This is a note to let you know that I've just added the patch titled crypto: caam - add xts check for block length equal to zero to the 5.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: crypto-caam-add-xts-check-for-block-length-equal-to-zero.patch and it can be found in the queue-5.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 297b931c2a3cada230d8b84432ee982fc68cf76a Mon Sep 17 00:00:00 2001 From: Andrei Botila <andrei.botila@xxxxxxx> Date: Tue, 22 Sep 2020 19:03:25 +0300 Subject: crypto: caam - add xts check for block length equal to zero MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Andrei Botila <andrei.botila@xxxxxxx> commit 297b931c2a3cada230d8b84432ee982fc68cf76a upstream. XTS should not return succes when dealing with block length equal to zero. This is different than the rest of the skcipher algorithms. Fixes: 31bb2f0da1b50 ("crypto: caam - check zero-length input") Cc: <stable@xxxxxxxxxxxxxxx> # v5.4+ Signed-off-by: Andrei Botila <andrei.botila@xxxxxxx> Reviewed-by: Horia Geantă <horia.geanta@xxxxxxx> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/crypto/caam/caamalg.c | 7 ++++++- drivers/crypto/caam/caamalg_qi.c | 7 ++++++- drivers/crypto/caam/caamalg_qi2.c | 14 ++++++++++++-- 3 files changed, 24 insertions(+), 4 deletions(-) --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -1765,7 +1765,12 @@ static inline int skcipher_crypt(struct u32 *desc; int ret = 0; - if (!req->cryptlen) + /* + * XTS is expected to return an error even for input length = 0 + * Note that the case input length < block size will be caught during + * HW offloading and return an error. + */ + if (!req->cryptlen && !ctx->fallback) return 0; /* allocate extended descriptor */ --- a/drivers/crypto/caam/caamalg_qi.c +++ b/drivers/crypto/caam/caamalg_qi.c @@ -1380,7 +1380,12 @@ static inline int skcipher_crypt(struct struct caam_ctx *ctx = crypto_skcipher_ctx(skcipher); int ret; - if (!req->cryptlen) + /* + * XTS is expected to return an error even for input length = 0 + * Note that the case input length < block size will be caught during + * HW offloading and return an error. + */ + if (!req->cryptlen && !ctx->fallback) return 0; if (unlikely(caam_congested)) --- a/drivers/crypto/caam/caamalg_qi2.c +++ b/drivers/crypto/caam/caamalg_qi2.c @@ -1451,7 +1451,12 @@ static int skcipher_encrypt(struct skcip struct caam_request *caam_req = skcipher_request_ctx(req); int ret; - if (!req->cryptlen) + /* + * XTS is expected to return an error even for input length = 0 + * Note that the case input length < block size will be caught during + * HW offloading and return an error. + */ + if (!req->cryptlen && !ctx->fallback) return 0; /* allocate extended descriptor */ @@ -1482,7 +1487,12 @@ static int skcipher_decrypt(struct skcip struct caam_request *caam_req = skcipher_request_ctx(req); int ret; - if (!req->cryptlen) + /* + * XTS is expected to return an error even for input length = 0 + * Note that the case input length < block size will be caught during + * HW offloading and return an error. + */ + if (!req->cryptlen && !ctx->fallback) return 0; /* allocate extended descriptor */ edesc = skcipher_edesc_alloc(req); Patches currently in stable-queue which might be from andrei.botila@xxxxxxx are queue-5.9/crypto-caam-qi-add-support-for-more-xts-key-lengths.patch queue-5.9/crypto-caam-jr-add-support-for-more-xts-key-lengths.patch queue-5.9/crypto-caam-jr-add-fallback-for-xts-with-more-than-8b-iv.patch queue-5.9/crypto-caam-qi2-add-support-for-more-xts-key-lengths.patch queue-5.9/crypto-caam-add-xts-check-for-block-length-equal-to-zero.patch queue-5.9/crypto-caam-qi2-add-fallback-for-xts-with-more-than-8b-iv.patch queue-5.9/crypto-caam-qi-add-fallback-for-xts-with-more-than-8b-iv.patch