Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 613317bd212c585c20796c10afe5daaa95d4b0a1
commit613317bd212c585c20796c10afe5daaa95d4b0a1[log] [tgz]
authorRyan Ware <ware@linux.intel.com>Thu Feb 11 15:58:44 2016 -0800
committerJames Morris <james.l.morris@oracle.com>Fri Feb 12 18:36:47 2016 +1100
tree6bee35907a40edcb437683c4b33f2ee655091a66
parentc05235d50f681bf685e7290cae05ab3b4fa493f3 [diff]
EVM: Use crypto_memneq() for digest comparisons

This patch fixes vulnerability CVE-2016-2085.  The problem exists
because the vm_verify_hmac() function includes a use of memcmp().
Unfortunately, this allows timing side channel attacks; specifically
a MAC forgery complexity drop from 2^128 to 2^12.  This patch changes
the memcmp() to the cryptographically safe crypto_memneq().

Reported-by: Xiaofei Rex Guo <xiaofei.rex.guo@intel.com>
Signed-off-by: Ryan Ware <ware@linux.intel.com>
Cc: stable@vger.kernel.org
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
1 file changed
tree: 6bee35907a40edcb437683c4b33f2ee655091a66
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .get_maintainer.ignore
  24. .gitignore
  25. .mailmap
  26. COPYING
  27. CREDITS
  28. Kbuild
  29. Kconfig
  30. MAINTAINERS
  31. Makefile
  32. README
  33. REPORTING-BUGS