lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20260112193445.GA1952@sol>
Date: Mon, 12 Jan 2026 11:34:45 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: AlanSong-oc <AlanSong-oc@...oxin.com>
Cc: herbert@...dor.apana.org.au, Jason@...c4.com, ardb@...nel.org,
	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
	CobeChen@...oxin.com, TonyWWang-oc@...oxin.com, YunShen@...oxin.com,
	GeorgeXue@...oxin.com, LeoLiu-oc@...oxin.com, HansHu@...oxin.com,
	x86@...nel.org
Subject: Re: [PATCH v2 1/2] lib/crypto: x86/sha1: PHE Extensions optimized
 SHA1 transform function

On Mon, Jan 12, 2026 at 05:12:01PM +0800, AlanSong-oc wrote:
> > Is it supported in both 32-bit and 64-bit modes?  Your patch doesn't
> > check for CONFIG_64BIT.  Should it?  New optimized assembly code
> > generally should be 64-bit only.
> 
> The XSHA1 and XSHA256 are supported in both 32-bit and 64-bit modes.
> Since newly optimized assembly code is typically 64-bit only, and XSHA1
> and XSHA256 fully support 64-bit mode, an explicit CONFIG_64BIT check
> should not required.

Right, all the x86-optimized SHA-1 and SHA-256 code is already 64-bit
specific, due to CONFIG_CRYPTO_LIB_SHA1_ARCH and
CONFIG_CRYPTO_LIB_SHA256_ARCH being enabled only when CONFIG_x86_64=y.
So there's no need to check for 64-bit again.

> > What is the difference between X86_FEATURE_PHE and X86_FEATURE_PHE_EN,
> > and why are both needed?
> 
> The X86_FEATURE_PHE indicates the presence of the XSHA1 and XSHA256
> instructions, whereas the X86_FEATURE_PHE_EN indicates that these
> instructions are enabled for normal use.

I still don't understand the difference.

If you look at the other CPU feature flags, like X86_FEATURE_SHA_NI for
example, there's just a single flag for the feature.  We don't have
X86_FEATURE_SHA_NI and X86_FEATURE_SHA_NI_EN.  If the CPU supports the
feature but the kernel decides it can't or shouldn't be used for
whatever reason, the kernel just doesn't set the flag.  There's no
separate flag that tracks the CPU support independently.

Why can't the PHE flag work the same way?

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ