From: Lars Persson Date: Wed, 23 Jan 2019 11:59:45 +0000 (+0100) Subject: crypto: axis - use a constant time tag compare X-Git-Tag: v5.1-rc1~177^2~75 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=5997a245c77b754fb8ef807043066fcfde64858c;p=users%2Fhch%2Fblock.git crypto: axis - use a constant time tag compare Avoid plain memcmp() on the AEAD tag value as this could leak information through a timing side channel. Signed-off-by: Lars Persson Signed-off-by: Herbert Xu --- diff --git a/drivers/crypto/axis/artpec6_crypto.c b/drivers/crypto/axis/artpec6_crypto.c index 5089ad2c49f9..109efab6a9df 100644 --- a/drivers/crypto/axis/artpec6_crypto.c +++ b/drivers/crypto/axis/artpec6_crypto.c @@ -2201,9 +2201,9 @@ static void artpec6_crypto_complete_aead(struct crypto_async_request *req) areq->assoclen + areq->cryptlen - authsize); - if (memcmp(req_ctx->decryption_tag, - input_tag, - authsize)) { + if (crypto_memneq(req_ctx->decryption_tag, + input_tag, + authsize)) { pr_debug("***EBADMSG:\n"); print_hex_dump_debug("ref:", DUMP_PREFIX_ADDRESS, 32, 1, input_tag, authsize, true);