Re: Clarification of allowed context for crypto routines

From: Herbert Xu
Date: Fri Jan 23 2009 - 17:32:14 EST

Andrey Borzenkov <arvidjaar@xxxxxxx> wrote:
> As I can understand, user context requirement is due to potential for
> setkey to sleep (although it appears, that currently the only module
> that can sleep is shash which is calling kmalloc with GFP_KERNEL). Is it
> correct?


> But where is the difference between hard and softirq contexts? I fail to
> see any technical reason for this requirement.

The reasons are two-fold:

1) Crypto operations are so slow in general that if you did them
in hard IRQ context it would just be wrong;

2) The highmem primitives we use are currently softirq only. We
could make them work for hardirq as well, but because of 1) we

Visit Openswan at
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page:
PGP Key:
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at