From a6b1f78b5dd3e8fcc5bc754a20d5f3bffbde6e62 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sat, 22 Jul 2017 15:08:56 +0200
Subject: [PATCH] 3.18-stable patches

added patches:
	bluetooth-use-constant-time-memory-comparison-for-secret-values.patch
---
 ...-memory-comparison-for-secret-values.patch | 50 +++++++++++++++++++
 queue-3.18/series                             |  1 +
 2 files changed, 51 insertions(+)
 create mode 100644 queue-3.18/bluetooth-use-constant-time-memory-comparison-for-secret-values.patch

diff --git a/queue-3.18/bluetooth-use-constant-time-memory-comparison-for-secret-values.patch b/queue-3.18/bluetooth-use-constant-time-memory-comparison-for-secret-values.patch
new file mode 100644
index 00000000000..d9a5be630aa
--- /dev/null
+++ b/queue-3.18/bluetooth-use-constant-time-memory-comparison-for-secret-values.patch
@@ -0,0 +1,50 @@
+From 329d82309824ff1082dc4a91a5bbed8c3bec1580 Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason@zx2c4.com>
+Date: Sat, 10 Jun 2017 04:59:11 +0200
+Subject: Bluetooth: use constant time memory comparison for secret values
+
+From: Jason A. Donenfeld <Jason@zx2c4.com>
+
+commit 329d82309824ff1082dc4a91a5bbed8c3bec1580 upstream.
+
+This file is filled with complex cryptography. Thus, the comparisons of
+MACs and secret keys and curve points and so forth should not add timing
+attacks, which could either result in a direct forgery, or, given the
+complexity, some other type of attack.
+
+Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
+Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/bluetooth/smp.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/net/bluetooth/smp.c
++++ b/net/bluetooth/smp.c
+@@ -22,6 +22,7 @@
+ 
+ #include <linux/crypto.h>
+ #include <linux/scatterlist.h>
++#include <crypto/algapi.h>
+ #include <crypto/b128ops.h>
+ 
+ #include <net/bluetooth/bluetooth.h>
+@@ -163,7 +164,7 @@ bool smp_irk_matches(struct hci_dev *hde
+ 	if (err)
+ 		return false;
+ 
+-	return !memcmp(bdaddr->b, hash, 3);
++	return !crypto_memneq(bdaddr->b, hash, 3);
+ }
+ 
+ int smp_generate_rpa(struct hci_dev *hdev, u8 irk[16], bdaddr_t *rpa)
+@@ -584,7 +585,7 @@ static u8 smp_random(struct smp_chan *sm
+ 	if (ret)
+ 		return SMP_UNSPECIFIED;
+ 
+-	if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
++	if (crypto_memneq(smp->pcnf, confirm, sizeof(smp->pcnf))) {
+ 		BT_ERR("Pairing failed (confirmation values mismatch)");
+ 		return SMP_CONFIRM_FAILED;
+ 	}
diff --git a/queue-3.18/series b/queue-3.18/series
index 2b15884acd7..29cd1ebf064 100644
--- a/queue-3.18/series
+++ b/queue-3.18/series
@@ -11,3 +11,4 @@ nfc-fix-the-sockaddr-length-sanitization-in-llcp_sock_connect.patch
 include-stddef.h-move-offsetofend-from-vfio.h-to-a-generic-kernel-header.patch
 stddef.h-move-offsetofend-inside-ifndef-endif-guard-neaten.patch
 nfc-add-sockaddr-length-checks-before-accessing-sa_family-in-bind-handlers.patch
+bluetooth-use-constant-time-memory-comparison-for-secret-values.patch
-- 
2.47.3