Hello, The AES-CBC implementation in the s5p-sss crypto driver is failing the improved crypto self-tests I currently have out for review. The improved tests check that all CBC implementations update the IV buffer to be the last ciphertext block. This has always been required so that requests can be chained, but unfortunately it wasn't tested for by the self-tests until now. See the boot logs for Exynos platforms from the KernelCI job here: https://kernelci.org/boot/all/job/ardb/branch/for-kernelci/kernel/v5.0-rc1-149-g64c945c018af/ alg: skcipher: cbc-aes-s5p encryption test failed (wrong output IV) on test vector 0, cfg=\"in-place\" 00000000: 3d af ba 42 9d 9e b4 30 b4 22 da 80 2c 9f ac 41 You can reproduce by pulling from https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git branch "iv-out-testing", unsetting CONFIG_CRYPTO_MANAGER_DISABLE_TESTS, setting CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y, rebooting and checking dmesg. (CRYPTO_MANAGER_EXTRA_TESTS is probably unneeded for this, but you might as well use it. Also you can optionally revert the last patch, which makes crypto self-test failures cause a kernel panic for testing purposes. It's possible that ctr-aes-s5p is failing too but it was just never gotten to...) The patch series is also available on the linux-crypto mailing list: https://patchwork.kernel.org/cover/10811951/ Note that I don't have this hardware myself, so if it turns out that no one is interested in fixing this anytime soon I'll instead have to propose disabling these algorithm(s) until they can be fixed. Thanks, - Eric
