Re: [PATCH] lib: memcmp_nta: add timing-attack secure memcmp

From: Daniel Borkmann
Date: Mon Feb 11 2013 - 03:19:17 EST


On 02/11/2013 12:50 AM, Greg KH wrote:
On Mon, Feb 11, 2013 at 12:30:51AM +0100, Daniel Borkmann wrote:
On 02/11/2013 12:24 AM, Joe Perches wrote:
On Sun, 2013-02-10 at 23:00 +0100, Daniel Borkmann wrote:
add memcmp_nta ({n}o {t}iming {a}ttacks)

Why should this be in the kernel?

As the commit message already says, so that current or future (e.g.) network
protocol code or modules can make use of this when dealing with cryptographic
hash comparisons.

Do we have any in-kernel users that need this? If not, then don't add
it now, but rather, add it when we actually have a user. We almost
never add kernel functions that no one calls, that would be just
wasteful.

Agreed, I think there are users for it. But I'll resend a set at a later point
in time, after some more testing and verifying.

Thanks, Greg.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/