Acked-by: Tejasree Kondoj <[email protected]>
> -----Original Message-----
> From: Stephen Hemminger <[email protected]>
> Sent: Thursday, June 25, 2026 9:27 PM
> To: [email protected]
> Cc: Stephen Hemminger <[email protected]>; [email protected]
> Subject: [EXTERNAL] [PATCH 5/5] crypto/cnxk: use timing-safe digest
> comparison
>
> compl_auth_verify() compared the generated and received MAC with
> memcmp(), which returns early on the first differing byte and leaks the
> number of matching leading bytes through timing.
>
> Use rte_memeq_timingsafe() for the verify comparison.
>
> Bugzilla ID: 1773
> Fixes: 786963fdcf3e ("crypto/cnxk: add digest support")
> Cc: [email protected]
>
> Signed-off-by: Stephen Hemminger <[email protected]>
> ---
> drivers/crypto/cnxk/cnxk_se.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
> index 8dbf3e73c7..d2306a9daf 100644
> --- a/drivers/crypto/cnxk/cnxk_se.h
> +++ b/drivers/crypto/cnxk/cnxk_se.h
> @@ -3282,7 +3282,7 @@ compl_auth_verify(struct rte_crypto_op *op,
> uint8_t *gen_mac, uint64_t mac_len)
> return;
> }
>
> - if (memcmp(mac, gen_mac, mac_len))
> + if (!rte_memeq_timingsafe(mac, gen_mac, mac_len))
> op->status = RTE_CRYPTO_OP_STATUS_AUTH_FAILED;
> else
> op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
> --
> 2.53.0
