tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
smb: client: Compare MACs in constant time
To prevent timing attacks, MAC comparisons need to be constant-time.
Replace the memcmp() with the correct function, crypto_memneq().
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: stable@vger.kernel.org
Acked-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
authored by
Eric Biggers
and committed by
Steve French
26bc83b8
8098179d
+5
-2
+2
-1
fs/smb/client/smb1encrypt.c
+2
-1
fs/smb/client/smb1encrypt.c
···
11
11
12
12
#include <linux/fips.h>
13
13
#include <crypto/md5.h>
14
+
#include <crypto/utils.h>
14
15
#include "cifsproto.h"
15
16
#include "smb1proto.h"
16
17
#include "cifs_debug.h"
···
132
131
/* cifs_dump_mem("what we think it should be: ",
133
132
what_we_think_sig_should_be, 16); */
134
133
135
-
if (memcmp(server_response_sig, what_we_think_sig_should_be, 8))
134
+
if (crypto_memneq(server_response_sig, what_we_think_sig_should_be, 8))
136
135
return -EACCES;
137
136
else
138
137
return 0;
+3
-1
fs/smb/client/smb2transport.c
+3
-1
fs/smb/client/smb2transport.c
···
20
20
#include <linux/highmem.h>
21
21
#include <crypto/aead.h>
22
22
#include <crypto/sha2.h>
23
+
#include <crypto/utils.h>
23
24
#include "cifsglob.h"
24
25
#include "cifsproto.h"
25
26
#include "smb2proto.h"
···
618
617
if (rc)
619
618
return rc;
620
619
621
-
if (memcmp(server_response_sig, shdr->Signature, SMB2_SIGNATURE_SIZE)) {
620
+
if (crypto_memneq(server_response_sig, shdr->Signature,
621
+
SMB2_SIGNATURE_SIZE)) {
622
622
cifs_dbg(VFS, "sign fail cmd 0x%x message id 0x%llx\n",
623
623
shdr->Command, shdr->MessageId);
624
624
return -EACCES;