[PATCH v3 3/8] crypto: qce - Reject empty messages for AES-XTS

Next message: Bartosz Golaszewski: "[PATCH v3 5/8] crypto: qce - Use a fallback for AES-CTR with a partial final block"
Previous message: Greg Kroah-Hartman: "Re: [PATCH] usb: rust: mark Device and Interface methods as inline"
In reply to: Bartosz Golaszewski: "[PATCH v3 0/8] crypto: qce - Fix crypto self-test failures"
Next in thread: Bartosz Golaszewski: "[PATCH v3 5/8] crypto: qce - Use a fallback for AES-CTR with a partial final block"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Bartosz Golaszewski

Date: Wed Jun 17 2026 - 11:52:18 EST

XTS is not defined for an empty plaintext: it requires at least one full
block of data. The driver treated a zero-length request as a successful
no-op, so the crypto self-tests "unexpectedly succeeded" when -EINVAL
was expected.

Return -EINVAL for empty XTS requests while keeping the no-op behavior
for the other ciphers, which the crypto engine simply cannot process due
to its DMA not supporting zero-length transfers.

Cc: stable@xxxxxxxxxxxxxxx
Fixes: f08789462255 ("crypto: qce - Return error for zero length messages")
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxxxxxxxx>
---
drivers/crypto/qce/skcipher.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c
index 58a6c8e333784af73cd4340814046f04405c69e7..459c9ba6d0a5363da9f6ac8c69b6d3c1a4633f91 100644
--- a/drivers/crypto/qce/skcipher.c
+++ b/drivers/crypto/qce/skcipher.c
@@ -223,8 +223,12 @@ static int qce_skcipher_crypt(struct skcipher_request *req, int encrypt)
keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen;

/* CE does not handle 0 length messages */
- if (!req->cryptlen)
+ if (!req->cryptlen) {
+ /* XTS requires at least one full block of data */
+ if (IS_XTS(rctx->flags))
+ return -EINVAL;
return 0;
+ }

/*
* ECB and CBC algorithms require message lengths to be

--
2.47.3