From: Holger Dengler <dengler@linux.ibm.com>
To: Eric Biggers <ebiggers@kernel.org>
Cc: David Howells <dhowells@redhat.com>,
Ard Biesheuvel <ardb@kernel.org>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, linux-s390@vger.kernel.org,
linux-crypto@vger.kernel.org
Subject: Re: [PATCH 15/17] lib/crypto: s390/sha3: Migrate optimized code into library
Date: Mon, 20 Oct 2025 16:00:42 +0200 [thread overview]
Message-ID: <51fc91b6-3a6e-44f7-ae93-aef0bcb48964@linux.ibm.com> (raw)
In-Reply-To: <20251020005038.661542-16-ebiggers@kernel.org>
On 20/10/2025 02:50, Eric Biggers wrote:
> Instead of exposing the s390-optimized SHA-3 code via s390-specific
> crypto_shash algorithms, instead just implement the sha3_absorb_blocks()
> and sha3_keccakf() library functions. This is much simpler, it makes
> the SHA-3 library functions be s390-optimized, and it fixes the
> longstanding issue where the s390-optimized SHA-3 code was disabled by
> default. SHA-3 still remains available through crypto_shash, but
> individual architectures no longer need to handle it.
>
> Note that the existing code used both CPACF_KIMD_SHA3_224 and
> CPACF_KIMD_SHA3_256 after checking for just CPACF_KIMD_SHA3_256, and
> similarly for 384 and 512. I've preserved that behavior.
>
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
The current code also cover a performance feature, which allows (on supported hardware, e.g. z17) to skip the ICV initialization. The support has been introduced with 88c02b3f79a6 ("s390/sha3: Support sha3 performance enhancements"). Unfortunately, this patch removes this support. Was this intended?
The get this feature back, we need to hook also into the init() function, set the according bit for the first message block and skip the initialization of the ICV.
Please also add me and Harald Freudenberger to the cc: list for this patch.
--
Mit freundlichen Grüßen / Kind regards
Holger Dengler
--
IBM Systems, Linux on IBM Z Development
dengler@linux.ibm.com
next prev parent reply other threads:[~2025-10-20 14:01 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-20 0:50 [PATCH 00/17] SHA-3 library Eric Biggers
2025-10-20 0:50 ` [PATCH 01/17] s390/sha3: Rename conflicting functions Eric Biggers
2025-10-20 0:50 ` [PATCH 02/17] arm64/sha3: " Eric Biggers
2025-10-20 0:50 ` [PATCH 03/17] lib/crypto: Add SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256 Eric Biggers
2025-10-20 7:07 ` Bagas Sanjaya
2025-10-20 10:39 ` David Howells
2025-10-20 23:54 ` Bagas Sanjaya
2025-10-20 0:50 ` [PATCH 04/17] lib/crypto: Move the SHA3 Iota transform into the single round function Eric Biggers
2025-10-20 0:50 ` [PATCH 05/17] lib/crypto: Add SHA3 kunit tests Eric Biggers
2025-10-20 0:50 ` [PATCH 06/17] lib/crypto: sha3: Fix libsha3 build condition Eric Biggers
2025-10-20 0:50 ` [PATCH 07/17] lib/crypto: sha3: Use appropriate conversions in sha3_keccakf_generic() Eric Biggers
2025-10-20 0:50 ` [PATCH 08/17] lib/crypto: sha3: Drop unfinished SHAKE support from gen-hash-testvecs.py Eric Biggers
2025-10-20 0:50 ` [PATCH 09/17] lib/crypto: sha3: Consistently use EXPORT_SYMBOL_GPL Eric Biggers
2025-10-20 0:50 ` [PATCH 10/17] lib/crypto: sha3: Replace redundant ad-hoc test with FIPS test Eric Biggers
2025-10-20 0:50 ` [PATCH 11/17] lib/crypto: sha3: Simplify the API Eric Biggers
2025-10-20 0:50 ` [PATCH 12/17] lib/crypto: sha3: Document one-shot functions in header and improve docs Eric Biggers
2025-10-20 0:50 ` [PATCH 13/17] crypto: arm64/sha3 - Update sha3_ce_transform() to prepare for library Eric Biggers
2025-10-20 0:50 ` [PATCH 14/17] lib/crypto: arm64/sha3: Migrate optimized code into library Eric Biggers
2025-10-20 0:50 ` [PATCH 15/17] lib/crypto: s390/sha3: " Eric Biggers
2025-10-20 14:00 ` Holger Dengler [this message]
2025-10-20 14:23 ` Holger Dengler
2025-10-20 17:57 ` Eric Biggers
2025-10-21 7:24 ` Holger Dengler
2025-10-21 8:43 ` Holger Dengler
2025-10-21 15:49 ` Eric Biggers
2025-10-24 14:24 ` Harald Freudenberger
2025-10-24 16:11 ` Eric Biggers
2025-10-20 0:50 ` [PATCH 16/17] crypto: jitterentropy - use default sha3 implementation Eric Biggers
2025-10-20 0:50 ` [PATCH 17/17] crypto: sha3 - Reimplement using library API Eric Biggers
2025-10-20 10:33 ` [PATCH 11/17] lib/crypto: sha3: Simplify the API David Howells
2025-10-20 17:18 ` Eric Biggers
2025-10-20 10:35 ` [PATCH 16/17] crypto: jitterentropy - use default sha3 implementation David Howells
2025-10-20 21:20 ` Eric Biggers
2025-10-21 6:53 ` [PATCH 17/17] crypto: sha3 - Reimplement using library API David Howells
2025-10-22 10:13 ` [PATCH 00/17] SHA-3 library Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51fc91b6-3a6e-44f7-ae93-aef0bcb48964@linux.ibm.com \
--to=dengler@linux.ibm.com \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).