Bug#886556: linux-image-4.15.0-rc5-amd64: NULL pointer dereference in ecc_gen_privkey [ecdh_generic] at boot

[Mihai Basa <bmihai@gmail.com>]

Package: src:linux

Version: 4.15~rc5-1~exp1

Severity: important

Tags: patch

On boot, a NULL pointer dereference is encountered in ecc_gen_privkey in

the ecdh_generic module, on a Lenovo T430.

The system blocks for about 2 minutes with the attached error screens,

after which boot continues, but with a few missing systems (ethernet and

bluetooth, at least), and locks up completely when shutting down.

The problem is debugged and a patch provided (by someone other

than me) at: https://patchwork.kernel.org/patch/10054807/

Their patch (attached) hasn't appeared in the mainline kernel yet,

even though I it's been declared accepted since 2017-11-29.

All kernels from 4.13 up to the latest 4.15-rc5, manifest this bug on my

laptop. Kernel version 4.12 is the latest that does not exhibit it.

Thank you!

diff --git a/crypto/ecc.c b/crypto/ecc.c
index 633a9bcdc574..18f32f2a5e1c 100644
--- a/crypto/ecc.c
+++ b/crypto/ecc.c
@@ -964,7 +964,7 @@ int ecc_gen_privkey(unsigned int curve_id, unsigned int ndigits, u64 *privkey)
 	 * DRBG with a security strength of 256.
 	 */
 	if (crypto_get_default_rng())
-		err = -EFAULT;
+		return -EFAULT;
 
 	err = crypto_rng_get_bytes(crypto_default_rng, (u8 *)priv, nbytes);
 	crypto_put_default_rng();

Attachment: boot_screen1.jpg
Description: JPEG image

Attachment: boot_screen2.jpg
Description: JPEG image

Attachment: boot_screen3.jpg
Description: JPEG image