[EXTERNAL] [PATCH 5/5] crypto/cnxk: use timing-safe digest comparison

Tejasree Kondoj ktejasree at marvell.com
Mon Jun 29 08:42:19 CEST 2026


Acked-by: Tejasree Kondoj <ktejasree at marvell.com>

> -----Original Message-----
> From: Stephen Hemminger <stephen at networkplumber.org>
> Sent: Thursday, June 25, 2026 9:27 PM
> To: dev at dpdk.org
> Cc: Stephen Hemminger <stephen at networkplumber.org>; stable at dpdk.org
> Subject: [EXTERNAL] [PATCH 5/5] crypto/cnxk: use timing-safe digest
> comparison
> 
> compl_auth_verify() compared the generated and received MAC with
> memcmp(), which returns early on the first differing byte and leaks the
> number of matching leading bytes through timing.
> 
> Use rte_memeq_timingsafe() for the verify comparison.
> 
> Bugzilla ID: 1773
> Fixes: 786963fdcf3e ("crypto/cnxk: add digest support")
> Cc: stable at dpdk.org
> 
> Signed-off-by: Stephen Hemminger <stephen at networkplumber.org>
> ---
>  drivers/crypto/cnxk/cnxk_se.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
> index 8dbf3e73c7..d2306a9daf 100644
> --- a/drivers/crypto/cnxk/cnxk_se.h
> +++ b/drivers/crypto/cnxk/cnxk_se.h
> @@ -3282,7 +3282,7 @@ compl_auth_verify(struct rte_crypto_op *op,
> uint8_t *gen_mac, uint64_t mac_len)
>  		return;
>  	}
> 
> -	if (memcmp(mac, gen_mac, mac_len))
> +	if (!rte_memeq_timingsafe(mac, gen_mac, mac_len))
>  		op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
>  	else
>  		op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
> --
> 2.53.0



More information about the stable mailing list