On 03/08/18 13:37, Ondrej Mosnacek wrote: > It turns out I had misunderstood how the x86_match_cpu() function works. > It evaluates a logical OR of the matching conditions, not logical AND. > This caused the CPU feature checks for AEGIS to pass even if only SSE2 > (but not AES-NI) was supported (or vice versa), leading to potential > crashes if something tried to use the registered algs. > > This patch switches the checks to a simpler method that is used e.g. in > the Camellia x86 code. > > The patch also removes the MODULE_DEVICE_TABLE declarations which > actually seem to cause the modules to be auto-loaded at boot, which is > not desired. The crypto API on-demand module loading is sufficient. > > Fixes: 1d373d4e8e15 ("crypto: x86 - Add optimized AEGIS implementations") > Fixes: 6ecc9d9ff91f ("crypto: x86 - Add optimized MORUS implementations") > Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> I tried this patch on x86_64 with AES-NI and also on system with SSE but without AES-NI and it works as expected now (module is loaded only on demand and optimized one is used if available). If it is worth it, add Tested-by: Milan Broz <gmazyland@xxxxxxxxx> Any chance it could still reach 4.18? Without this patch it actually crashes kernel on x86_64 without AES-NI but with SSE flags, see https://bugzilla.redhat.com/show_bug.cgi?id=1610180#c4 Thanks, Milan