mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-21 01:51:18 +00:00
dm crypt: make printing of the key constant-time
commit 567dd8f345
upstream.
The device mapper dm-crypt target is using scnprintf("%02x", cc->key[i]) to
report the current key to userspace. However, this is not a constant-time
operation and it may leak information about the key via timing, via cache
access patterns or via the branch predictor.
Change dm-crypt's key printing to use "%c" instead of "%02x". Also
introduce hex2asc() that carefully avoids any branching or memory
accesses when converting a number in the range 0 ... 15 to an ascii
character.
Cc: stable@vger.kernel.org
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Tested-by: Milan Broz <gmazyland@gmail.com>
Signed-off-by: Mike Snitzer <snitzer@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
ed0712361a
commit
fd77cb6220
1 changed files with 11 additions and 3 deletions
|
@ -3435,6 +3435,11 @@ static int crypt_map(struct dm_target *ti, struct bio *bio)
|
|||
return DM_MAPIO_SUBMITTED;
|
||||
}
|
||||
|
||||
static char hex2asc(unsigned char c)
|
||||
{
|
||||
return c + '0' + ((unsigned)(9 - c) >> 4 & 0x27);
|
||||
}
|
||||
|
||||
static void crypt_status(struct dm_target *ti, status_type_t type,
|
||||
unsigned status_flags, char *result, unsigned maxlen)
|
||||
{
|
||||
|
@ -3453,9 +3458,12 @@ static void crypt_status(struct dm_target *ti, status_type_t type,
|
|||
if (cc->key_size > 0) {
|
||||
if (cc->key_string)
|
||||
DMEMIT(":%u:%s", cc->key_size, cc->key_string);
|
||||
else
|
||||
for (i = 0; i < cc->key_size; i++)
|
||||
DMEMIT("%02x", cc->key[i]);
|
||||
else {
|
||||
for (i = 0; i < cc->key_size; i++) {
|
||||
DMEMIT("%c%c", hex2asc(cc->key[i] >> 4),
|
||||
hex2asc(cc->key[i] & 0xf));
|
||||
}
|
||||
}
|
||||
} else
|
||||
DMEMIT("-");
|
||||
|
||||
|
|
Loading…
Reference in a new issue