On Thu, 30 May 2019 at 16:34, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > > On Thu, May 30, 2019 at 04:31:09PM +0200, Ard Biesheuvel wrote: > > > > This might work: > > Looks good to me. > Thanks Herbert, But given your remark regarding CBC being the only algo that has this requirement, I wonder if this might be sufficient as well. diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index c0ece44f303b..65b050e3742f 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -1844,7 +1844,7 @@ static int skcipher_decrypt(struct skcipher_request *req) * The crypto API expects us to set the IV (req->iv) to the last * ciphertext block. */ - if (ivsize) + if (ctx->cdata.algtype & OP_ALG_AAI_CBC) scatterwalk_map_and_copy(req->iv, req->src, req->cryptlen - ivsize, ivsize, 0); Iulia, Horia?