Herbert, Commits 7021b2e1cddd "esp4: Switch to new AEAD interface" 000ae7b2690e "esp6: Switch to new AEAD interface" removed the following: /* Get ivec. This can be wrong, check against another impls. */ iv = esph->enc_data; from IPsec decryption - esp{4,6}_input(), so the IV in req->iv received by the implementer is no longer valid. Thus, the load of IV in caam driver - caamalg.c, init_authenc_job(): if (ivsize && (is_rfc3686 || !(alg->caam.geniv && encrypt))) append_load_as_imm(desc, req->iv, ivsize, LDST_CLASS_1_CCB | LDST_SRCDST_BYTE_CONTEXT | (ivoffset << LDST_OFFSET_SHIFT)); is not suited for case mentioned above. Instead, the IV should be read from the req->src scatterlist (which consists of assoc data, iv, ciphertext). Please let me know if this is accurate, so I could prepare a fix. Thanks, Horia -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html