diff options
Diffstat (limited to 'meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Add-helper-functions-for-constant-time-operations.patch')
| -rw-r--r-- | meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Add-helper-functions-for-constant-time-operations.patch | 222 |
1 files changed, 0 insertions, 222 deletions
diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Add-helper-functions-for-constant-time-operations.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Add-helper-functions-for-constant-time-operations.patch deleted file mode 100644 index fd6f2ce158..0000000000 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-Add-helper-functions-for-constant-time-operations.patch +++ /dev/null @@ -1,222 +0,0 @@ -From 6e34f618d37ddbb5854c42e2ad4fca83492fa7b7 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <jouni@codeaurora.org> -Date: Wed, 27 Feb 2019 18:38:30 +0200 -Subject: [PATCH 02/14] Add helper functions for constant time operations - -These functions can be used to help implement constant time operations -for various cryptographic operations that must minimize externally -observable differences in processing (both in timing and also in -internal cache use, etc.). - -This is related to CVE-2019-9494 and CVE-2019-9495. - -Signed-off-by: Jouni Malinen <jouni@codeaurora.org> -Signed-off-by: Adrian Bunk <bunk@stusta.de> -Upstream-Status: Backport -CVE: CVE-2019-9494 -CVE: CVE-2019-9495 ---- - src/utils/const_time.h | 191 +++++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 191 insertions(+) - create mode 100644 src/utils/const_time.h - -diff --git a/src/utils/const_time.h b/src/utils/const_time.h -new file mode 100644 -index 0000000..ab8f611 ---- /dev/null -+++ b/src/utils/const_time.h -@@ -0,0 +1,191 @@ -+/* -+ * Helper functions for constant time operations -+ * Copyright (c) 2019, The Linux Foundation -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ * -+ * These helper functions can be used to implement logic that needs to minimize -+ * externally visible differences in execution path by avoiding use of branches, -+ * avoiding early termination or other time differences, and forcing same memory -+ * access pattern regardless of values. -+ */ -+ -+#ifndef CONST_TIME_H -+#define CONST_TIME_H -+ -+ -+#if defined(__clang__) -+#define NO_UBSAN_UINT_OVERFLOW \ -+ __attribute__((no_sanitize("unsigned-integer-overflow"))) -+#else -+#define NO_UBSAN_UINT_OVERFLOW -+#endif -+ -+ -+/** -+ * const_time_fill_msb - Fill all bits with MSB value -+ * @val: Input value -+ * Returns: Value with all the bits set to the MSB of the input val -+ */ -+static inline unsigned int const_time_fill_msb(unsigned int val) -+{ -+ /* Move the MSB to LSB and multiple by -1 to fill in all bits. */ -+ return (val >> (sizeof(val) * 8 - 1)) * ~0U; -+} -+ -+ -+/* Returns: -1 if val is zero; 0 if val is not zero */ -+static inline unsigned int const_time_is_zero(unsigned int val) -+ NO_UBSAN_UINT_OVERFLOW -+{ -+ /* Set MSB to 1 for 0 and fill rest of bits with the MSB value */ -+ return const_time_fill_msb(~val & (val - 1)); -+} -+ -+ -+/* Returns: -1 if a == b; 0 if a != b */ -+static inline unsigned int const_time_eq(unsigned int a, unsigned int b) -+{ -+ return const_time_is_zero(a ^ b); -+} -+ -+ -+/* Returns: -1 if a == b; 0 if a != b */ -+static inline u8 const_time_eq_u8(unsigned int a, unsigned int b) -+{ -+ return (u8) const_time_eq(a, b); -+} -+ -+ -+/** -+ * const_time_eq_bin - Constant time memory comparison -+ * @a: First buffer to compare -+ * @b: Second buffer to compare -+ * @len: Number of octets to compare -+ * Returns: -1 if buffers are equal, 0 if not -+ * -+ * This function is meant for comparing passwords or hash values where -+ * difference in execution time or memory access pattern could provide external -+ * observer information about the location of the difference in the memory -+ * buffers. The return value does not behave like memcmp(), i.e., -+ * const_time_eq_bin() cannot be used to sort items into a defined order. Unlike -+ * memcmp(), the execution time of const_time_eq_bin() does not depend on the -+ * contents of the compared memory buffers, but only on the total compared -+ * length. -+ */ -+static inline unsigned int const_time_eq_bin(const void *a, const void *b, -+ size_t len) -+{ -+ const u8 *aa = a; -+ const u8 *bb = b; -+ size_t i; -+ u8 res = 0; -+ -+ for (i = 0; i < len; i++) -+ res |= aa[i] ^ bb[i]; -+ -+ return const_time_is_zero(res); -+} -+ -+ -+/** -+ * const_time_select - Constant time unsigned int selection -+ * @mask: 0 (false) or -1 (true) to identify which value to select -+ * @true_val: Value to select for the true case -+ * @false_val: Value to select for the false case -+ * Returns: true_val if mask == -1, false_val if mask == 0 -+ */ -+static inline unsigned int const_time_select(unsigned int mask, -+ unsigned int true_val, -+ unsigned int false_val) -+{ -+ return (mask & true_val) | (~mask & false_val); -+} -+ -+ -+/** -+ * const_time_select_int - Constant time int selection -+ * @mask: 0 (false) or -1 (true) to identify which value to select -+ * @true_val: Value to select for the true case -+ * @false_val: Value to select for the false case -+ * Returns: true_val if mask == -1, false_val if mask == 0 -+ */ -+static inline int const_time_select_int(unsigned int mask, int true_val, -+ int false_val) -+{ -+ return (int) const_time_select(mask, (unsigned int) true_val, -+ (unsigned int) false_val); -+} -+ -+ -+/** -+ * const_time_select_u8 - Constant time u8 selection -+ * @mask: 0 (false) or -1 (true) to identify which value to select -+ * @true_val: Value to select for the true case -+ * @false_val: Value to select for the false case -+ * Returns: true_val if mask == -1, false_val if mask == 0 -+ */ -+static inline u8 const_time_select_u8(u8 mask, u8 true_val, u8 false_val) -+{ -+ return (u8) const_time_select(mask, true_val, false_val); -+} -+ -+ -+/** -+ * const_time_select_s8 - Constant time s8 selection -+ * @mask: 0 (false) or -1 (true) to identify which value to select -+ * @true_val: Value to select for the true case -+ * @false_val: Value to select for the false case -+ * Returns: true_val if mask == -1, false_val if mask == 0 -+ */ -+static inline s8 const_time_select_s8(u8 mask, s8 true_val, s8 false_val) -+{ -+ return (s8) const_time_select(mask, (unsigned int) true_val, -+ (unsigned int) false_val); -+} -+ -+ -+/** -+ * const_time_select_bin - Constant time binary buffer selection copy -+ * @mask: 0 (false) or -1 (true) to identify which value to copy -+ * @true_val: Buffer to copy for the true case -+ * @false_val: Buffer to copy for the false case -+ * @len: Number of octets to copy -+ * @dst: Destination buffer for the copy -+ * -+ * This function copies the specified buffer into the destination buffer using -+ * operations with identical memory access pattern regardless of which buffer -+ * is being copied. -+ */ -+static inline void const_time_select_bin(u8 mask, const u8 *true_val, -+ const u8 *false_val, size_t len, -+ u8 *dst) -+{ -+ size_t i; -+ -+ for (i = 0; i < len; i++) -+ dst[i] = const_time_select_u8(mask, true_val[i], false_val[i]); -+} -+ -+ -+static inline int const_time_memcmp(const void *a, const void *b, size_t len) -+{ -+ const u8 *aa = a; -+ const u8 *bb = b; -+ int diff, res = 0; -+ unsigned int mask; -+ -+ if (len == 0) -+ return 0; -+ do { -+ len--; -+ diff = (int) aa[len] - (int) bb[len]; -+ mask = const_time_is_zero((unsigned int) diff); -+ res = const_time_select_int(mask, res, diff); -+ } while (len); -+ -+ return res; -+} -+ -+#endif /* CONST_TIME_H */ --- -2.7.4 - |