On Fri, Jun 28, 2019 at 05:21:07PM +0200, Ard Biesheuvel wrote: > diff --git a/fs/crypto/keyinfo.c b/fs/crypto/keyinfo.c > index dcd91a3fbe49..f39667d4316a 100644 > --- a/fs/crypto/keyinfo.c > +++ b/fs/crypto/keyinfo.c > @@ -13,14 +13,10 @@ > #include <linux/hashtable.h> > #include <linux/scatterlist.h> > #include <linux/ratelimit.h> > -#include <crypto/aes.h> > #include <crypto/algapi.h> > -#include <crypto/sha.h> > #include <crypto/skcipher.h> > #include "fscrypt_private.h" > > -static struct crypto_shash *essiv_hash_tfm; > - > /* Table of keys referenced by FS_POLICY_FLAG_DIRECT_KEY policies */ > static DEFINE_HASHTABLE(fscrypt_master_keys, 6); /* 6 bits = 64 buckets */ > static DEFINE_SPINLOCK(fscrypt_master_keys_lock); > @@ -144,10 +140,9 @@ static struct fscrypt_mode available_modes[] = { > }, > [FS_ENCRYPTION_MODE_AES_128_CBC] = { > .friendly_name = "AES-128-CBC", > - .cipher_str = "cbc(aes)", > + .cipher_str = "essiv(cbc(aes),aes,sha256)", > .keysize = 16, > - .ivsize = 16, > - .needs_essiv = true, > + .ivsize = 8, > }, Now that the essiv template takes the same size IV, the .ivsize here needs to be left as 16. - Eric