Do not allow the crypto core to reschedule while processing RPC requests. gss_krb5_crypto.c does make crypto API calls in process context. However: - When handling a received Call, rescheduling can introduce latencies that result in processing delays causing a request to fall outside the GSS sequence number window. When that occurs, the server is required to drop that request and the connection on which it arrived. - On the client side, ostensibly RPC tasks are not supposed to sleep or reschedule outside the RPC scheduler. Otherwise there is a risk of deadlock. Generally speaking, the risk of removing the cond_resched() is low. A block of data handled in these paths will not exceed 1MB + a little a overhead, and processing a single RPC is already appropriately interleaved amongst both processes and CPUs. Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx> --- net/sunrpc/auth_gss/gss_krb5_crypto.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c index e7180da1fc6a..083438f73e52 100644 --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c @@ -209,7 +209,7 @@ make_checksum_hmac_md5(struct krb5_ctx *kctx, char *header, int hdrlen, if (!req) goto out_free_hmac_md5; - ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); + ahash_request_set_callback(req, 0, NULL, NULL); err = crypto_ahash_init(req); if (err) @@ -239,7 +239,7 @@ make_checksum_hmac_md5(struct krb5_ctx *kctx, char *header, int hdrlen, if (!req) goto out_free_hmac_md5; - ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); + ahash_request_set_callback(req, 0, NULL, NULL); err = crypto_ahash_setkey(hmac_md5, cksumkey, kctx->gk5e->keylength); if (err) @@ -307,7 +307,7 @@ make_checksum(struct krb5_ctx *kctx, char *header, int hdrlen, if (!req) goto out_free_ahash; - ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); + ahash_request_set_callback(req, 0, NULL, NULL); checksumlen = crypto_ahash_digestsize(tfm); @@ -403,7 +403,7 @@ make_checksum_v2(struct krb5_ctx *kctx, char *header, int hdrlen, if (!req) goto out_free_ahash; - ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); + ahash_request_set_callback(req, 0, NULL, NULL); err = crypto_ahash_setkey(tfm, cksumkey, kctx->gk5e->keylength); if (err)