scsi: target: Use constant-time crypto_memneq() for CHAP digests

A constant-time memory comparison is more suitable than plain memcmp()
for authentication digest comparison.  CHAP digests use an
authenticator-provided random challenge, so any timing side-channel
shouldn't be easily exploitable.

Reported-by: Sashiko (gemini/gemini-3.1-pro-preview)
Link: https://sashiko.dev/#/patchset/20260521151121.808477-1-hossu.alexandru%40gmail.com
Signed-off-by: David Disseldorp <ddiss@suse.de>
Reviewed-by: Lee Duncan <lduncan@suse.com>
Link: https://patch.msgid.link/20260605122019.24146-3-ddiss@suse.de
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>

diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c
index 5858cc3089796e0d248cb3474c89956e605cd9de..f3c0cdd318300da353d7ce1f1dca65f9fbf5a104 100644 (file)
--- a/drivers/target/iscsi/iscsi_target_auth.c
+++ b/drivers/target/iscsi/iscsi_target_auth.c
@@ -9,6 +9,7 @@
  ******************************************************************************/
 
 #include <crypto/hash.h>
+#include <crypto/utils.h>
 #include <linux/kernel.h>
 #include <linux/string.h>
 #include <linux/err.h>
@@ -408,7 +409,7 @@ static int chap_server_compute_hash(
        pr_debug("[server] %s Server Digest: %s\n",
                chap->digest_name, response);
 
-       if (memcmp(server_digest, client_digest, chap->digest_size) != 0) {
+       if (crypto_memneq(server_digest, client_digest, chap->digest_size)) {
                pr_debug("[server] %s Digests do not match!\n\n",
                        chap->digest_name);
                goto out;