On 6/12/2019 12:40 PM, Sascha Hauer wrote: > Hi Horia, > > On Wed, May 15, 2019 at 01:35:16PM +0000, Horia Geanta wrote: >> For talitos, the problem is the lack of IV update. >> >> For caam, the problem is incorrect IV update (output IV is equal to last >> ciphertext block, which is correect for cbc, but not for ctr mode). >> >> I am working at a fix, but it takes longer since I would like to program the >> accelerator to the save the IV (and not do counter increment in SW, which >> created problems for many other implementations). > > Any news here? With the fix Ard provided gcm(aes) now works again, but > only as long as the crypto self tests are disabled. > I've recently submitted support for IV update done in HW (caam engine), which fixes this issue: https://patchwork.kernel.org/cover/10984927/ Unfortunately it's probably too big to be sent to -stable. We'll have to rely on Ard's workaround on previous kernels. Horia
