From: Eric Biggers <ebiggers@kernel.org>
To: AlanSong-oc <AlanSong-oc@zhaoxin.com>
Cc: herbert@gondor.apana.org.au, davem@davemloft.net,
Jason@zx2c4.com, ardb@kernel.org, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org, x86@kernel.org,
CobeChen@zhaoxin.com, TonyWWang-oc@zhaoxin.com,
YunShen@zhaoxin.com, GeorgeXue@zhaoxin.com, LeoLiu@zhaoxin.com,
HansHu@zhaoxin.com
Subject: Re: [PATCH v3 2/3] lib/crypto: x86/sha1: PHE Extensions optimized SHA1 transform function
Date: Wed, 11 Mar 2026 21:03:49 -0700 [thread overview]
Message-ID: <20260312040349.GA2359@sol> (raw)
In-Reply-To: <5fe5b47d-5065-4e74-b2b3-4685e74a1130@zhaoxin.com>
On Wed, Mar 11, 2026 at 07:37:39PM +0800, AlanSong-oc wrote:
> > I also have to ask: are you sure you need SHA-1 to be optimized at all?
> > SHA-1 has been deprecated for a long time. Most users have moved to
> > SHA-256 and other stronger algorithms, and those that haven't need to
> > move very soon. There's little value in adding new optimized code for
> > SHA-1.
> >
> > How about simplifying your patch to just SHA-256? Then we can focus on
> > the one that's actually important and not on the deprecated SHA-1.
>
> It is true that SHA-1 is rarely used by most users today. However, it
> may still be needed in certain scenarios. For those cases, we would like
> to add support for the XHSA1 instruction to accelerate SHA-1.
>
> Does the crypto community have any plans to remove SHA-1 support in
> recent kernel versions?
It's already possible to build a kernel without SHA-1 support. SHA-1
has been cryptographically broken and is considered obsolete.
Performance-critical hashing in the kernel already tends to use SHA-256.
These patches already feel marginal, as they are being pushed without
QEMU support, so the community will be unable to test them. The only
reason I would consider accepting them without QEMU support is because
there was already code in drivers/crypto/ that used these instructions.
It also helps that they are just single instructions. Though, even with
that I still found a bug in the proposed code as well as errors in the
CPU documentation, as mentioned. And the drivers/crypto/ implementation
that uses these instructions is broken too, as you're aware of.
Overall, it's clear that platform-specific routines like this are very
risky to maintain without adequate testing. Yet, correctness is the
first priority in cryptographic code.
So I would suggest that to reduce the risk, we focus on just one
algorithm, SHA-256. Note that this makes your job easier, as well.
- Eric
next prev parent reply other threads:[~2026-03-12 4:04 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-16 7:15 [PATCH v3 0/3] lib/crypto: x86/sha: Add PHE Extensions support AlanSong-oc
2026-01-16 7:15 ` [PATCH v3 1/3] crypto: padlock-sha - Disable for Zhaoxin processor AlanSong-oc
2026-01-18 0:09 ` Eric Biggers
2026-03-05 1:36 ` AlanSong-oc
2026-01-16 7:15 ` [PATCH v3 2/3] lib/crypto: x86/sha1: PHE Extensions optimized SHA1 transform function AlanSong-oc
2026-01-18 0:31 ` Eric Biggers
2026-03-05 1:37 ` AlanSong-oc
2026-03-05 19:18 ` Eric Biggers
2026-03-11 11:37 ` AlanSong-oc
2026-03-12 4:03 ` Eric Biggers [this message]
2026-03-13 2:58 ` AlanSong-oc
2026-03-13 3:28 ` Eric Biggers
2026-01-16 7:15 ` [PATCH v3 3/3] lib/crypto: x86/sha256: PHE Extensions optimized SHA256 " AlanSong-oc
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260312040349.GA2359@sol \
--to=ebiggers@kernel.org \
--cc=AlanSong-oc@zhaoxin.com \
--cc=CobeChen@zhaoxin.com \
--cc=GeorgeXue@zhaoxin.com \
--cc=HansHu@zhaoxin.com \
--cc=Jason@zx2c4.com \
--cc=LeoLiu@zhaoxin.com \
--cc=TonyWWang-oc@zhaoxin.com \
--cc=YunShen@zhaoxin.com \
--cc=ardb@kernel.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox