On 8/6/2020 7:36 PM, Andrei Botila (OSS) wrote:
> @@ -1790,7 +1792,9 @@ static inline int skcipher_crypt(struct 
> skcipher_request *req, bool encrypt)
>       if (!req->cryptlen)
>               return 0;
>  
> -     if (ctx->fallback && xts_skcipher_ivsize(req)) {
> +     if (ctx->fallback && (xts_skcipher_ivsize(req) ||
> +                           (ctx->cdata.keylen != 2 * AES_KEYSIZE_128 &&
> +                            ctx->cdata.keylen != 2 * AES_KEYSIZE_256))) {
Let's avoid doing this check for every request.
This could be achieved by moving it into the .setkey callback and
setting a flag in the caam_ctx indicating if the fallback is needed or not
for this tfm.

Horia

Reply via email to