diff --git a/barbican/plugin/crypto/p11_crypto.py b/barbican/plugin/crypto/p11_crypto.py
index 59c94409e..ee8dcd506 100644
--- a/barbican/plugin/crypto/p11_crypto.py
+++ b/barbican/plugin/crypto/p11_crypto.py
@@ -78,9 +78,9 @@ p11_crypto_plugin_opts = [
     cfg.StrOpt('plugin_name',
                help=u._('User friendly plugin name'),
                default='PKCS11 HSM'),
-    cfg.BoolOpt('generate_iv',
-                help=u._('Flag for plugin generated iv case'),
-                default=False),
+    cfg.BoolOpt('aes_gcm_generate_iv',
+                help=u._('Generate IVs for CKM_AES_GCM mechanism.'),
+                default=True, deprecated_name='generate_iv'),
 ]
 CONF.register_group(p11_crypto_plugin_group)
 CONF.register_opts(p11_crypto_plugin_opts, group=p11_crypto_plugin_group)
@@ -301,7 +301,7 @@ class P11CryptoPlugin(plugin.CryptoPluginBase):
             encryption_mechanism=plugin_conf.encryption_mechanism,
             ffi=ffi,
             seed_random_buffer=seed_random_buffer,
-            generate_iv=plugin_conf.generate_iv,
+            generate_iv=plugin_conf.aes_gcm_generate_iv,
         )
 
     def _reinitialize_pkcs11(self):
diff --git a/barbican/plugin/crypto/pkcs11.py b/barbican/plugin/crypto/pkcs11.py
index 6597c0fe9..d33e7fcfb 100644
--- a/barbican/plugin/crypto/pkcs11.py
+++ b/barbican/plugin/crypto/pkcs11.py
@@ -561,7 +561,9 @@ class PKCS11(object):
         return self._VENDOR_SAFENET_CKM_AES_GCM_encrypt(key, pt_data, session)
 
     def _CKM_AES_GCM_decrypt(self, key, iv, ct_data, session):
-        return self._VENDOR_SAFENET_CKM_AES_GCM_decrypt(key, ct_data, session)
+        return self._VENDOR_SAFENET_CKM_AES_GCM_decrypt(
+            key, iv, ct_data, session
+        )
 
     def decrypt(self, mechanism, key, iv, ct_data, session):
         if mechanism not in _ENCRYPTION_MECHANISMS:
diff --git a/releasenotes/notes/renamed-generate-iv-option-29770cfcff8e3b83.yaml b/releasenotes/notes/renamed-generate-iv-option-29770cfcff8e3b83.yaml
new file mode 100644
index 000000000..dbb941c39
--- /dev/null
+++ b/releasenotes/notes/renamed-generate-iv-option-29770cfcff8e3b83.yaml
@@ -0,0 +1,6 @@
+---
+deprecations:
+  - |
+    Deprecated the `generate_iv` option name.  It has been renamed to
+    `aes_gcm_generate_iv` to reflect the fact that it only applies to the
+    CKM_AES_GCM mechanism.