Re: [GIT PULL] smb3 client fixes

Next message: Long Li: "[PATCH 0/8] RDMA/mana_ib: Handle service reset for RDMA resources"
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH net v2] net: ncsi: fix skb leak in error paths"
In reply to: Linus Torvalds: "Re: [GIT PULL] smb3 client fixes"
Next in thread: pr-tracker-bot: "Re: [GIT PULL] smb3 client fixes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Steve French

Date: Fri Mar 06 2026 - 20:43:11 EST

On Fri, Mar 6, 2026 at 6:22 PM Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Fri, 6 Mar 2026 at 14:04, Steve French <smfrench@xxxxxxxxx> wrote:
> >
> > - Security fix
>
> Bah. I had to look this up - I don't think it's an actual security
> issue, just a (good) cleanup.
>
> Yes, yes, the old code did "memcmp" instead of "crypto_memneq". And
> yes, it's in theory timing-sensitive.
>
> But the two compares were of size 8 and 16, and at least clang
> generates a constant-time comparison for that anyway (I bet gcc does
> too):
>
> This is the 16-byte case:
>
> movq (%rdi), %rax
> movq 8(%rdi), %rcx
> xorq (%rsi), %rax
> xorq 8(%rsi), %rcx
> orq %rax, %rcx
> je ...
>
> and the 8-byte case is even more trivially constant-time.
>
> And I'm sure that you can get the compiler to generate garbage that is
> timing-sensitive by enabling some debug options that make code quality
> much worse, but my point is that as an explanation for the pull
> request, that "security fix" was just not a great explanation
> regardless.

Point taken.

--
Thanks,

Steve