[PATCH v4 3/8] crypto: qce - Reject empty messages for AES-XTS

Next message: Bartosz Golaszewski: "[PATCH v4 1/8] crypto: qce - Remove unsafe/deprecated algorithms"
Previous message: Bartosz Golaszewski: "[PATCH v4 0/8] crypto: qce - Fix crypto self-test failures"
In reply to: Bartosz Golaszewski: "[PATCH v4 0/8] crypto: qce - Fix crypto self-test failures"
Next in thread: Bartosz Golaszewski: "[PATCH v4 1/8] crypto: qce - Remove unsafe/deprecated algorithms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Bartosz Golaszewski

Date: Mon Jun 22 2026 - 09:20:32 EST

XTS is not defined for an empty plaintext: it requires at least one full
block of data. The driver treated a zero-length request as a successful
no-op, so the crypto self-tests "unexpectedly succeeded" when -EINVAL
was expected.

Return -EINVAL for empty XTS requests while keeping the no-op behavior
for the other ciphers, which the crypto engine simply cannot process due
to its DMA not supporting zero-length transfers.

Cc: stable@xxxxxxxxxxxxxxx
Fixes: f08789462255 ("crypto: qce - Return error for zero length messages")
Tested-by: Kuldeep Singh <kuldeep.singh@xxxxxxxxxxxxxxxx>
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxxxxxxxx>
---
drivers/crypto/qce/skcipher.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/crypto/qce/skcipher.c b/drivers/crypto/qce/skcipher.c
index b27008ace93a8a40c291d564c3fb9d73df5447ec..e1f69057607fac36e8b4bdb5dd9e62a2aabe5f50 100644
--- a/drivers/crypto/qce/skcipher.c
+++ b/drivers/crypto/qce/skcipher.c
@@ -223,8 +223,12 @@ static int qce_skcipher_crypt(struct skcipher_request *req, int encrypt)
keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen;

/* CE does not handle 0 length messages */
- if (!req->cryptlen)
+ if (!req->cryptlen) {
+ /* XTS requires at least one full block of data */
+ if (IS_XTS(rctx->flags))
+ return -EINVAL;
return 0;
+ }

/*
* ECB and CBC algorithms require message lengths to be

--
2.47.3