From: Hannes Reinecke <hare@suse.de>
To: Xixin Liu <liuxixin@kylinos.cn>, linux-nvme@lists.infradead.org
Cc: kbusch@kernel.org, axboe@kernel.dk, hch@lst.de, sagi@grimberg.me,
kch@nvidia.com, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v1 1/1] nvme-auth: use crypto_memneq for DH-HMAC-CHAP response comparison
Date: Fri, 3 Jul 2026 08:24:15 +0200 [thread overview]
Message-ID: <df336dde-f70b-4ddf-b77d-b9b910d2c10e@suse.de> (raw)
In-Reply-To: <0001.nvme-auth-memneq.1781751816.git.liuxixin@kylinos.cn>
On 7/1/26 8:30 AM, Xixin Liu wrote:
> DH-HMAC-CHAP authentication compares HMAC response digests with memcmp().
> Standard memcmp() may stop at the first differing byte, which can leak
> timing information to a remote attacker and allow incremental recovery
> of the expected digest.
>
> Use crypto_memneq() for constant-time comparison on both the host path
> that validates the controller Success1 response and the target path that
> validates the host Reply digest. Other memcmp() uses in the NVMe auth
> code (e.g. fixed string prefix checks) are not security-sensitive and
> are left unchanged.
>
> Signed-off-by: Xixin Liu <liuxixin@kylinos.cn>
> ---
> drivers/nvme/host/auth.c | 3 ++-
> drivers/nvme/target/fabrics-cmd-auth.c | 3 ++-
> 2 files changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/nvme/host/auth.c b/drivers/nvme/host/auth.c
> index 111111111111..222222222222 100644
> --- a/drivers/nvme/host/auth.c
> +++ b/drivers/nvme/host/auth.c
> @@ -8,6 +8,7 @@
> #include <linux/prandom.h>
> #include <linux/unaligned.h>
> #include <crypto/dh.h>
> +#include <crypto/utils.h>
> #include "nvme.h"
> #include "fabrics.h"
> #include <linux/nvme-auth.h>
> @@ -361,7 +362,7 @@ static int nvme_auth_process_dhchap_success1(struct nvme_ctrl *ctrl,
> return 0;
>
> /* Validate controller response */
> - if (memcmp(chap->response, data->rval, data->hl)) {
> + if (crypto_memneq(chap->response, data->rval, data->hl)) {
> dev_dbg(ctrl->device, "%s: qid %d ctrl response %*ph\n",
> __func__, chap->qid, (int)chap->hash_len, data->rval);
> dev_dbg(ctrl->device, "%s: qid %d host response %*ph\n",
> diff --git a/drivers/nvme/target/fabrics-cmd-auth.c b/drivers/nvme/target/fabrics-cmd-auth.c
> index 333333333333..444444444444 100644
> --- a/drivers/nvme/target/fabrics-cmd-auth.c
> +++ b/drivers/nvme/target/fabrics-cmd-auth.c
> @@ -8,6 +8,7 @@
> #include <linux/random.h>
> #include <linux/nvme-auth.h>
> #include <crypto/kpp.h>
> +#include <crypto/utils.h>
> #include "nvmet.h"
>
> static void nvmet_auth_expired_work(struct work_struct *work)
> @@ -177,7 +178,7 @@ static u16 nvmet_auth_reply(struct nvmet_req *req,
> return NVME_AUTH_DHCHAP_FAILURE_FAILED;
> }
>
> - if (memcmp(data->rval, response, data->hl)) {
> + if (crypto_memneq(data->rval, response, data->hl)) {
> pr_info("ctrl %d qid %d host response mismatch\n",
> ctrl->cntlid, req->sq->qid);
> pr_debug("ctrl %d qid %d rval %*ph\n",
Reviewed-by: Hannes Reinecke <hare@kernel.org>
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare@suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
prev parent reply other threads:[~2026-07-03 6:24 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-01 6:30 [PATCH v1 0/1] nvme-auth: constant-time " Xixin Liu
2026-07-01 6:30 ` [PATCH v1 1/1] nvme-auth: use crypto_memneq for " Xixin Liu
2026-07-02 14:13 ` Christoph Hellwig
2026-07-03 6:24 ` Hannes Reinecke [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=df336dde-f70b-4ddf-b77d-b9b910d2c10e@suse.de \
--to=hare@suse.de \
--cc=axboe@kernel.dk \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=kch@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=liuxixin@kylinos.cn \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox