On 11/02/2017 12:25 AM, Eric Biggers wrote:
From: Eric Biggers
If 'p' is 0 for the software Diffie-Hellman implementation, then
dh_max_size() returns 0. In the case of KEYCTL_DH_COMPUTE, this causes
ZERO_SIZE_POINTER to be passed to sg_init_one(), which with
CONFIG_DEBUG_SG=y triggers the 'B
On Thu, Nov 02, 2017 at 01:40:51PM +0200, Tudor Ambarus wrote:
> Hi, Eric,
>
> On 11/02/2017 12:25 AM, Eric Biggers wrote:
> >If 'p' is 0 for the software Diffie-Hellman implementation, then
> >dh_max_size() returns 0.
>
> dh_set_secret() returns -EINVAL if p_len < 1536, see
> dh_check_params_len
Hi, Eric,
On 11/02/2017 12:25 AM, Eric Biggers wrote:
If 'p' is 0 for the software Diffie-Hellman implementation, then
dh_max_size() returns 0.
dh_set_secret() returns -EINVAL if p_len < 1536, see
dh_check_params_length(). What am I missing?
Cheers,
ta
From: Eric Biggers
If 'p' is 0 for the software Diffie-Hellman implementation, then
dh_max_size() returns 0. In the case of KEYCTL_DH_COMPUTE, this causes
ZERO_SIZE_POINTER to be passed to sg_init_one(), which with
CONFIG_DEBUG_SG=y triggers the 'BUG_ON(!virt_addr_valid(buf));' in
sg_set_buf().
