lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180904031731.ehi2jzx3retkhyql@gondor.apana.org.au>
Date:   Tue, 4 Sep 2018 11:17:31 +0800
From:   Herbert Xu <herbert@...dor.apana.org.au>
To:     Megha Dey <megha.dey@...ux.intel.com>
Cc:     Tim Chen <tim.c.chen@...ux.intel.com>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        linux-crypto@...r.kernel.org, linux-m68k@...ts.linux-m68k.org,
        linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
        ebiggers@...gle.com, Geert Uytterhoeven <geert@...ux-m68k.org>,
        Martin Schwidefsky <schwidefsky@...ibm.com>,
        Heiko Carstens <heiko.carstens@...ibm.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>
Subject: Re: [PATCH] crypto: x86 - remove SHA multibuffer routines and mcryptd

On Mon, Aug 27, 2018 at 04:19:53PM -0700, Megha Dey wrote:
> On Mon, 2018-08-27 at 15:28 -0700, Tim Chen wrote:
> > On 08/22/2018 01:51 AM, Ard Biesheuvel wrote:
> > > As it turns out, the AVX2 multibuffer SHA routines are currently
> > > broken [0], in a way that would have likely been noticed if this
> > > code were in wide use. Since the code is too complicated to be
> > > maintained by anyone except the original authors, and since the
> > > performance benefits for real-world use cases are debatable to
> > > begin with, it is better to drop it entirely for the moment.
> > > 
> > > [0] https://marc.info/?l=linux-crypto-vger&m=153476243825350&w=2
> > 
> > Sorry I was out of the loop for a while and haven't been following
> > the code too closely.
> > 
> > Megha is maintaining the code now.  Before we pull the code,
> > please give us a chance to fix it first.
> > 
> > Thanks.
> > 
> > Tim
> > 
> 
> Hi,
> 
> I am working to find a fix for these corner cases. If possible, we would
> like to fix the issues instead of removing the code altogether.

I think it has taken way too long to fix these issues.  The fact
that these issues have existed for so long also means that hardly
anyone uses these mb algorithms.

So I think it is best if we remove everything and then add them
back after a proper review process.

Thanks,
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ