Hi Heiko,
On Wed, Mar 29, 2023 at 04:06:38PM +0200, Heiko Stuebner wrote:
> From: Heiko Stuebner <[email protected]>
>
> This was originally part of my vector crypto series, but was part
> of a separate openssl merge request implementing GCM ghash as using
> non-vector extensions.
>
> As that pull-request
> https://github.com/openssl/openssl/pull/20078
> got merged recently into openssl, we could also check if this could
> go into the kernel as well and provide a base for further accelerated
> cryptographic support.
One more question. It seems that this patchset uses the RISC-V scalar crypto
extensions. I've been hearing rumors that the RISC-V scalar crypto extensions
have been superseded by the vector crypto extensions. Is that accurate? I
wonder if it's worth putting effort into implementations that use the scalar
crypto extensions when they might already be obsolete.
- Eric
Hi Eric,
Am Donnerstag, 27. April 2023, 00:55:50 CEST schrieb Eric Biggers:
> On Wed, Mar 29, 2023 at 04:06:38PM +0200, Heiko Stuebner wrote:
> > From: Heiko Stuebner <[email protected]>
> >
> > This was originally part of my vector crypto series, but was part
> > of a separate openssl merge request implementing GCM ghash as using
> > non-vector extensions.
> >
> > As that pull-request
> > https://github.com/openssl/openssl/pull/20078
> > got merged recently into openssl, we could also check if this could
> > go into the kernel as well and provide a base for further accelerated
> > cryptographic support.
>
> One more question. It seems that this patchset uses the RISC-V scalar crypto
> extensions. I've been hearing rumors that the RISC-V scalar crypto extensions
> have been superseded by the vector crypto extensions. Is that accurate? I
> wonder if it's worth putting effort into implementations that use the scalar
> crypto extensions when they might already be obsolete.
Yes there are the vector crypto extensions - still deep in the
ratification process.
And of course the RISC-V speciality, all extensions are separate
entities that core manufacturers can select at will.
And I guess the whole vector extension + vector-crypto extensions
might require more investment for manufacturers, where the variants
introduced here also "just" work with bitmanip instructions (Zbb + Zbc
extensions).
But for me, this small bit of scalar crypto is also sort of a stepping
stone :-). Previous versions [0] already included patches using the
vector crypto extensions too, I just split that into a separate thing,
as _this_ series actually uses ratified extensions :-)
Heiko
[0] https://lore.kernel.org/lkml/[email protected]/T/