[PATCH 2/6] net/ipv6: use constant time memory comparison for mac

From: Jason A. Donenfeld
Date: Fri Jun 09 2017 - 23:00:54 EST

Next message: Ross Zwisler: "Re: [PATCH 1/3] mm: add vm_insert_mixed_mkwrite()"
Previous message: Jason A. Donenfeld: "[PATCH 1/6] sunrpc: use constant time memory comparison for mac"
In reply to: Jason A. Donenfeld: "[PATCH 1/6] sunrpc: use constant time memory comparison for mac"
Next in thread: Kalle Valo: "Re: [PATCH 0/6] Constant Time Memory Comparisons Are Important"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Otherwise, we enable a MAC forgery via timing attack.

Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx>
Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>
Cc: netdev@xxxxxxxxxxxxxxx
Cc: stable@xxxxxxxxxxxxxxx
---
net/ipv6/seg6_hmac.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/ipv6/seg6_hmac.c b/net/ipv6/seg6_hmac.c
index f950cb53d5e3..54213c83b44e 100644
--- a/net/ipv6/seg6_hmac.c
+++ b/net/ipv6/seg6_hmac.c
@@ -38,6 +38,7 @@
#include <net/xfrm.h>

#include <linux/cryptohash.h>
+#include <crypto/algapi.h>
#include <crypto/hash.h>
#include <crypto/sha.h>
#include <net/seg6.h>
@@ -274,7 +275,7 @@ bool seg6_hmac_validate_skb(struct sk_buff *skb)
if (seg6_hmac_compute(hinfo, srh, &ipv6_hdr(skb)->saddr, hmac_output))
return false;

- if (memcmp(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN) != 0)
+ if (crypto_memneq(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN))
return false;

return true;
--
2.13.1

Next message: Ross Zwisler: "Re: [PATCH 1/3] mm: add vm_insert_mixed_mkwrite()"
Previous message: Jason A. Donenfeld: "[PATCH 1/6] sunrpc: use constant time memory comparison for mac"
In reply to: Jason A. Donenfeld: "[PATCH 1/6] sunrpc: use constant time memory comparison for mac"
Next in thread: Kalle Valo: "Re: [PATCH 0/6] Constant Time Memory Comparisons Are Important"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]