The only issue i have with jmg@ locking patch is that it provides consistency for userland threads but i still do not see how it solves the panic due to FPU on a migrated thread!

So i would split this patch further more into the constants changes done to crypto code for introducing the new variable and the ipsec changes without the aesni hooks.

This would allow the changes to be even more review-able/acceptable by others, if needed.

In D2936#57341, @eri wrote:

The only issue i have with jmg@ locking patch is that it provides consistency for userland threads but i still do not see how it solves the panic due to FPU on a migrated thread!

Did my reply to you the other day answer your questions about this? That even if the thread migrates to another CPU, it still holds the original lock for the original CPU's fpu context, and if another thread runs on the original CPU, it cannot lock the mutex, and therefor will not have an issue w/ fpu reuse.

gnn, I need to rev my locking patch after more comments from kib. Once I get my git repo organized, I'll post a formal review for the locking patch.

So i would split this patch further more into the constants changes done to crypto code for introducing the new variable and the ipsec changes without the aesni hooks.

I agree w/ this. Also, some of the userland ipsec stuff can (and should) be committed w/o the kernel stuff.

This would allow the changes to be even more review-able/acceptable by others, if needed.

I'll commit the user space stuff now (setkey and associated files) and wait on your locking patch for the rest.