tplink_xx230v/kernel
2
0
Fork 0
Code Issues 3 Pull Requests 1 Projects 1 Activity
Files
airoha_en7523
kernel/security
History
Eric Biggers ec230e7ac6 KEYS: trusted_tpm1: Compare HMAC values in constant time 
commit eed0e3d305530066b4fc5370107cff8ef1a0d229 upstream.

To prevent timing attacks, HMAC value comparison needs to be constant
time.  Replace the memcmp() with the correct function, crypto_memneq().

[For the Fixes commit I used the commit that introduced the memcmp().
It predates the introduction of crypto_memneq(), but it was still a bug
at the time even though a helper function didn't exist yet.]

Fixes: d00a1c72f7 ("keys: add new trusted key-type")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-10-19 16:33:51 +02:00
..
apparmor
apparmor: Fix 8-byte alignment for initial dfa blob streams
2025-08-28 16:30:56 +02:00
bpf
bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0
2024-09-11 10:11:36 -07:00
integrity
ima: process_measurement() needlessly takes inode_lock() on MAY_READ
2025-05-29 11:02:00 +02:00
ipe
ipe: fallback to platform keyring also if key in trusted keyring is rejected
2024-10-18 12:14:53 -07:00
keys
KEYS: trusted_tpm1: Compare HMAC values in constant time
2025-10-19 16:33:51 +02:00
landlock
landlock: Prepare to add second errata
2025-04-20 10:15:56 +02:00
loadpin
introduce fd_file(), convert all accessors to it.
2024-08-12 22:00:43 -04:00
lockdown
lockdown: Make lockdown_lsmid static
2024-08-15 12:11:42 -04:00
safesetid
safesetid: check size of policy writes
2025-02-17 10:04:49 +01:00
selinux
selinux: change security_compute_sid to return the ssid or tsid on match
2025-07-10 16:05:04 +02:00
smack
smack: Revert "smackfs: Added check catlen"
2025-05-29 11:02:48 +02:00
tomoyo
tomoyo: don't emit warning in tomoyo_write_control()
2025-02-17 10:04:50 +01:00
yama
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
commoncap.c
lsm: Refactor return value of LSM hook vm_enough_memory
2024-07-31 14:46:51 -04:00
device_cgroup.c
device_cgroup: Fix kernel-doc warnings in device_cgroup
2023-06-21 09:30:49 -04:00
inode.c
securityfs: don't pin dentries twice, once is enough...
2025-08-20 18:30:21 +02:00
Kconfig
lsm: CONFIG_LSM can depend on CONFIG_SECURITY
2025-10-15 11:59:55 +02:00
Kconfig.hardening
hardening: Adjust dependencies in selection of MODVERSIONS
2024-09-28 13:56:03 -07:00
lsm_audit.c
lsm_syscalls.c
lsm: use 32-bit compatible data types in LSM syscalls
2024-03-14 11:31:26 -04:00
Makefile
lsm: add IPE lsm
2024-08-19 22:36:26 -04:00
min_addr.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
security.c
bcachefs: do not use PF_MEMALLOC_NORECLAIM
2024-10-09 12:47:18 -07:00