Re: [PATCH 3/7] crypto: powerpc/md5 - Remove PowerPC optimized MD5 code

[Eric Biggers <ebiggers@kernel.org>]

On Tue, Aug 05, 2025 at 08:27:14AM +0200, Christophe Leroy wrote:
> > What?  That's crazy.  Userspace MD5 code would be faster and more
> > reliable.  No need to make syscalls, transfer data to and from the
> > kernel, have an external dependency, etc.  Is this the coreutils md5sum?
> > We need to get this reported and fixed.
> 
> Content of files is already buffered inside the kernel. likcapi doesn't
> tranfer data, it uses splice().
> 
> As far as I know, coreutil is not able to use the TALITOS Security engine we
> have on the mpc885 and mpc8321 microcontroleurs. We primarily use libkcapi
> for that.
> 
> In order to keep things consistant, we use the same userspace on boards
> which don't have a security engine, ie the mpc866, we rely on the kernel
> providing an optimised software implementation fallback.

Even if the data is transferred in a zero-copy manner, the AF_ALG
version still has a lot of overhead from system calls.  Running the
exact same PPC optimized code in userspace would of course be faster.

Now, it sounds like you don't have the PPC optimized MD5 code in
userspace, and that's why you're measuring the AF_ALG based md5sum to be
faster.  But that's just the wrong design, and it does not give optimal
performance.  The fact that the kernel allows access to software code
via AF_ALG is basically a bug.

For now we'll keep the PPC optimized MD5 around in the kernel to
accomodate userspace code that is depending on this bug, but for future
reference we don't add new software implementations purely for use by
userspace.  (And BTW this is nothing new; this has already been the
policy for many years.)  Please work to bring the optimized code you
need into userspace.  For example contribute it to OpenSSL.

- Eric