Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 10 Jun 2017 15:49:28 +0200
From: Marcel Holtmann <marcel@...tmann.org>
To: "Jason A. Donenfeld" <Jason@...c4.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
 kernel-hardening@...ts.openwall.com,
 "Gustavo F. Padovan" <gustavo@...ovan.org>,
 Johan Hedberg <johan.hedberg@...il.com>,
 linux-bluetooth@...r.kernel.org,
 stable@...r.kernel.org
Subject: Re: [PATCH 5/6] bluetooth/smp: use constant time memory comparison
 for secret values

Hi Jason,

> This file is filled with complex cryptography. Thus, the comparisons of
> MACs and secret keys and curve points and so forth should not add timing
> attacks, which could either result in a direct forgery, or, given the
> complexity, some other type of attack.
> 
> Signed-off-by: Jason A. Donenfeld <Jason@...c4.com>
> Cc: Marcel Holtmann <marcel@...tmann.org>
> Cc: Gustavo Padovan <gustavo@...ovan.org>
> Cc: Johan Hedberg <johan.hedberg@...il.com>
> Cc: linux-bluetooth@...r.kernel.org
> Cc: stable@...r.kernel.org
> ---
> net/bluetooth/smp.c | 39 ++++++++++++++++++++-------------------
> 1 file changed, 20 insertions(+), 19 deletions(-)

patch has been applied to bluetooth-next tree.

Regards

Marcel

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.