From a8ddd988b1d5c93b85fce780fa05c7e1755c2e13 Mon Sep 17 00:00:00 2001
From: AmadeusGhost <42570690+AmadeusGhost@users.noreply.github.com>
Date: Mon, 11 Jan 2021 21:27:35 +0800
Subject: [PATCH] ipq40xx/5.4: remove duplicate patches (#6185)

Fixes: 28f854eb5f7931dba5828503cfc8e285f1672eaf ("kernel: bump 5.4 to 5.4.86")
---
 ...e-allow-building-only-hashes-ciphers.patch | 419 ------------------
 ...-use-AES-fallback-for-small-requests.patch | 113 -----
 2 files changed, 532 deletions(-)
 delete mode 100644 target/linux/ipq40xx/patches-5.4/0013-v5.6-crypto-qce-allow-building-only-hashes-ciphers.patch
 delete mode 100644 target/linux/ipq40xx/patches-5.4/0015-v5.7-crypto-qce-use-AES-fallback-for-small-requests.patch

diff --git a/target/linux/ipq40xx/patches-5.4/0013-v5.6-crypto-qce-allow-building-only-hashes-ciphers.patch b/target/linux/ipq40xx/patches-5.4/0013-v5.6-crypto-qce-allow-building-only-hashes-ciphers.patch
deleted file mode 100644
index 5b1372d08..000000000
--- a/target/linux/ipq40xx/patches-5.4/0013-v5.6-crypto-qce-allow-building-only-hashes-ciphers.patch
+++ /dev/null
@@ -1,419 +0,0 @@
-From 59e056cda4beb5412e3653e6360c2eb0fa770baa Mon Sep 17 00:00:00 2001
-From: Eneas U de Queiroz <cotequeiroz@gmail.com>
-Date: Fri, 20 Dec 2019 16:02:18 -0300
-Subject: [PATCH 07/11] crypto: qce - allow building only hashes/ciphers
-
-Allow the user to choose whether to build support for all algorithms
-(default), hashes-only, or skciphers-only.
-
-The QCE engine does not appear to scale as well as the CPU to handle
-multiple crypto requests.  While the ipq40xx chips have 4-core CPUs, the
-QCE handles only 2 requests in parallel.
-
-Ipsec throughput seems to improve when disabling either family of
-algorithms, sharing the load with the CPU.  Enabling skciphers-only
-appears to work best.
-
-Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
-Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
----
-
---- a/drivers/crypto/Kconfig
-+++ b/drivers/crypto/Kconfig
-@@ -617,6 +617,14 @@ config CRYPTO_DEV_QCE
- 	tristate "Qualcomm crypto engine accelerator"
- 	depends on ARCH_QCOM || COMPILE_TEST
- 	depends on HAS_IOMEM
-+	help
-+	  This driver supports Qualcomm crypto engine accelerator
-+	  hardware. To compile this driver as a module, choose M here. The
-+	  module will be called qcrypto.
-+
-+config CRYPTO_DEV_QCE_SKCIPHER
-+	bool
-+	depends on CRYPTO_DEV_QCE
- 	select CRYPTO_AES
- 	select CRYPTO_LIB_DES
- 	select CRYPTO_ECB
-@@ -624,10 +632,57 @@ config CRYPTO_DEV_QCE
- 	select CRYPTO_XTS
- 	select CRYPTO_CTR
- 	select CRYPTO_BLKCIPHER
-+
-+config CRYPTO_DEV_QCE_SHA
-+	bool
-+	depends on CRYPTO_DEV_QCE
-+
-+choice
-+	prompt "Algorithms enabled for QCE acceleration"
-+	default CRYPTO_DEV_QCE_ENABLE_ALL
-+	depends on CRYPTO_DEV_QCE
- 	help
--	  This driver supports Qualcomm crypto engine accelerator
--	  hardware. To compile this driver as a module, choose M here. The
--	  module will be called qcrypto.
-+	  This option allows to choose whether to build support for all algorihtms
-+	  (default), hashes-only, or skciphers-only.
-+
-+	  The QCE engine does not appear to scale as well as the CPU to handle
-+	  multiple crypto requests.  While the ipq40xx chips have 4-core CPUs, the
-+	  QCE handles only 2 requests in parallel.
-+
-+	  Ipsec throughput seems to improve when disabling either family of
-+	  algorithms, sharing the load with the CPU.  Enabling skciphers-only
-+	  appears to work best.
-+
-+	config CRYPTO_DEV_QCE_ENABLE_ALL
-+		bool "All supported algorithms"
-+		select CRYPTO_DEV_QCE_SKCIPHER
-+		select CRYPTO_DEV_QCE_SHA
-+		help
-+		  Enable all supported algorithms:
-+			- AES (CBC, CTR, ECB, XTS)
-+			- 3DES (CBC, ECB)
-+			- DES (CBC, ECB)
-+			- SHA1, HMAC-SHA1
-+			- SHA256, HMAC-SHA256
-+
-+	config CRYPTO_DEV_QCE_ENABLE_SKCIPHER
-+		bool "Symmetric-key ciphers only"
-+		select CRYPTO_DEV_QCE_SKCIPHER
-+		help
-+		  Enable symmetric-key ciphers only:
-+			- AES (CBC, CTR, ECB, XTS)
-+			- 3DES (ECB, CBC)
-+			- DES (ECB, CBC)
-+
-+	config CRYPTO_DEV_QCE_ENABLE_SHA
-+		bool "Hash/HMAC only"
-+		select CRYPTO_DEV_QCE_SHA
-+		help
-+		  Enable hashes/HMAC algorithms only:
-+			- SHA1, HMAC-SHA1
-+			- SHA256, HMAC-SHA256
-+
-+endchoice
- 
- config CRYPTO_DEV_QCOM_RNG
- 	tristate "Qualcomm Random Number Generator Driver"
---- a/drivers/crypto/qce/Makefile
-+++ b/drivers/crypto/qce/Makefile
-@@ -2,6 +2,7 @@
- obj-$(CONFIG_CRYPTO_DEV_QCE) += qcrypto.o
- qcrypto-objs := core.o \
- 		common.o \
--		dma.o \
--		sha.o \
--		skcipher.o
-+		dma.o
-+
-+qcrypto-$(CONFIG_CRYPTO_DEV_QCE_SHA) += sha.o
-+qcrypto-$(CONFIG_CRYPTO_DEV_QCE_SKCIPHER) += skcipher.o
---- a/drivers/crypto/qce/common.c
-+++ b/drivers/crypto/qce/common.c
-@@ -45,52 +45,56 @@ qce_clear_array(struct qce_device *qce,
- 		qce_write(qce, offset + i * sizeof(u32), 0);
- }
- 
--static u32 qce_encr_cfg(unsigned long flags, u32 aes_key_size)
-+static u32 qce_config_reg(struct qce_device *qce, int little)
- {
--	u32 cfg = 0;
-+	u32 beats = (qce->burst_size >> 3) - 1;
-+	u32 pipe_pair = qce->pipe_pair_id;
-+	u32 config;
- 
--	if (IS_AES(flags)) {
--		if (aes_key_size == AES_KEYSIZE_128)
--			cfg |= ENCR_KEY_SZ_AES128 << ENCR_KEY_SZ_SHIFT;
--		else if (aes_key_size == AES_KEYSIZE_256)
--			cfg |= ENCR_KEY_SZ_AES256 << ENCR_KEY_SZ_SHIFT;
--	}
-+	config = (beats << REQ_SIZE_SHIFT) & REQ_SIZE_MASK;
-+	config |= BIT(MASK_DOUT_INTR_SHIFT) | BIT(MASK_DIN_INTR_SHIFT) |
-+		  BIT(MASK_OP_DONE_INTR_SHIFT) | BIT(MASK_ERR_INTR_SHIFT);
-+	config |= (pipe_pair << PIPE_SET_SELECT_SHIFT) & PIPE_SET_SELECT_MASK;
-+	config &= ~HIGH_SPD_EN_N_SHIFT;
- 
--	if (IS_AES(flags))
--		cfg |= ENCR_ALG_AES << ENCR_ALG_SHIFT;
--	else if (IS_DES(flags) || IS_3DES(flags))
--		cfg |= ENCR_ALG_DES << ENCR_ALG_SHIFT;
-+	if (little)
-+		config |= BIT(LITTLE_ENDIAN_MODE_SHIFT);
- 
--	if (IS_DES(flags))
--		cfg |= ENCR_KEY_SZ_DES << ENCR_KEY_SZ_SHIFT;
-+	return config;
-+}
- 
--	if (IS_3DES(flags))
--		cfg |= ENCR_KEY_SZ_3DES << ENCR_KEY_SZ_SHIFT;
-+void qce_cpu_to_be32p_array(__be32 *dst, const u8 *src, unsigned int len)
-+{
-+	__be32 *d = dst;
-+	const u8 *s = src;
-+	unsigned int n;
- 
--	switch (flags & QCE_MODE_MASK) {
--	case QCE_MODE_ECB:
--		cfg |= ENCR_MODE_ECB << ENCR_MODE_SHIFT;
--		break;
--	case QCE_MODE_CBC:
--		cfg |= ENCR_MODE_CBC << ENCR_MODE_SHIFT;
--		break;
--	case QCE_MODE_CTR:
--		cfg |= ENCR_MODE_CTR << ENCR_MODE_SHIFT;
--		break;
--	case QCE_MODE_XTS:
--		cfg |= ENCR_MODE_XTS << ENCR_MODE_SHIFT;
--		break;
--	case QCE_MODE_CCM:
--		cfg |= ENCR_MODE_CCM << ENCR_MODE_SHIFT;
--		cfg |= LAST_CCM_XFR << LAST_CCM_SHIFT;
--		break;
--	default:
--		return ~0;
-+	n = len / sizeof(u32);
-+	for (; n > 0; n--) {
-+		*d = cpu_to_be32p((const __u32 *) s);
-+		s += sizeof(__u32);
-+		d++;
- 	}
-+}
- 
--	return cfg;
-+static void qce_setup_config(struct qce_device *qce)
-+{
-+	u32 config;
-+
-+	/* get big endianness */
-+	config = qce_config_reg(qce, 0);
-+
-+	/* clear status */
-+	qce_write(qce, REG_STATUS, 0);
-+	qce_write(qce, REG_CONFIG, config);
-+}
-+
-+static inline void qce_crypto_go(struct qce_device *qce)
-+{
-+	qce_write(qce, REG_GOPROC, BIT(GO_SHIFT) | BIT(RESULTS_DUMP_SHIFT));
- }
- 
-+#ifdef CONFIG_CRYPTO_DEV_QCE_SHA
- static u32 qce_auth_cfg(unsigned long flags, u32 key_size)
- {
- 	u32 cfg = 0;
-@@ -137,88 +141,6 @@ static u32 qce_auth_cfg(unsigned long fl
- 	return cfg;
- }
- 
--static u32 qce_config_reg(struct qce_device *qce, int little)
--{
--	u32 beats = (qce->burst_size >> 3) - 1;
--	u32 pipe_pair = qce->pipe_pair_id;
--	u32 config;
--
--	config = (beats << REQ_SIZE_SHIFT) & REQ_SIZE_MASK;
--	config |= BIT(MASK_DOUT_INTR_SHIFT) | BIT(MASK_DIN_INTR_SHIFT) |
--		  BIT(MASK_OP_DONE_INTR_SHIFT) | BIT(MASK_ERR_INTR_SHIFT);
--	config |= (pipe_pair << PIPE_SET_SELECT_SHIFT) & PIPE_SET_SELECT_MASK;
--	config &= ~HIGH_SPD_EN_N_SHIFT;
--
--	if (little)
--		config |= BIT(LITTLE_ENDIAN_MODE_SHIFT);
--
--	return config;
--}
--
--void qce_cpu_to_be32p_array(__be32 *dst, const u8 *src, unsigned int len)
--{
--	__be32 *d = dst;
--	const u8 *s = src;
--	unsigned int n;
--
--	n = len / sizeof(u32);
--	for (; n > 0; n--) {
--		*d = cpu_to_be32p((const __u32 *) s);
--		s += sizeof(__u32);
--		d++;
--	}
--}
--
--static void qce_xts_swapiv(__be32 *dst, const u8 *src, unsigned int ivsize)
--{
--	u8 swap[QCE_AES_IV_LENGTH];
--	u32 i, j;
--
--	if (ivsize > QCE_AES_IV_LENGTH)
--		return;
--
--	memset(swap, 0, QCE_AES_IV_LENGTH);
--
--	for (i = (QCE_AES_IV_LENGTH - ivsize), j = ivsize - 1;
--	     i < QCE_AES_IV_LENGTH; i++, j--)
--		swap[i] = src[j];
--
--	qce_cpu_to_be32p_array(dst, swap, QCE_AES_IV_LENGTH);
--}
--
--static void qce_xtskey(struct qce_device *qce, const u8 *enckey,
--		       unsigned int enckeylen, unsigned int cryptlen)
--{
--	u32 xtskey[QCE_MAX_CIPHER_KEY_SIZE / sizeof(u32)] = {0};
--	unsigned int xtsklen = enckeylen / (2 * sizeof(u32));
--	unsigned int xtsdusize;
--
--	qce_cpu_to_be32p_array((__be32 *)xtskey, enckey + enckeylen / 2,
--			       enckeylen / 2);
--	qce_write_array(qce, REG_ENCR_XTS_KEY0, xtskey, xtsklen);
--
--	/* xts du size 512B */
--	xtsdusize = min_t(u32, QCE_SECTOR_SIZE, cryptlen);
--	qce_write(qce, REG_ENCR_XTS_DU_SIZE, xtsdusize);
--}
--
--static void qce_setup_config(struct qce_device *qce)
--{
--	u32 config;
--
--	/* get big endianness */
--	config = qce_config_reg(qce, 0);
--
--	/* clear status */
--	qce_write(qce, REG_STATUS, 0);
--	qce_write(qce, REG_CONFIG, config);
--}
--
--static inline void qce_crypto_go(struct qce_device *qce)
--{
--	qce_write(qce, REG_GOPROC, BIT(GO_SHIFT) | BIT(RESULTS_DUMP_SHIFT));
--}
--
- static int qce_setup_regs_ahash(struct crypto_async_request *async_req,
- 				u32 totallen, u32 offset)
- {
-@@ -303,6 +225,87 @@ go_proc:
- 
- 	return 0;
- }
-+#endif
-+
-+#ifdef CONFIG_CRYPTO_DEV_QCE_SKCIPHER
-+static u32 qce_encr_cfg(unsigned long flags, u32 aes_key_size)
-+{
-+	u32 cfg = 0;
-+
-+	if (IS_AES(flags)) {
-+		if (aes_key_size == AES_KEYSIZE_128)
-+			cfg |= ENCR_KEY_SZ_AES128 << ENCR_KEY_SZ_SHIFT;
-+		else if (aes_key_size == AES_KEYSIZE_256)
-+			cfg |= ENCR_KEY_SZ_AES256 << ENCR_KEY_SZ_SHIFT;
-+	}
-+
-+	if (IS_AES(flags))
-+		cfg |= ENCR_ALG_AES << ENCR_ALG_SHIFT;
-+	else if (IS_DES(flags) || IS_3DES(flags))
-+		cfg |= ENCR_ALG_DES << ENCR_ALG_SHIFT;
-+
-+	if (IS_DES(flags))
-+		cfg |= ENCR_KEY_SZ_DES << ENCR_KEY_SZ_SHIFT;
-+
-+	if (IS_3DES(flags))
-+		cfg |= ENCR_KEY_SZ_3DES << ENCR_KEY_SZ_SHIFT;
-+
-+	switch (flags & QCE_MODE_MASK) {
-+	case QCE_MODE_ECB:
-+		cfg |= ENCR_MODE_ECB << ENCR_MODE_SHIFT;
-+		break;
-+	case QCE_MODE_CBC:
-+		cfg |= ENCR_MODE_CBC << ENCR_MODE_SHIFT;
-+		break;
-+	case QCE_MODE_CTR:
-+		cfg |= ENCR_MODE_CTR << ENCR_MODE_SHIFT;
-+		break;
-+	case QCE_MODE_XTS:
-+		cfg |= ENCR_MODE_XTS << ENCR_MODE_SHIFT;
-+		break;
-+	case QCE_MODE_CCM:
-+		cfg |= ENCR_MODE_CCM << ENCR_MODE_SHIFT;
-+		cfg |= LAST_CCM_XFR << LAST_CCM_SHIFT;
-+		break;
-+	default:
-+		return ~0;
-+	}
-+
-+	return cfg;
-+}
-+
-+static void qce_xts_swapiv(__be32 *dst, const u8 *src, unsigned int ivsize)
-+{
-+	u8 swap[QCE_AES_IV_LENGTH];
-+	u32 i, j;
-+
-+	if (ivsize > QCE_AES_IV_LENGTH)
-+		return;
-+
-+	memset(swap, 0, QCE_AES_IV_LENGTH);
-+
-+	for (i = (QCE_AES_IV_LENGTH - ivsize), j = ivsize - 1;
-+	     i < QCE_AES_IV_LENGTH; i++, j--)
-+		swap[i] = src[j];
-+
-+	qce_cpu_to_be32p_array(dst, swap, QCE_AES_IV_LENGTH);
-+}
-+
-+static void qce_xtskey(struct qce_device *qce, const u8 *enckey,
-+		       unsigned int enckeylen, unsigned int cryptlen)
-+{
-+	u32 xtskey[QCE_MAX_CIPHER_KEY_SIZE / sizeof(u32)] = {0};
-+	unsigned int xtsklen = enckeylen / (2 * sizeof(u32));
-+	unsigned int xtsdusize;
-+
-+	qce_cpu_to_be32p_array((__be32 *)xtskey, enckey + enckeylen / 2,
-+			       enckeylen / 2);
-+	qce_write_array(qce, REG_ENCR_XTS_KEY0, xtskey, xtsklen);
-+
-+	/* xts du size 512B */
-+	xtsdusize = min_t(u32, QCE_SECTOR_SIZE, cryptlen);
-+	qce_write(qce, REG_ENCR_XTS_DU_SIZE, xtsdusize);
-+}
- 
- static int qce_setup_regs_skcipher(struct crypto_async_request *async_req,
- 				     u32 totallen, u32 offset)
-@@ -384,15 +387,20 @@ static int qce_setup_regs_skcipher(struc
- 
- 	return 0;
- }
-+#endif
- 
- int qce_start(struct crypto_async_request *async_req, u32 type, u32 totallen,
- 	      u32 offset)
- {
- 	switch (type) {
-+#ifdef CONFIG_CRYPTO_DEV_QCE_SKCIPHER
- 	case CRYPTO_ALG_TYPE_SKCIPHER:
- 		return qce_setup_regs_skcipher(async_req, totallen, offset);
-+#endif
-+#ifdef CONFIG_CRYPTO_DEV_QCE_SHA
- 	case CRYPTO_ALG_TYPE_AHASH:
- 		return qce_setup_regs_ahash(async_req, totallen, offset);
-+#endif
- 	default:
- 		return -EINVAL;
- 	}
---- a/drivers/crypto/qce/core.c
-+++ b/drivers/crypto/qce/core.c
-@@ -22,8 +22,12 @@
- #define QCE_QUEUE_LENGTH	1
- 
- static const struct qce_algo_ops *qce_ops[] = {
-+#ifdef CONFIG_CRYPTO_DEV_QCE_SKCIPHER
- 	&skcipher_ops,
-+#endif
-+#ifdef CONFIG_CRYPTO_DEV_QCE_SHA
- 	&ahash_ops,
-+#endif
- };
- 
- static void qce_unregister_algs(struct qce_device *qce)
diff --git a/target/linux/ipq40xx/patches-5.4/0015-v5.7-crypto-qce-use-AES-fallback-for-small-requests.patch b/target/linux/ipq40xx/patches-5.4/0015-v5.7-crypto-qce-use-AES-fallback-for-small-requests.patch
deleted file mode 100644
index 0b5c8c6d6..000000000
--- a/target/linux/ipq40xx/patches-5.4/0015-v5.7-crypto-qce-use-AES-fallback-for-small-requests.patch
+++ /dev/null
@@ -1,113 +0,0 @@
-From ce163ba0bf298f1707321ac025ef639f88e62801 Mon Sep 17 00:00:00 2001
-From: Eneas U de Queiroz <cotequeiroz@gmail.com>
-Date: Fri, 7 Feb 2020 12:02:26 -0300
-Subject: [PATCH 10/11] crypto: qce - use AES fallback for small requests
-
-Process small blocks using the fallback cipher, as a workaround for an
-observed failure (DMA-related, apparently) when computing the GCM ghash
-key.  This brings a speed gain as well, since it avoids the latency of
-using the hardware engine to process small blocks.
-
-Using software for all 16-byte requests would be enough to make GCM
-work, but to increase performance, a larger threshold would be better.
-Measuring the performance of supported ciphers with openssl speed,
-software matches hardware at around 768-1024 bytes.
-
-Considering the 256-bit ciphers, software is 2-3 times faster than qce
-at 256-bytes, 30% faster at 512, and about even at 768-bytes.  With
-128-bit keys, the break-even point would be around 1024-bytes.
-
-This adds the 'aes_sw_max_len' parameter, to set the largest request
-length processed by the software fallback.  Its default is being set to
-512 bytes, a little lower than the break-even point, to balance the cost
-in CPU usage.
-
-Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
-Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
----
-
---- a/drivers/crypto/Kconfig
-+++ b/drivers/crypto/Kconfig
-@@ -684,6 +684,29 @@ choice
- 
- endchoice
- 
-+config CRYPTO_DEV_QCE_SW_MAX_LEN
-+	int "Default maximum request size to use software for AES"
-+	depends on CRYPTO_DEV_QCE && CRYPTO_DEV_QCE_SKCIPHER
-+	default 512
-+	help
-+	  This sets the default maximum request size to perform AES requests
-+	  using software instead of the crypto engine.  It can be changed by
-+	  setting the aes_sw_max_len parameter.
-+
-+	  Small blocks are processed faster in software than hardware.
-+	  Considering the 256-bit ciphers, software is 2-3 times faster than
-+	  qce at 256-bytes, 30% faster at 512, and about even at 768-bytes.
-+	  With 128-bit keys, the break-even point would be around 1024-bytes.
-+
-+	  The default is set a little lower, to 512 bytes, to balance the
-+	  cost in CPU usage.  The minimum recommended setting is 16-bytes
-+	  (1 AES block), since AES-GCM will fail if you set it lower.
-+	  Setting this to zero will send all requests to the hardware.
-+
-+	  Note that 192-bit keys are not supported by the hardware and are
-+	  always processed by the software fallback, and all DES requests
-+	  are done by the hardware.
-+
- config CRYPTO_DEV_QCOM_RNG
- 	tristate "Qualcomm Random Number Generator Driver"
- 	depends on ARCH_QCOM || COMPILE_TEST
---- a/drivers/crypto/qce/skcipher.c
-+++ b/drivers/crypto/qce/skcipher.c
-@@ -5,6 +5,7 @@
- 
- #include <linux/device.h>
- #include <linux/interrupt.h>
-+#include <linux/moduleparam.h>
- #include <linux/types.h>
- #include <crypto/aes.h>
- #include <crypto/internal/des.h>
-@@ -12,6 +13,13 @@
- 
- #include "cipher.h"
- 
-+static unsigned int aes_sw_max_len = CONFIG_CRYPTO_DEV_QCE_SW_MAX_LEN;
-+module_param(aes_sw_max_len, uint, 0644);
-+MODULE_PARM_DESC(aes_sw_max_len,
-+		 "Only use hardware for AES requests larger than this "
-+		 "[0=always use hardware; anything <16 breaks AES-GCM; default="
-+		 __stringify(CONFIG_CRYPTO_DEV_QCE_SOFT_THRESHOLD)"]");
-+
- static LIST_HEAD(skcipher_algs);
- 
- static void qce_skcipher_done(void *data)
-@@ -166,15 +174,10 @@ static int qce_skcipher_setkey(struct cr
- 	switch (IS_XTS(flags) ? keylen >> 1 : keylen) {
- 	case AES_KEYSIZE_128:
- 	case AES_KEYSIZE_256:
-+		memcpy(ctx->enc_key, key, keylen);
- 		break;
--	default:
--		goto fallback;
- 	}
- 
--	ctx->enc_keylen = keylen;
--	memcpy(ctx->enc_key, key, keylen);
--	return 0;
--fallback:
- 	ret = crypto_sync_skcipher_setkey(ctx->fallback, key, keylen);
- 	if (!ret)
- 		ctx->enc_keylen = keylen;
-@@ -224,8 +227,9 @@ static int qce_skcipher_crypt(struct skc
- 	rctx->flags |= encrypt ? QCE_ENCRYPT : QCE_DECRYPT;
- 	keylen = IS_XTS(rctx->flags) ? ctx->enc_keylen >> 1 : ctx->enc_keylen;
- 
--	if (IS_AES(rctx->flags) && keylen != AES_KEYSIZE_128 &&
--	    keylen != AES_KEYSIZE_256) {
-+	if (IS_AES(rctx->flags) &&
-+	    ((keylen != AES_KEYSIZE_128 && keylen != AES_KEYSIZE_256) ||
-+	     req->cryptlen <= aes_sw_max_len)) {
- 		SYNC_SKCIPHER_REQUEST_ON_STACK(subreq, ctx->fallback);
- 
- 		skcipher_request_set_sync_tfm(subreq, ctx->fallback);