Avoid plain memcmp() on the AEAD tag value as this could leak
information through a timing side channel.
Signed-off-by: Lars Persson <larper@xxxxxxxx>
---
drivers/crypto/axis/artpec6_crypto.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/axis/artpec6_crypto.c b/drivers/crypto/axis/artpec6_crypto.c
index 1be5bdd658a4..71ef9ce68fd8 100644
--- a/drivers/crypto/axis/artpec6_crypto.c
+++ b/drivers/crypto/axis/artpec6_crypto.c
@@ -2201,9 +2201,9 @@ static void artpec6_crypto_complete_aead(struct crypto_async_request *req)
areq->assoclen + areq->cryptlen -
authsize);
- if (memcmp(req_ctx->decryption_tag,
- input_tag,
- authsize)) {
+ if (crypto_memneq(req_ctx->decryption_tag,
+ input_tag,
+ authsize)) {
pr_debug("***EBADMSG:\n");
print_hex_dump_debug("ref:", DUMP_PREFIX_ADDRESS, 32, 1,
input_tag, authsize, true);
--
2.11.0
