| 1 | /* |
|---|---|
| 2 | * Constant-time equality testing of memory regions. |
| 3 | * |
| 4 | * Authors: |
| 5 | * |
| 6 | * James Yonan <james@openvpn.net> |
| 7 | * Daniel Borkmann <dborkman@redhat.com> |
| 8 | * |
| 9 | * This file is provided under a dual BSD/GPLv2 license. When using or |
| 10 | * redistributing this file, you may do so under either license. |
| 11 | * |
| 12 | * GPL LICENSE SUMMARY |
| 13 | * |
| 14 | * Copyright(c) 2013 OpenVPN Technologies, Inc. All rights reserved. |
| 15 | * |
| 16 | * This program is free software; you can redistribute it and/or modify |
| 17 | * it under the terms of version 2 of the GNU General Public License as |
| 18 | * published by the Free Software Foundation. |
| 19 | * |
| 20 | * This program is distributed in the hope that it will be useful, but |
| 21 | * WITHOUT ANY WARRANTY; without even the implied warranty of |
| 22 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| 23 | * General Public License for more details. |
| 24 | * |
| 25 | * You should have received a copy of the GNU General Public License |
| 26 | * along with this program; if not, write to the Free Software |
| 27 | * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. |
| 28 | * The full GNU General Public License is included in this distribution |
| 29 | * in the file called LICENSE.GPL. |
| 30 | * |
| 31 | * BSD LICENSE |
| 32 | * |
| 33 | * Copyright(c) 2013 OpenVPN Technologies, Inc. All rights reserved. |
| 34 | * |
| 35 | * Redistribution and use in source and binary forms, with or without |
| 36 | * modification, are permitted provided that the following conditions |
| 37 | * are met: |
| 38 | * |
| 39 | * * Redistributions of source code must retain the above copyright |
| 40 | * notice, this list of conditions and the following disclaimer. |
| 41 | * * Redistributions in binary form must reproduce the above copyright |
| 42 | * notice, this list of conditions and the following disclaimer in |
| 43 | * the documentation and/or other materials provided with the |
| 44 | * distribution. |
| 45 | * * Neither the name of OpenVPN Technologies nor the names of its |
| 46 | * contributors may be used to endorse or promote products derived |
| 47 | * from this software without specific prior written permission. |
| 48 | * |
| 49 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 50 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 51 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 52 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 53 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 54 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 55 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 56 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 57 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 58 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 59 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 60 | */ |
| 61 | |
| 62 | #include <crypto/algapi.h> |
| 63 | #include <linux/export.h> |
| 64 | #include <linux/module.h> |
| 65 | #include <linux/unaligned.h> |
| 66 | |
| 67 | /* Generic path for arbitrary size */ |
| 68 | static inline unsigned long |
| 69 | __crypto_memneq_generic(const void *a, const void *b, size_t size) |
| 70 | { |
| 71 | unsigned long neq = 0; |
| 72 | |
| 73 | #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) |
| 74 | while (size >= sizeof(unsigned long)) { |
| 75 | neq |= get_unaligned((unsigned long *)a) ^ |
| 76 | get_unaligned((unsigned long *)b); |
| 77 | OPTIMIZER_HIDE_VAR(neq); |
| 78 | a += sizeof(unsigned long); |
| 79 | b += sizeof(unsigned long); |
| 80 | size -= sizeof(unsigned long); |
| 81 | } |
| 82 | #endif /* CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS */ |
| 83 | while (size > 0) { |
| 84 | neq |= *(unsigned char *)a ^ *(unsigned char *)b; |
| 85 | OPTIMIZER_HIDE_VAR(neq); |
| 86 | a += 1; |
| 87 | b += 1; |
| 88 | size -= 1; |
| 89 | } |
| 90 | return neq; |
| 91 | } |
| 92 | |
| 93 | /* Loop-free fast-path for frequently used 16-byte size */ |
| 94 | static inline unsigned long __crypto_memneq_16(const void *a, const void *b) |
| 95 | { |
| 96 | unsigned long neq = 0; |
| 97 | |
| 98 | #ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS |
| 99 | if (sizeof(unsigned long) == 8) { |
| 100 | neq |= get_unaligned((unsigned long *)a) ^ |
| 101 | get_unaligned((unsigned long *)b); |
| 102 | OPTIMIZER_HIDE_VAR(neq); |
| 103 | neq |= get_unaligned((unsigned long *)(a + 8)) ^ |
| 104 | get_unaligned((unsigned long *)(b + 8)); |
| 105 | OPTIMIZER_HIDE_VAR(neq); |
| 106 | } else if (sizeof(unsigned int) == 4) { |
| 107 | neq |= get_unaligned((unsigned int *)a) ^ |
| 108 | get_unaligned((unsigned int *)b); |
| 109 | OPTIMIZER_HIDE_VAR(neq); |
| 110 | neq |= get_unaligned((unsigned int *)(a + 4)) ^ |
| 111 | get_unaligned((unsigned int *)(b + 4)); |
| 112 | OPTIMIZER_HIDE_VAR(neq); |
| 113 | neq |= get_unaligned((unsigned int *)(a + 8)) ^ |
| 114 | get_unaligned((unsigned int *)(b + 8)); |
| 115 | OPTIMIZER_HIDE_VAR(neq); |
| 116 | neq |= get_unaligned((unsigned int *)(a + 12)) ^ |
| 117 | get_unaligned((unsigned int *)(b + 12)); |
| 118 | OPTIMIZER_HIDE_VAR(neq); |
| 119 | } else |
| 120 | #endif /* CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS */ |
| 121 | { |
| 122 | neq |= *(unsigned char *)(a) ^ *(unsigned char *)(b); |
| 123 | OPTIMIZER_HIDE_VAR(neq); |
| 124 | neq |= *(unsigned char *)(a+1) ^ *(unsigned char *)(b+1); |
| 125 | OPTIMIZER_HIDE_VAR(neq); |
| 126 | neq |= *(unsigned char *)(a+2) ^ *(unsigned char *)(b+2); |
| 127 | OPTIMIZER_HIDE_VAR(neq); |
| 128 | neq |= *(unsigned char *)(a+3) ^ *(unsigned char *)(b+3); |
| 129 | OPTIMIZER_HIDE_VAR(neq); |
| 130 | neq |= *(unsigned char *)(a+4) ^ *(unsigned char *)(b+4); |
| 131 | OPTIMIZER_HIDE_VAR(neq); |
| 132 | neq |= *(unsigned char *)(a+5) ^ *(unsigned char *)(b+5); |
| 133 | OPTIMIZER_HIDE_VAR(neq); |
| 134 | neq |= *(unsigned char *)(a+6) ^ *(unsigned char *)(b+6); |
| 135 | OPTIMIZER_HIDE_VAR(neq); |
| 136 | neq |= *(unsigned char *)(a+7) ^ *(unsigned char *)(b+7); |
| 137 | OPTIMIZER_HIDE_VAR(neq); |
| 138 | neq |= *(unsigned char *)(a+8) ^ *(unsigned char *)(b+8); |
| 139 | OPTIMIZER_HIDE_VAR(neq); |
| 140 | neq |= *(unsigned char *)(a+9) ^ *(unsigned char *)(b+9); |
| 141 | OPTIMIZER_HIDE_VAR(neq); |
| 142 | neq |= *(unsigned char *)(a+10) ^ *(unsigned char *)(b+10); |
| 143 | OPTIMIZER_HIDE_VAR(neq); |
| 144 | neq |= *(unsigned char *)(a+11) ^ *(unsigned char *)(b+11); |
| 145 | OPTIMIZER_HIDE_VAR(neq); |
| 146 | neq |= *(unsigned char *)(a+12) ^ *(unsigned char *)(b+12); |
| 147 | OPTIMIZER_HIDE_VAR(neq); |
| 148 | neq |= *(unsigned char *)(a+13) ^ *(unsigned char *)(b+13); |
| 149 | OPTIMIZER_HIDE_VAR(neq); |
| 150 | neq |= *(unsigned char *)(a+14) ^ *(unsigned char *)(b+14); |
| 151 | OPTIMIZER_HIDE_VAR(neq); |
| 152 | neq |= *(unsigned char *)(a+15) ^ *(unsigned char *)(b+15); |
| 153 | OPTIMIZER_HIDE_VAR(neq); |
| 154 | } |
| 155 | |
| 156 | return neq; |
| 157 | } |
| 158 | |
| 159 | /* Compare two areas of memory without leaking timing information, |
| 160 | * and with special optimizations for common sizes. Users should |
| 161 | * not call this function directly, but should instead use |
| 162 | * crypto_memneq defined in crypto/algapi.h. |
| 163 | */ |
| 164 | noinline unsigned long __crypto_memneq(const void *a, const void *b, |
| 165 | size_t size) |
| 166 | { |
| 167 | switch (size) { |
| 168 | case 16: |
| 169 | return __crypto_memneq_16(a, b); |
| 170 | default: |
| 171 | return __crypto_memneq_generic(a, b, size); |
| 172 | } |
| 173 | } |
| 174 | EXPORT_SYMBOL(__crypto_memneq); |
| 175 |
Generated on 2025-Oct-12 from project Linux revision 6.17.0 (67029a49db6c)
Powered by 
Code Browser 2.1
Generator usage only permitted with license.