RE: [PATCH] cifs: Remove locking in smb2_verify_signature() when calculating SMB2/SMB3 signature on receiving packets
From: Long Li
Date: Fri Mar 27 2020 - 01:42:00 EST
>Subject: Re: [PATCH] cifs: Remove locking in smb2_verify_signature() when
>calculating SMB2/SMB3 signature on receiving packets
>
>longli@xxxxxxxxxxxxxxxxx writes:
>> On the sending and receiving paths, CIFS uses the same cypto data
>> structures to calculate SMB2/SMB3 packet signatures. A lock on the
>> receiving path is necessary to control shared access to crypto data
>> structures. This lock degrades performance because it races with the
>sending path.
>>
>> Define separate crypto data structures for sending and receiving paths
>> and remove this lock.
>
>Something I've often wondered: why do we keep crypto state in the server
>structure instead of creating it as needed in the caller stack (thus avoiding the
>need for locks). AFAIK there's no state that need to be kept between
>signing/encrypting calls beside the access to keys. Is it that expensive to
>create/release?
My guess is that crypto_alloc_shash() is a heavy call?
>
>Cheers,
>--
>AurÃlien Aptel / SUSE Labs Samba Team
>GPG: 1839 CB5F 9F5B FB9B AA97 8C99 03C8 A49B 521B D5D3 SUSE Software
>Solutions Germany GmbH, Maxfeldstr. 5, 90409 NÃrnberg, DE
>GF: Felix ImendÃrffer, Mary Higgins, Sri Rasiah HRB 247165 (AG MÃnchen)