Hi Herbert, Please find CTR DRBG performance improvements with the patches attached. In the following, there is an example log taken with my LRNG implementation using the getrandom(2) system call demonstrating the difference. Without the patch set: 16 bytes| 12.267661 MB/s| 61338304 bytes | 5000000213 ns 32 bytes| 23.603770 MB/s| 118018848 bytes | 5000000073 ns 64 bytes| 46.732262 MB/s| 233661312 bytes | 5000000241 ns 128 bytes| 90.038042 MB/s| 450190208 bytes | 5000000244 ns 256 bytes| 160.399616 MB/s| 801998080 bytes | 5000000393 ns 512 bytes| 259.878400 MB/s| 1299392000 bytes | 5000001675 ns 1024 bytes| 386.050662 MB/s| 1930253312 bytes | 5000001661 ns 2048 bytes| 493.641728 MB/s| 2468208640 bytes | 5000001598 ns 4096 bytes| 581.835981 MB/s| 2909179904 bytes | 5000003426 ns With the patch set: 16 bytes| 12.593974 MB/s| 62969872 bytes | 5000000969 ns 32 bytes| 24.112653 MB/s| 120563264 bytes | 5000000179 ns 64 bytes| 48.216115 MB/s| 241080576 bytes | 5000000401 ns 128 bytes| 94.260454 MB/s| 471302272 bytes | 5000000817 ns 256 bytes| 164.752947 MB/s| 823764736 bytes | 5000000088 ns 512 bytes| 270.364672 MB/s| 1351823360 bytes | 5000001695 ns 1024 bytes| 397.194035 MB/s| 1985970176 bytes | 5000000682 ns 2048 bytes| 517.212570 MB/s| 2586062848 bytes | 5000001324 ns 4096 bytes| 603.600486 MB/s| 3018002432 bytes | 5000003170 ns Please note that you questioned the 2nd patch before in a different context. However, I would like to ask whether it is appropriate considering the performance improvements. Thanks Stephan Mueller (2): crypto: DRBG - eliminate constant reinitialization of SGL crypto: DRBG - use caller buffer if suitable crypto/drbg.c | 25 ++++++++++++++++++------- include/crypto/drbg.h | 1 + 2 files changed, 19 insertions(+), 7 deletions(-) -- 2.17.1