Index: sys/opencrypto/cryptosoft.h
===================================================================
--- sys/opencrypto/cryptosoft.h
+++ sys/opencrypto/cryptosoft.h
@@ -58,6 +58,7 @@
 };
 
 struct swcr_session {
+	struct mtx	swcr_lock;
 	struct swcr_data swcr_algorithms[2];
 	unsigned swcr_nalgs;
 };
Index: sys/opencrypto/cryptosoft.c
===================================================================
--- sys/opencrypto/cryptosoft.c
+++ sys/opencrypto/cryptosoft.c
@@ -45,6 +45,7 @@
 #include <sys/rwlock.h>
 #include <sys/endian.h>
 #include <sys/limits.h>
+#include <sys/mutex.h>
 
 #include <crypto/blowfish/blowfish.h>
 #include <crypto/sha1.h>
@@ -765,7 +766,8 @@
 		return EINVAL;
 
 	ses = crypto_get_driver_session(cses);
-
+	mtx_init(&ses->swcr_lock, "swcr session lock", NULL, MTX_DEF);
+	
 	for (i = 0; cri != NULL && i < nitems(ses->swcr_algorithms); i++) {
 		swd = &ses->swcr_algorithms[i];
 
@@ -1022,6 +1024,7 @@
 
 	ses = crypto_get_driver_session(cses);
 
+	mtx_destroy(&ses->swcr_lock);
 	for (i = 0; i < nitems(ses->swcr_algorithms); i++) {
 		swd = &ses->swcr_algorithms[i];
 
@@ -1109,7 +1112,7 @@
 static int
 swcr_process(device_t dev, struct cryptop *crp, int hint)
 {
-	struct swcr_session *ses;
+	struct swcr_session *ses = NULL;
 	struct cryptodesc *crd;
 	struct swcr_data *sw;
 	size_t i;
@@ -1124,6 +1127,7 @@
 	}
 
 	ses = crypto_get_driver_session(crp->crp_session);
+	mtx_lock(&ses->swcr_lock);
 
 	/* Go through crypto descriptors, processing as we go */
 	for (crd = crp->crp_desc; crd; crd = crd->crd_next) {
@@ -1213,6 +1217,8 @@
 	}
 
 done:
+	if (ses)
+		mtx_unlock(&ses->swcr_lock);
 	crypto_done(crp);
 	return 0;
 }
Index: tools/tools/crypto/cryptocheck.c
===================================================================
--- tools/tools/crypto/cryptocheck.c
+++ tools/tools/crypto/cryptocheck.c
@@ -155,10 +155,12 @@
 	  .evp_md = EVP_sha384 },
 	{ .name = "sha512hmac", .mac = CRYPTO_SHA2_512_HMAC, .type = T_HMAC,
 	  .evp_md = EVP_sha512 },
+#ifdef EVP_blake2b512
 	{ .name = "blake2b", .mac = CRYPTO_BLAKE2B, .type = T_HASH,
 	  .evp_md = EVP_blake2b512 },
 	{ .name = "blake2s", .mac = CRYPTO_BLAKE2S, .type = T_HASH,
 	  .evp_md = EVP_blake2s256 },
+#endif
 	{ .name = "aes-cbc", .cipher = CRYPTO_AES_CBC, .type = T_BLKCIPHER,
 	  .evp_cipher = EVP_aes_128_cbc },
 	{ .name = "aes-cbc192", .cipher = CRYPTO_AES_CBC, .type = T_BLKCIPHER,
@@ -175,8 +177,10 @@
 	  .evp_cipher = EVP_aes_128_xts },
 	{ .name = "aes-xts256", .cipher = CRYPTO_AES_XTS, .type = T_BLKCIPHER,
 	  .evp_cipher = EVP_aes_256_xts },
+#ifdef EVP_chacha20
 	{ .name = "chacha20", .cipher = CRYPTO_CHACHA20, .type = T_BLKCIPHER,
 	  .evp_cipher = EVP_chacha20 },
+#endif
 	{ .name = "aes-gcm", .cipher = CRYPTO_AES_NIST_GCM_16,
 	  .mac = CRYPTO_AES_128_NIST_GMAC, .type = T_GCM,
 	  .evp_cipher = EVP_aes_128_gcm },