[PATCH 5.9 080/757] crypto: caam - add xts check for block length equal to zero

Greg Kroah-Hartman Tue, 27 Oct 2020 08:31:04 -0700

From: Andrei Botila <[email protected]>

commit 297b931c2a3cada230d8b84432ee982fc68cf76a upstream.


XTS should not return succes when dealing with block length equal to zero.
This is different than the rest of the skcipher algorithms.

Fixes: 31bb2f0da1b50 ("crypto: caam - check zero-length input")
Cc: <[email protected]> # v5.4+
Signed-off-by: Andrei Botila <[email protected]>
Reviewed-by: Horia Geantă <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>

---
 drivers/crypto/caam/caamalg.c     |    7 ++++++-
 drivers/crypto/caam/caamalg_qi.c  |    7 ++++++-
 drivers/crypto/caam/caamalg_qi2.c |   14 ++++++++++++--
 3 files changed, 24 insertions(+), 4 deletions(-)

--- a/drivers/crypto/caam/caamalg.c
+++ b/drivers/crypto/caam/caamalg.c
@@ -1765,7 +1765,12 @@ static inline int skcipher_crypt(struct
        u32 *desc;
        int ret = 0;
 
-       if (!req->cryptlen)
+       /*
+        * XTS is expected to return an error even for input length = 0
+        * Note that the case input length < block size will be caught during
+        * HW offloading and return an error.
+        */
+       if (!req->cryptlen && !ctx->fallback)
                return 0;
 
        /* allocate extended descriptor */
--- a/drivers/crypto/caam/caamalg_qi.c
+++ b/drivers/crypto/caam/caamalg_qi.c
@@ -1380,7 +1380,12 @@ static inline int skcipher_crypt(struct
        struct caam_ctx *ctx = crypto_skcipher_ctx(skcipher);
        int ret;
 
-       if (!req->cryptlen)
+       /*
+        * XTS is expected to return an error even for input length = 0
+        * Note that the case input length < block size will be caught during
+        * HW offloading and return an error.
+        */
+       if (!req->cryptlen && !ctx->fallback)
                return 0;
 
        if (unlikely(caam_congested))
--- a/drivers/crypto/caam/caamalg_qi2.c
+++ b/drivers/crypto/caam/caamalg_qi2.c
@@ -1451,7 +1451,12 @@ static int skcipher_encrypt(struct skcip
        struct caam_request *caam_req = skcipher_request_ctx(req);
        int ret;
 
-       if (!req->cryptlen)
+       /*
+        * XTS is expected to return an error even for input length = 0
+        * Note that the case input length < block size will be caught during
+        * HW offloading and return an error.
+        */
+       if (!req->cryptlen && !ctx->fallback)
                return 0;
 
        /* allocate extended descriptor */
@@ -1482,7 +1487,12 @@ static int skcipher_decrypt(struct skcip
        struct caam_request *caam_req = skcipher_request_ctx(req);
        int ret;
 
-       if (!req->cryptlen)
+       /*
+        * XTS is expected to return an error even for input length = 0
+        * Note that the case input length < block size will be caught during
+        * HW offloading and return an error.
+        */
+       if (!req->cryptlen && !ctx->fallback)
                return 0;
        /* allocate extended descriptor */
        edesc = skcipher_edesc_alloc(req);

[PATCH 5.9 080/757] crypto: caam - add xts check for block length equal to zero

Reply via email to