[PATCH 0/3] AF_ALG: Remove support for AIO and old-style drivers
From: Demi Marie Obenour <hidden>
Date: 2026-05-23 19:43:09
Also in:
io-uring, linux-crypto, linux-doc, linux-perf-users, lkml, netdev
AF_ALG is a deprecated API only useful for compatibility with existing
userspace. It has had a lot of vulnerabilities, including the infamous
CopyFail.
Rip out support for offload drivers, which tend to be buggy. Also rip
out support for AIO, which actually bloats the entire socket subsystem.
Only compile-tested.
Signed-off-by: Demi Marie Obenour <redacted>
---
Demi Marie Obenour (3):
net: Remove support for AIO on sockets
AF_ALG: Drop support for off-CPU cryptography
AF_ALG: Document that it is *always* slower
Documentation/crypto/userspace-if.rst | 26 ++++++++--
crypto/af_alg.c | 35 ++------------
crypto/algif_aead.c | 43 ++++-------------
crypto/algif_hash.c | 4 +-
crypto/algif_rng.c | 4 +-
crypto/algif_skcipher.c | 66 ++++++--------------------
include/crypto/if_alg.h | 19 ++++++--
include/linux/socket.h | 1 -
io_uring/net.c | 1 -
net/compat.c | 1 -
net/socket.c | 7 +--
tools/perf/trace/beauty/include/linux/socket.h | 1 -
12 files changed, 70 insertions(+), 138 deletions(-)
---
base-commit: 49e05bb00f2e8168695f7af4d694c39e1423e8a2
change-id: 20260502-af-alg-harden-900849451653
Best regards,
--
Demi Marie Obenour [off-list ref]