Hi Dave, On 02/12/2018 11:51 AM, Dave Watson wrote: > +static int gcmaes_encrypt_sg(struct aead_request *req, unsigned int assoclen, > + u8 *hash_subkey, u8 *iv, void *aes_ctx) > > +static int gcmaes_decrypt_sg(struct aead_request *req, unsigned int assoclen, > + u8 *hash_subkey, u8 *iv, void *aes_ctx) These two functions are almost identical. Wouldn't it be better to combine them into a single encrypt/decrypt function, similar to what you have done for the assembly macros? > + if (((struct crypto_aes_ctx *)aes_ctx)->key_length != AES_KEYSIZE_128 || > + aesni_gcm_enc_tfm == aesni_gcm_enc) { Shouldn't we also include a check for the buffer length being less than AVX_GEN2_OPTSIZE? AVX will not be used in that case either. Thanks, Junaid