thunderbolt: Compare HMAC values in constant time

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

To prevent timing attacks, HMAC value comparison needs to be constant
time. Replace the memcmp() with the correct function, crypto_memneq().

Fixes: f67cf491175a ("thunderbolt: Add support for Internal Connection Manager (ICM)")
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>

authored by

Eric Biggers and committed by

Mika Westerberg 8 months ago dced755d 8f5ae30d

+2 -1

1 changed file

expand all

drivers

thunderbolt

domain.c

+2 -1

drivers/thunderbolt/domain.c

··· 13 13 #include <linux/slab.h> 14 14 #include <linux/random.h> 15 15 #include <crypto/hash.h> 16 + #include <crypto/utils.h> 16 17 17 18 #include "tb.h" 18 19 ··· 749 748 goto err_free_shash; 750 749 751 750 /* The returned HMAC must match the one we calculated */ 752 - if (memcmp(response, hmac, sizeof(hmac))) { 751 + if (crypto_memneq(response, hmac, sizeof(hmac))) { 753 752 ret = -EKEYREJECTED; 754 753 goto err_free_shash; 755 754 }