tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

crypto: arch - use crypto_memneq instead of memcmp

Replace remaining occurences (just as we did in crypto/) under arch/*/crypto/
that make use of memcmp() for comparing keys or authentication tags for
usage with crypto_memneq(). It can simply be used as a drop-in replacement
for the normal memcmp().

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: James Yonan <james@openvpn.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Daniel Borkmann and committed by
Herbert Xu fed28611 369f3dab

+4 -4
+3 -3
arch/s390/crypto/des_s390.c
··· 237 237 struct s390_des_ctx *ctx = crypto_tfm_ctx(tfm); 238 238 u32 *flags = &tfm->crt_flags; 239 239 240 - if (!(memcmp(key, &key[DES_KEY_SIZE], DES_KEY_SIZE) && 241 - memcmp(&key[DES_KEY_SIZE], &key[DES_KEY_SIZE * 2], 242 - DES_KEY_SIZE)) && 240 + if (!(crypto_memneq(key, &key[DES_KEY_SIZE], DES_KEY_SIZE) && 241 + crypto_memneq(&key[DES_KEY_SIZE], &key[DES_KEY_SIZE * 2], 242 + DES_KEY_SIZE)) && 243 243 (*flags & CRYPTO_TFM_REQ_WEAK_KEY)) { 244 244 *flags |= CRYPTO_TFM_RES_WEAK_KEY; 245 245 return -EINVAL;
+1 -1
arch/x86/crypto/aesni-intel_glue.c
··· 1001 1001 authTag, auth_tag_len); 1002 1002 1003 1003 /* Compare generated tag with passed in tag. */ 1004 - retval = memcmp(src + tempCipherLen, authTag, auth_tag_len) ? 1004 + retval = crypto_memneq(src + tempCipherLen, authTag, auth_tag_len) ? 1005 1005 -EBADMSG : 0; 1006 1006 1007 1007 if (one_entry_in_sg) {