lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <bea9f1fe-f99e-b5c2-f69b-823e81adc28f@loongson.cn>
Date: Thu, 11 Dec 2025 09:45:37 +0800
From: Bibo Mao <maobibo@...ngson.cn>
To: Eric Biggers <ebiggers@...nel.org>
Cc: Gonglei <arei.gonglei@...wei.com>, "Michael S . Tsirkin"
 <mst@...hat.com>, Jason Wang <jasowang@...hat.com>,
 Xuan Zhuo <xuanzhuo@...ux.alibaba.com>, Eugenio Pérez
 <eperezma@...hat.com>, Herbert Xu <herbert@...dor.apana.org.au>,
 "David S. Miller" <davem@...emloft.net>, kvm@...r.kernel.org,
 linux-crypto@...r.kernel.org, virtualization@...ts.linux.dev,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 10/10] crypto: virtio: Add ecb aes algo support



On 2025/12/10 上午9:45, Eric Biggers wrote:
> On Wed, Dec 10, 2025 at 09:36:06AM +0800, Bibo Mao wrote:
>>
>>
>> On 2025/12/10 上午7:25, Eric Biggers wrote:
>>> On Tue, Dec 09, 2025 at 10:22:58AM +0800, Bibo Mao wrote:
>>>> ECB AES also is added here, its ivsize is zero and name is different
>>>> compared with CBC AES algo.
>>>
>>> What is the use case for this feature?Currently qemu builtin backend and
>>> openssl afalg only support CBC AES,
>> it depends on modified qemu and openssl to test this.
>>
>> Maybe this patch adding ECB AES algo can be skipped now, it is just an
>> example, the final target is to add SM4 cipher.
> 
> There's no need to add useless features.  The title of your patchset is
> "crypto: virtio: Add ecb aes algo support".  So it sounds like the main
> point of your patchset is to add a useless feature?  If there are
> actually unrelated fixes you want, you should send those separately.
yes, will change title of cover letter and remove this patch in next time.
> 
> As for SM4 support (which mode?), if you really want that (you
> shouldn't), why not use the existing CPU accelerated implementation?
The hardware supports SM4 ECB/CBC/CTL three modes, it depends on the 
detail application scenery.

I just notice that openssl removes engines support in recent. The 
purpose of use HW accel is that it is faster and can save CPU resource.

However it actually brings some troubles with applications on different 
HW platforms, I think HW crypto accel can be used for kernel and some 
key user applications, it is not suitable for all general applications 
for the present.

Regards
Bibo Mao
> 
> - Eric
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ