[PATCH] lib/crypto: sparc: Drop optimized MD5 code

[PATCH] lib/crypto: sparc: Drop optimized MD5 code

[Eric Biggers]

MD5 is obsolete.  Continuing to maintain architecture-optimized
implementations of MD5 is unnecessary and risky.  It diverts resources
from the modern algorithms that are actually important.

While there was demand for continuing to maintain the PowerPC optimized
MD5 code to accommodate userspace programs that are misusing AF_ALG
(https://lore.kernel.org/linux-crypto/c4191597-341d-4fd7-bc3d-13daf7666c41@csgroup.eu/),
no such demand has been seen for the SPARC optimized MD5 code.

Thus, let's drop it and focus effort on the more modern SHA algorithms,
which already have optimized code for SPARC.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---

This patch is targeting libcrypto-next

 lib/crypto/Kconfig         |  1 -
 lib/crypto/Makefile        |  1 -
 lib/crypto/sparc/md5.h     | 48 --------------------------
 lib/crypto/sparc/md5_asm.S | 70 --------------------------------------
 4 files changed, 120 deletions(-)
 delete mode 100644 lib/crypto/sparc/md5.h
 delete mode 100644 lib/crypto/sparc/md5_asm.S

diff --git a/lib/crypto/Kconfig b/lib/crypto/Kconfig
index 4b6f593dc72f..a5246171a000 100644
--- a/lib/crypto/Kconfig
+++ b/lib/crypto/Kconfig
@@ -134,11 +134,10 @@ config CRYPTO_LIB_MD5
 config CRYPTO_LIB_MD5_ARCH
 	bool
 	depends on CRYPTO_LIB_MD5 && !UML
 	default y if MIPS && CPU_CAVIUM_OCTEON
 	default y if PPC
-	default y if SPARC64
 
 config CRYPTO_LIB_MLDSA
 	tristate
 	select CRYPTO_LIB_SHA3
 	help
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index ec1747f51d07..4b47a2e5c67c 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -186,11 +186,10 @@ clean-files += powerpc/ghashp8-ppc.S
 obj-$(CONFIG_CRYPTO_LIB_MD5) += libmd5.o
 libmd5-y := md5.o
 ifeq ($(CONFIG_CRYPTO_LIB_MD5_ARCH),y)
 CFLAGS_md5.o += -I$(src)/$(SRCARCH)
 libmd5-$(CONFIG_PPC) += powerpc/md5-asm.o
-libmd5-$(CONFIG_SPARC) += sparc/md5_asm.o
 endif # CONFIG_CRYPTO_LIB_MD5_ARCH
 
 ################################################################################
 
 obj-$(CONFIG_CRYPTO_LIB_MLDSA) += libmldsa.o
diff --git a/lib/crypto/sparc/md5.h b/lib/crypto/sparc/md5.h
deleted file mode 100644
index 3995f3e075eb..000000000000
--- a/lib/crypto/sparc/md5.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0-only */
-/*
- * MD5 accelerated using the sparc64 crypto opcodes
- *
- * Copyright (c) Alan Smithee.
- * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk>
- * Copyright (c) Jean-Francois Dive <jef@linuxbe.org>
- * Copyright (c) Mathias Krause <minipli@googlemail.com>
- * Copyright (c) Cryptoapi developers.
- * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
- */
-
-#include <asm/elf.h>
-#include <asm/opcodes.h>
-#include <asm/pstate.h>
-
-static __ro_after_init DEFINE_STATIC_KEY_FALSE(have_md5_opcodes);
-
-asmlinkage void md5_sparc64_transform(struct md5_block_state *state,
-				      const u8 *data, size_t nblocks);
-
-static void md5_blocks(struct md5_block_state *state,
-		       const u8 *data, size_t nblocks)
-{
-	if (static_branch_likely(&have_md5_opcodes)) {
-		cpu_to_le32_array(state->h, ARRAY_SIZE(state->h));
-		md5_sparc64_transform(state, data, nblocks);
-		le32_to_cpu_array(state->h, ARRAY_SIZE(state->h));
-	} else {
-		md5_blocks_generic(state, data, nblocks);
-	}
-}
-
-#define md5_mod_init_arch md5_mod_init_arch
-static void md5_mod_init_arch(void)
-{
-	unsigned long cfr;
-
-	if (!(sparc64_elf_hwcap & HWCAP_SPARC_CRYPTO))
-		return;
-
-	__asm__ __volatile__("rd %%asr26, %0" : "=r" (cfr));
-	if (!(cfr & CFR_MD5))
-		return;
-
-	static_branch_enable(&have_md5_opcodes);
-	pr_info("Using sparc64 md5 opcode optimized MD5 implementation\n");
-}
diff --git a/lib/crypto/sparc/md5_asm.S b/lib/crypto/sparc/md5_asm.S
deleted file mode 100644
index 60b544e4d205..000000000000
--- a/lib/crypto/sparc/md5_asm.S
+++ /dev/null
@@ -1,70 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0 */
-#include <linux/linkage.h>
-#include <asm/opcodes.h>
-#include <asm/visasm.h>
-
-ENTRY(md5_sparc64_transform)
-	/* %o0 = digest, %o1 = data, %o2 = rounds */
-	VISEntryHalf
-	ld	[%o0 + 0x00], %f0
-	ld	[%o0 + 0x04], %f1
-	andcc	%o1, 0x7, %g0
-	ld	[%o0 + 0x08], %f2
-	bne,pn	%xcc, 10f
-	 ld	[%o0 + 0x0c], %f3
-
-1:
-	ldd	[%o1 + 0x00], %f8
-	ldd	[%o1 + 0x08], %f10
-	ldd	[%o1 + 0x10], %f12
-	ldd	[%o1 + 0x18], %f14
-	ldd	[%o1 + 0x20], %f16
-	ldd	[%o1 + 0x28], %f18
-	ldd	[%o1 + 0x30], %f20
-	ldd	[%o1 + 0x38], %f22
-
-	MD5
-
-	subcc	%o2, 1, %o2
-	bne,pt	%xcc, 1b
-	 add	%o1, 0x40, %o1
-
-5:
-	st	%f0, [%o0 + 0x00]
-	st	%f1, [%o0 + 0x04]
-	st	%f2, [%o0 + 0x08]
-	st	%f3, [%o0 + 0x0c]
-	retl
-	 VISExitHalf
-10:
-	alignaddr %o1, %g0, %o1
-
-	ldd	[%o1 + 0x00], %f10
-1:
-	ldd	[%o1 + 0x08], %f12
-	ldd	[%o1 + 0x10], %f14
-	ldd	[%o1 + 0x18], %f16
-	ldd	[%o1 + 0x20], %f18
-	ldd	[%o1 + 0x28], %f20
-	ldd	[%o1 + 0x30], %f22
-	ldd	[%o1 + 0x38], %f24
-	ldd	[%o1 + 0x40], %f26
-
-	faligndata %f10, %f12, %f8
-	faligndata %f12, %f14, %f10
-	faligndata %f14, %f16, %f12
-	faligndata %f16, %f18, %f14
-	faligndata %f18, %f20, %f16
-	faligndata %f20, %f22, %f18
-	faligndata %f22, %f24, %f20
-	faligndata %f24, %f26, %f22
-
-	MD5
-
-	subcc	%o2, 1, %o2
-	fsrc2	%f26, %f10
-	bne,pt	%xcc, 1b
-	 add	%o1, 0x40, %o1
-
-	ba,a,pt	%xcc, 5b
-ENDPROC(md5_sparc64_transform)

base-commit: 7ac21b4032e5b9b8a6a312b6f1d54f4ba24d1c16
-- 
2.53.0

Re: [PATCH] lib/crypto: sparc: Drop optimized MD5 code

[John Paul Adrian Glaubitz]

On Thu, 2026-03-26 at 13:33 -0700, Eric Biggers wrote:
> MD5 is obsolete.  Continuing to maintain architecture-optimized
> implementations of MD5 is unnecessary and risky.  It diverts resources
> from the modern algorithms that are actually important.

Why is it risky? That makes no sense. I also don't see how it diverts
resources as no one is forced to work on the code.

SPARC is an architecture used by hobbyists and in space these days (in
the form of Leon). I don't think any other kernel developer will have
to take a look at it.

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer
`. `'   Physicist
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Re: [PATCH] lib/crypto: sparc: Drop optimized MD5 code

[Eric Biggers]

On Thu, Mar 26, 2026 at 10:51:01PM +0100, John Paul Adrian Glaubitz wrote:
> On Thu, 2026-03-26 at 13:33 -0700, Eric Biggers wrote:
> > MD5 is obsolete.  Continuing to maintain architecture-optimized
> > implementations of MD5 is unnecessary and risky.  It diverts resources
> > from the modern algorithms that are actually important.
> 
> Why is it risky? That makes no sense.

Because there can be issues in architecture-optimized algorithm
implementations that don't exist in the generic implementations.  That's
a very common class of issue that has repeated over time.

> I also don't see how it diverts resources as no one is forced to work
> on the code.
> 
> SPARC is an architecture used by hobbyists and in space these days (in
> the form of Leon). I don't think any other kernel developer will have
> to take a look at it.

Huh?  We've been refactoring how the various crypto and CRC algorithms
are integrated, for all architectures.

So people outside the SPARC community, especially myself, been having to
spend quite a bit of time updating the SPARC code so that it can still
be used.

And this isn't new.  I've had to patch arch/sparc/crypto/ many times
over the years as things change in the crypto subsystem.  Many other
people, again outside the SPARC community, have as well.

The fact that you're denying that we've had to do this is really
frustrating.  There is a significant maintenance cost to keeping this
code working, which is being paid by people outside the SPARC community.

It seems best to at least focus that effort on modern algorithms like
AES and SHA-256, and not obsolete ones like MD5 and DES.  Note that
dropping those eliminates the need to add them to QEMU, as well.

I think that makes things easier for everyone.

- Eric