Bluetooth: hci_event: Fix using memcmp when comparing keys
authorLuiz Augusto von Dentz <luiz.von.dentz@intel.com>
Thu, 5 Oct 2023 20:59:59 +0000 (13:59 -0700)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 25 Oct 2023 10:03:12 +0000 (12:03 +0200)
commita1a9e57037e022ec77bcbda08bb460684af8f44b
tree93f6b1f91c0e360a9e68a74acd24cdc1170a8580
parent758610516f0b66adecb3e2308c2d1f7cd34ba8b6
Bluetooth: hci_event: Fix using memcmp when comparing keys

[ Upstream commit b541260615f601ae1b5d6d0cc54e790de706303b ]

memcmp is not consider safe to use with cryptographic secrets:

 'Do  not  use memcmp() to compare security critical data, such as
 cryptographic secrets, because the required CPU time depends on the
 number of equal bytes.'

While usage of memcmp for ZERO_KEY may not be considered a security
critical data, it can lead to more usage of memcmp with pairing keys
which could introduce more security problems.

Fixes: 455c2ff0a558 ("Bluetooth: Fix BR/EDR out-of-band pairing with only initiator data")
Fixes: 33155c4aae52 ("Bluetooth: hci_event: Ignore NULL link key")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
net/bluetooth/hci_event.c