ipv6: sr: Fix MAC comparison to be constant-time

jira VULN-136545
cve CVE-2025-39702
commit-author Eric Biggers <ebiggers@kernel.org>
commit a458b29
upstream-diff |
	Use crypto/algahi.h instead of crypto/utils.h

To prevent timing attacks, MACs need to be compared in constant time.
Use the appropriate helper function for this.

Fixes: bf355b8 ("ipv6: sr: add core files for SR HMAC support")
	Cc: stable@vger.kernel.org
	Signed-off-by: Eric Biggers <ebiggers@kernel.org>
	Reviewed-by: Andrea Mayer <andrea.mayer@uniroma2.it>
Link: https://patch.msgid.link/20250818202724.15713-1-ebiggers@kernel.org
	Signed-off-by: Jakub Kicinski <kuba@kernel.org>
(cherry picked from commit a458b29)
	Signed-off-by: Roxana Nicolescu <rnicolescu@ciq.com>

Author: roxanan1996

net/ipv6/seg6_hmac.c

@@ -34,6 +34,7 @@
 #include <net/addrconf.h>
 #include <net/xfrm.h>
 
+#include <crypto/algapi.h>
 #include <crypto/hash.h>
 #include <net/seg6.h>
 #include <net/genetlink.h>
@@ -269,7 +270,7 @@ bool seg6_hmac_validate_skb(struct sk_buff *skb)
 	if (seg6_hmac_compute(hinfo, srh, &ipv6_hdr(skb)->saddr, hmac_output))
 		return false;
 
-	if (memcmp(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN) != 0)
+	if (crypto_memneq(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN))
 		return false;
 
 	return true;