4381781917a7a4c898 (crypto: testmgr - fix version number of RSA tests) 88c2d62e7920edb50661656c85932b5cd100069b (crypto: testmgr - Fix wrong test case of RSA) 1040cf9c9e7518600e7fcc24764d1c4b8a1b62f5 (crypto: testmgr - fix wrong key length for pkcs1pad)
These SHA1s don't seem to correspond to a public tree, so I suspect that you cherry-picked them locally. This made me feel better as I suspect that you also thoroughly tested them, but keep it in mind for next time :) -- Thanks, Sasha
