longli@xxxxxxxxxxxxxxxxx writes: > On the sending and receiving paths, CIFS uses the same cypto data structures > to calculate SMB2/SMB3 packet signatures. A lock on the receiving path is > necessary to control shared access to crypto data structures. This lock > degrades performance because it races with the sending path. > > Define separate crypto data structures for sending and receiving paths and > remove this lock. Something I've often wondered: why do we keep crypto state in the server structure instead of creating it as needed in the caller stack (thus avoiding the need for locks). AFAIK there's no state that need to be kept between signing/encrypting calls beside the access to keys. Is it that expensive to create/release? Cheers, -- Aurélien Aptel / SUSE Labs Samba Team GPG: 1839 CB5F 9F5B FB9B AA97 8C99 03C8 A49B 521B D5D3 SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg, DE GF: Felix Imendörffer, Mary Higgins, Sri Rasiah HRB 247165 (AG München)