[EXTERNAL] [PATCH 5/5] crypto/cnxk: use timing-safe digest comparison
Tejasree Kondoj
ktejasree at marvell.com
Mon Jun 29 08:42:19 CEST 2026
Acked-by: Tejasree Kondoj <ktejasree at marvell.com>
> -----Original Message-----
> From: Stephen Hemminger <stephen at networkplumber.org>
> Sent: Thursday, June 25, 2026 9:27 PM
> To: dev at dpdk.org
> Cc: Stephen Hemminger <stephen at networkplumber.org>; stable at dpdk.org
> Subject: [EXTERNAL] [PATCH 5/5] crypto/cnxk: use timing-safe digest
> comparison
>
> compl_auth_verify() compared the generated and received MAC with
> memcmp(), which returns early on the first differing byte and leaks the
> number of matching leading bytes through timing.
>
> Use rte_memeq_timingsafe() for the verify comparison.
>
> Bugzilla ID: 1773
> Fixes: 786963fdcf3e ("crypto/cnxk: add digest support")
> Cc: stable at dpdk.org
>
> Signed-off-by: Stephen Hemminger <stephen at networkplumber.org>
> ---
> drivers/crypto/cnxk/cnxk_se.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
> index 8dbf3e73c7..d2306a9daf 100644
> --- a/drivers/crypto/cnxk/cnxk_se.h
> +++ b/drivers/crypto/cnxk/cnxk_se.h
> @@ -3282,7 +3282,7 @@ compl_auth_verify(struct rte_crypto_op *op,
> uint8_t *gen_mac, uint64_t mac_len)
> return;
> }
>
> - if (memcmp(mac, gen_mac, mac_len))
> + if (!rte_memeq_timingsafe(mac, gen_mac, mac_len))
> op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
> else
> op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
> --
> 2.53.0
More information about the stable
mailing list