Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

net/tcp-ao: Fix MAC comparison to be constant-time

To prevent timing attacks, MACs need to be compared in constant
time. Use the appropriate helper function for this.

Fixes: 0a3a809089eb ("net/tcp: Verify inbound TCP-AO signed segments")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Reviewed-by: Dmitry Safonov <0x7f454c46@gmail.com>
Link: https://patch.msgid.link/20260302203600.13561-1-ebiggers@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

authored by

Eric Biggers and committed by
Jakub Kicinski
67edfec5 2ffb4f5c

+3 -1
+1
net/ipv4/Kconfig
··· 748 748 config TCP_AO 749 749 bool "TCP: Authentication Option (RFC5925)" 750 750 select CRYPTO 751 + select CRYPTO_LIB_UTILS 751 752 select TCP_SIGPOOL 752 753 depends on 64BIT && IPV6 != m # seq-number extension needs WRITE_ONCE(u64) 753 754 help
+2 -1
net/ipv4/tcp_ao.c
··· 10 10 #define pr_fmt(fmt) "TCP: " fmt 11 11 12 12 #include <crypto/hash.h> 13 + #include <crypto/utils.h> 13 14 #include <linux/inetdevice.h> 14 15 #include <linux/tcp.h> 15 16 ··· 923 922 /* XXX: make it per-AF callback? */ 924 923 tcp_ao_hash_skb(family, hash_buf, key, sk, skb, traffic_key, 925 924 (phash - (u8 *)th), sne); 926 - if (memcmp(phash, hash_buf, maclen)) { 925 + if (crypto_memneq(phash, hash_buf, maclen)) { 927 926 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAOBAD); 928 927 atomic64_inc(&info->counters.pkt_bad); 929 928 atomic64_inc(&key->pkt_bad);