Comment 6 for bug 1928207

The OpenWRT kernel that you're using seems to have an out-of-tree crypto driver that's likely at fault here. You'll notice in your /proc/crypto file that the highest priority "cbc(aes)" implementation is "nss-cbc-aes". Those "nss-*" drivers are provided by the "qca_nss_cfi_cryptoapi" module. AFAICT, that's an out-of-tree driver and I don't see any mention of it in the upstream kernel. This is something that will need to be sorted out by the OpenWRT team instead of upstream eCryptfs.