From: Ben Hutchings <benh@debian.org>
Date: Tue, 24 Dec 2024 18:57:42 +0100
Subject: crypto: Disable private key operations

RSA decryption with PKCS#1 1.5 padding is vulnerable to a timing
side-channel that leaks information about the private key, the "Marvin
Attack" (CVE-2023-6240).  This patch, extracted from the RHEL 8 kernel
sources, disables the signing and decryption operations that involve a
private key.
---
--- a/crypto/akcipher.c
+++ b/crypto/akcipher.c
@@ -131,14 +131,12 @@
 {
 	struct crypto_alg *base = &alg->base;
 
-	if (!alg->sign)
-		alg->sign = akcipher_default_op;
+	alg->sign = akcipher_default_op;
 	if (!alg->verify)
 		alg->verify = akcipher_default_op;
 	if (!alg->encrypt)
 		alg->encrypt = akcipher_default_op;
-	if (!alg->decrypt)
-		alg->decrypt = akcipher_default_op;
+	alg->decrypt = akcipher_default_op;
 
 	akcipher_prepare_alg(alg);
 	return crypto_register_alg(base);
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2300,7 +2300,7 @@
 	 * Don't invoke (decrypt or sign) test which require a private key
 	 * for vectors with only a public key.
 	 */
-	if (vecs->public_key_vec) {
+	if (1 || vecs->public_key_vec) {
 		err = 0;
 		goto free_all;
 	}