On Wed, Jun 24, 2015 at 07:14:21AM -0700, Tadeusz Struk wrote: > rfc4106(gcm(aes)) uses cbc(aes) to generate hash key. cbc(aes) needs > chainiv, but the chainiv gets initialized after aesni_intel when both > are statically linked so the setkey fails. > This patch forces aesni_intel to be initialized after chainiv. > > Signed-off-by: Tadeusz Struk <tadeusz.struk@xxxxxxxxx> Aha, this could indeed the explain the setkey error that Linus saw. Once the AEAD conversion is complete this would actually become unnecessary because seqiv for blkcipher would disappear. Linus, could you confirm that you have AESNI built into the kernel and not as a module? However, this is still brittle because you have the same ordering issue with ctr. IOW aesni may be registered before ctr. In fact you don't actually need ctr here. You could just replace it with plain aes plus a xor. That should be more robust as you can then just use aesni for the aes and you wouldn't depend on anything external to aesni. Could you make a patch for that Tadeusz? Thanks! -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html