From: Kai Ji <kai.ji@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com, konstantin.ananyev@huawei.com,
bruce.richardson@intel.com, thomas@monjalon.net,
stephen@networkplumber.org, mb@smartsharesystems.com,
Kai Ji <kai.ji@intel.com>
Subject: [dpdk-dev v6 1/2] eal: introduce rte_memeq_timingsafe() based on FreeBSD API
Date: Thu, 2 Oct 2025 15:32:28 +0000 [thread overview]
Message-ID: <20251002153229.98158-1-kai.ji@intel.com> (raw)
In-Reply-To: <20251001153242.55987-1-kai.ji@intel.com>
Bugzilla ID: 1773
https://bugs.dpdk.org/show_bug.cgi?id=1773
Signed-off-by: Kai Ji <kai.ji@intel.com>
---
lib/eal/include/rte_memory.h | 38 ++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/lib/eal/include/rte_memory.h b/lib/eal/include/rte_memory.h
index dcc0e69cfe..2d24e091af 100644
--- a/lib/eal/include/rte_memory.h
+++ b/lib/eal/include/rte_memory.h
@@ -746,6 +746,44 @@ __rte_experimental
void
rte_memzero_explicit(void *dst, size_t sz);
+/**
+ * @warning
+ * @b EXPERIMENTAL: this API may change without prior notice.
+ *
+ * Timing-safe memory equality comparison.
+ *
+ * This function compares two memory regions in constant time, making it
+ * resistant to timing side-channel attacks. The execution time depends only
+ * on the length parameter, not on the actual data values being compared.
+ *
+ * This is particularly important for cryptographic operations where timing
+ * differences could leak information about secret keys, passwords, or other
+ * sensitive data.
+ *
+ * @param a
+ * Pointer to the first memory region to compare
+ * @param b
+ * Pointer to the second memory region to compare
+ * @param n
+ * Number of bytes to compare
+ * @return
+ * true if the memory regions are identical, false if they differ
+ */
+__rte_experimental
+static inline bool
+rte_memeq_timingsafe(const void *a, const void *b, size_t n)
+{
+ const volatile uint8_t *pa = (const volatile uint8_t *)a;
+ const volatile uint8_t *pb = (const volatile uint8_t *)b;
+ uint8_t result = 0;
+ size_t i;
+
+ for (i = 0; i < n; i++)
+ result |= pa[i] ^ pb[i];
+
+ return result == UINT8_C(0);
+}
+
#ifdef __cplusplus
}
#endif
--
2.34.1
next prev parent reply other threads:[~2025-10-02 15:32 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-25 10:22 [dpdk-dev v1] cryptodev: introduce constant-time memory comparison Kai Ji
2025-09-25 10:33 ` [EXTERNAL] " Akhil Goyal
2025-09-25 20:47 ` Thomas Monjalon
2025-09-26 7:55 ` Bruce Richardson
2025-09-26 7:58 ` Bruce Richardson
2025-09-26 12:34 ` Morten Brørup
2025-09-26 8:13 ` Konstantin Ananyev
2025-09-26 8:16 ` Konstantin Ananyev
2025-09-26 15:49 ` [dpdk-dev v2 1/2] eal: Add rte_consttime_memsq() to prevent timing attacks memcmp Kai Ji
2025-09-26 15:49 ` [dpdk-dev v2 2/2] crypto/ipsec-mb: use constant-time memory comparison Kai Ji
2025-09-26 16:02 ` [dpdk-dev v3 1/2] eal: Add rte_consttime_memneq() to prevent timing attacks memcmp Kai Ji
2025-09-26 16:02 ` [dpdk-dev v3 2/2] crypto/ipsec-mb: use constant-time memory comparison Kai Ji
2025-09-26 18:12 ` [dpdk-dev v3 1/2] eal: Add rte_consttime_memneq() to prevent timing attacks memcmp Stephen Hemminger
2025-09-26 19:17 ` Morten Brørup
2025-09-26 20:15 ` Stephen Hemminger
2025-09-29 14:50 ` [dpdk-dev v4 1/2] eal: Add mem equal and non-equal " Kai Ji
2025-09-29 14:50 ` [dpdk-dev v4 2/2] crypto/ipsec-mb: use constant-time memory comparison Kai Ji
2025-09-29 23:54 ` Stephen Hemminger
2025-09-29 16:32 ` [dpdk-dev v4 1/2] eal: Add mem equal and non-equal to prevent timing attacks memcmp Stephen Hemminger
2025-09-29 17:48 ` Morten Brørup
2025-09-29 22:48 ` Stephen Hemminger
2025-09-30 6:16 ` Morten Brørup
2025-10-01 15:32 ` [dpdk-dev v5 1/2] eal: introduce rte_timingsafe_memcmp() based on OpenBSD API Kai Ji
2025-10-01 15:32 ` [dpdk-dev v5 2/2] crypto/ipsec-mb: use constant-time memory comparison Kai Ji
2025-10-01 17:26 ` [dpdk-dev v5 1/2] eal: introduce rte_timingsafe_memcmp() based on OpenBSD API Bruce Richardson
2025-10-01 18:57 ` Morten Brørup
2025-10-02 8:09 ` Bruce Richardson
2025-10-02 8:37 ` Morten Brørup
2025-10-02 8:40 ` Bruce Richardson
2025-10-02 15:32 ` Kai Ji [this message]
2025-10-02 15:32 ` [dpdk-dev v6 2/2] crypto/ipsec-mb: use constant-time memory comparison Kai Ji
2025-10-15 16:37 ` Thomas Monjalon
2025-10-03 7:35 ` [dpdk-dev v6 1/2] eal: introduce rte_memeq_timingsafe() based on FreeBSD API Morten Brørup
2025-10-10 11:22 ` Ji, Kai
2025-09-26 18:07 ` [dpdk-dev v2 1/2] eal: Add rte_consttime_memsq() to prevent timing attacks memcmp Stephen Hemminger
2025-09-29 7:39 ` Bruce Richardson
2025-09-29 23:43 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251002153229.98158-1-kai.ji@intel.com \
--to=kai.ji@intel.com \
--cc=bruce.richardson@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=konstantin.ananyev@huawei.com \
--cc=mb@smartsharesystems.com \
--cc=stephen@networkplumber.org \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.