On 8/6/2020 7:36 PM, Andrei Botila (OSS) wrote:
> @@ -1790,7 +1792,9 @@ static inline int skcipher_crypt(struct skcipher_request *req, bool encrypt)
> if (!req->cryptlen)
> return 0;
>
> - if (ctx->fallback && xts_skcipher_ivsize(req)) {
> + if (ctx->fallback && (xts_skcipher_ivsize(req) ||
> + (ctx->cdata.keylen != 2 * AES_KEYSIZE_128 &&
> + ctx->cdata.keylen != 2 * AES_KEYSIZE_256))) {
Let's avoid doing this check for every request.
This could be achieved by moving it into the .setkey callback and
setting a flag in the caam_ctx indicating if the fallback is needed or not
for this tfm.
Horia