> +bool blk_ksm_crypto_cfg_supported(struct blk_keyslot_manager *ksm, > + const struct blk_crypto_config *cfg) > +{ > + if (!ksm) > + return false; > + return (ksm->crypto_modes_supported[cfg->crypto_mode] & > + cfg->data_unit_size) && > + (ksm->max_dun_bytes_supported >= cfg->dun_bytes); Nit: why not expand this a bit to be more readable: if (!(ksm->crypto_modes_supported[cfg->crypto_mode] & cfg->data_unit_size)) return false; if (ksm->max_dun_bytes_supported < cfg->dun_bytes) return false; return true; > +int blk_ksm_evict_key(struct blk_keyslot_manager *ksm, > + const struct blk_crypto_key *key) > +{ > + struct blk_ksm_keyslot *slot; > + int err = 0; > + > + blk_ksm_hw_enter(ksm); > + slot = blk_ksm_find_keyslot(ksm, key); > + if (!slot) > + goto out_unlock; > + > + if (atomic_read(&slot->slot_refs) != 0) { > + err = -EBUSY; > + goto out_unlock; > + } This check looks racy.