From: Eric Biggers <ebiggers@kernel.org>
To: AlanSong-oc <AlanSong-oc@zhaoxin.com>
Cc: herbert@gondor.apana.org.au, davem@davemloft.net,
Jason@zx2c4.com, ardb@kernel.org, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org, x86@kernel.org,
CobeChen@zhaoxin.com, TonyWWang-oc@zhaoxin.com,
YunShen@zhaoxin.com, GeorgeXue@zhaoxin.com, LeoLiu@zhaoxin.com,
HansHu@zhaoxin.com
Subject: Re: [PATCH v3 2/3] lib/crypto: x86/sha1: PHE Extensions optimized SHA1 transform function
Date: Wed, 11 Mar 2026 21:03:49 -0700 [thread overview]
Message-ID: <20260312040349.GA2359@sol> (raw)
In-Reply-To: <5fe5b47d-5065-4e74-b2b3-4685e74a1130@zhaoxin.com>
On Wed, Mar 11, 2026 at 07:37:39PM +0800, AlanSong-oc wrote:
> > I also have to ask: are you sure you need SHA-1 to be optimized at all?
> > SHA-1 has been deprecated for a long time. Most users have moved to
> > SHA-256 and other stronger algorithms, and those that haven't need to
> > move very soon. There's little value in adding new optimized code for
> > SHA-1.
> >
> > How about simplifying your patch to just SHA-256? Then we can focus on
> > the one that's actually important and not on the deprecated SHA-1.
>
> It is true that SHA-1 is rarely used by most users today. However, it
> may still be needed in certain scenarios. For those cases, we would like
> to add support for the XHSA1 instruction to accelerate SHA-1.
>
> Does the crypto community have any plans to remove SHA-1 support in
> recent kernel versions?
It's already possible to build a kernel without SHA-1 support. SHA-1
has been cryptographically broken and is considered obsolete.
Performance-critical hashing in the kernel already tends to use SHA-256.
These patches already feel marginal, as they are being pushed without
QEMU support, so the community will be unable to test them. The only
reason I would consider accepting them without QEMU support is because
there was already code in drivers/crypto/ that used these instructions.
It also helps that they are just single instructions. Though, even with
that I still found a bug in the proposed code as well as errors in the
CPU documentation, as mentioned. And the drivers/crypto/ implementation
that uses these instructions is broken too, as you're aware of.
Overall, it's clear that platform-specific routines like this are very
risky to maintain without adequate testing. Yet, correctness is the
first priority in cryptographic code.
So I would suggest that to reduce the risk, we focus on just one
algorithm, SHA-256. Note that this makes your job easier, as well.
- Eric
next prev parent reply other threads:[~2026-03-12 4:04 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-16 7:15 [PATCH v3 0/3] lib/crypto: x86/sha: Add PHE Extensions support AlanSong-oc
2026-01-16 7:15 ` [PATCH v3 1/3] crypto: padlock-sha - Disable for Zhaoxin processor AlanSong-oc
2026-01-18 0:09 ` Eric Biggers
2026-03-05 1:36 ` AlanSong-oc
2026-01-16 7:15 ` [PATCH v3 2/3] lib/crypto: x86/sha1: PHE Extensions optimized SHA1 transform function AlanSong-oc
2026-01-18 0:31 ` Eric Biggers
2026-03-05 1:37 ` AlanSong-oc
2026-03-05 19:18 ` Eric Biggers
2026-03-11 11:37 ` AlanSong-oc
2026-03-12 4:03 ` Eric Biggers [this message]
2026-03-13 2:58 ` AlanSong-oc
2026-03-13 3:28 ` Eric Biggers
2026-01-16 7:15 ` [PATCH v3 3/3] lib/crypto: x86/sha256: PHE Extensions optimized SHA256 " AlanSong-oc
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260312040349.GA2359@sol \
--to=ebiggers@kernel.org \
--cc=AlanSong-oc@zhaoxin.com \
--cc=CobeChen@zhaoxin.com \
--cc=GeorgeXue@zhaoxin.com \
--cc=HansHu@zhaoxin.com \
--cc=Jason@zx2c4.com \
--cc=LeoLiu@zhaoxin.com \
--cc=TonyWWang-oc@zhaoxin.com \
--cc=YunShen@zhaoxin.com \
--cc=ardb@kernel.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.