Sorry for replying to old mail... On Wed, Jun 14, 2017 at 11:37:39AM -0700, Dave Watson wrote: > +static int tls_do_encryption(struct tls_context *tls_ctx, > + struct tls_sw_context *ctx, size_t data_len, > + gfp_t flags) > +{ > + unsigned int req_size = sizeof(struct aead_request) + > + crypto_aead_reqsize(ctx->aead_send); > + struct aead_request *aead_req; > + int rc; > + > + aead_req = kmalloc(req_size, flags); > + if (!aead_req) > + return -ENOMEM; > + > + ctx->sg_encrypted_data[0].offset += tls_ctx->prepend_size; > + ctx->sg_encrypted_data[0].length -= tls_ctx->prepend_size; > + > + aead_request_set_tfm(aead_req, ctx->aead_send); > + aead_request_set_ad(aead_req, TLS_AAD_SPACE_SIZE); > + aead_request_set_crypt(aead_req, ctx->sg_aead_in, ctx->sg_aead_out, > + data_len, tls_ctx->iv); > + rc = crypto_aead_encrypt(aead_req); > + > + ctx->sg_encrypted_data[0].offset -= tls_ctx->prepend_size; > + ctx->sg_encrypted_data[0].length += tls_ctx->prepend_size; > + > + kfree(aead_req); > + return rc; > +} ... > +int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx) > +{ ... > + > + if (!sw_ctx->aead_send) { > + sw_ctx->aead_send = crypto_alloc_aead("gcm(aes)", 0, 0); > + if (IS_ERR(sw_ctx->aead_send)) { > + rc = PTR_ERR(sw_ctx->aead_send); > + sw_ctx->aead_send = NULL; > + goto free_rec_seq; > + } > + } > + When I look on how you allocate the aead transformation, it seems that you should either register an asynchronous callback with aead_request_set_callback(), or request for a synchronous algorithm. Otherwise you will crash on an asynchronous crypto return, no? Also, it seems that you have your scatterlists on a per crypto transformation base istead of per crypto request. Is this intentional?