averello/linux-stable-mirror
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2026-04-29 12:28:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ecdba236bc352320ffa8c7cef41c5e83906e94de
linux-stable-mirror/drivers/md/dm-crypt.c
T
Mikulas Patocka fd77cb6220 dm crypt: make printing of the key constant-time 
commit 567dd8f345 upstream.

The device mapper dm-crypt target is using scnprintf("%02x", cc->key[i]) to
report the current key to userspace. However, this is not a constant-time
operation and it may leak information about the key via timing, via cache
access patterns or via the branch predictor.

Change dm-crypt's key printing to use "%c" instead of "%02x". Also
introduce hex2asc() that carefully avoids any branching or memory
accesses when converting a number in the range 0 ... 15 to an ascii
character.

Cc: stable@vger.kernel.org
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Tested-by: Milan Broz <gmazyland@gmail.com>
Signed-off-by: Mike Snitzer <snitzer@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-06-06 08:43:40 +02:00

94 KiB
Raw Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink