DivestOS/Patches/LineageOS-15.1/android_system_bt/377023-backport.patch

70 lines
2.2 KiB
Diff
Raw Normal View History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Brian Delwiche <delwiche@google.com>
Date: Tue, 3 Oct 2023 21:27:49 +0000
Subject: [PATCH] Fix timing attack in BTM_BleVerifySignature
BTM_BleVerifySignature uses a stock memcmp, allowing signature contents
to be deduced through a side-channel attack.
Change to CRYPTO_memcmp, which is hardened against this attack, to
eliminate this attack.
Bug: 274478807
Test: atest bluetooth_test_gd_unit
Tag: #security
Ignore-AOSP-First: Security
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:fcd1c44f7c4bf431dd6a6902d74c045174bd00ce)
Merged-In: I41a9b586d663d2ad4694222ae451d2d30a428a3c
Change-Id: I41a9b586d663d2ad4694222ae451d2d30a428a3c
---
main/Android.bp | 1 +
stack/Android.bp | 1 +
stack/btm/btm_ble.cc | 3 ++-
3 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/main/Android.bp b/main/Android.bp
index 9dc5a9866..35df9e6d4 100644
--- a/main/Android.bp
+++ b/main/Android.bp
@@ -48,6 +48,7 @@ cc_library_shared {
"libutils",
"libtinyxml2",
"libz",
+ "libcrypto",
],
static_libs: [
"libbt-sbc-decoder",
diff --git a/stack/Android.bp b/stack/Android.bp
index 5cb567895..dd0f934f3 100644
--- a/stack/Android.bp
+++ b/stack/Android.bp
@@ -176,6 +176,7 @@ cc_library_static {
shared_libs: [
"libcutils",
"liblog",
+ "libcrypto",
],
required: [
"libldacBT_enc",
diff --git a/stack/btm/btm_ble.cc b/stack/btm/btm_ble.cc
index 3a67f75ba..b8dfba239 100644
--- a/stack/btm/btm_ble.cc
+++ b/stack/btm/btm_ble.cc
@@ -41,6 +41,7 @@
#include "hcimsgs.h"
#include "log/log.h"
#include "l2c_int.h"
+#include "openssl/mem.h"
#include "osi/include/log.h"
#include "osi/include/osi.h"
#include "smp_api.h"
@@ -2235,7 +2236,7 @@ bool BTM_BleVerifySignature(const RawAddress& bd_addr, uint8_t* p_orig,
if (aes_cipher_msg_auth_code(p_rec->ble.keys.pcsrk, p_orig, len,
BTM_CMAC_TLEN_SIZE, p_mac)) {
- if (memcmp(p_mac, p_comp, BTM_CMAC_TLEN_SIZE) == 0) {
+ if (CRYPTO_memcmp(p_mac, p_comp, BTM_CMAC_TLEN_SIZE) == 0) {
btm_ble_increment_sign_ctr(bd_addr, false);
verified = true;
}