Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG
From: Eric Biggers <ebiggers@kernel.org>
Date: 2026-05-06 00:17:43
Also in:
linux-crypto, linux-doc, lkml, netdev
On Tue, May 05, 2026 at 04:17:18PM -0700, Andy Lutomirski wrote:
quoted
On Apr 29, 2026, at 6:19 PM, Eric Biggers [off-list ref] wrote: AF_ALG is almost completely unnecessary, and it exposes a massive attack surface that hasn't been standing up to modern vulnerability discovery tools. The latest one even has its own website, providing a small Python script that reliably roots most Linux distros: https://copy.fail/How about adding a configuration option, defaulted on, that requires capable(CAP_SYS_ADMIN) to create the socket (and maybe also to bind / connect it). And a sysctl to allow the administrator to override this in the unlikely event that it’s needed. IIRC cryptsetup used to and maybe even still does require these sockets sometimes and this would let it keep working. And there's all the FIPS stuff downthread.
Yes, I'd like to add a default-on requirement to hold a capability in
the initial user namespace. We're trying to figure out the details.
It sounds like iwd runs with CAP_NET_ADMIN, not necessarily
CAP_SYS_ADMIN. So it may need to be:
has_capability_noaudit(current, CAP_NET_ADMIN) || capable(CAP_SYS_ADMIN)
iwd is being discussed in the thread
https://lore.kernel.org/linux-crypto/bcbbef00-5881-421b-8892-7be6c04b832d@gmail.com/ (local)
cryptsetup is normally run with CAP_SYS_ADMIN, but not always (e.g.,
'cryptsetup benchmark'). It might be acceptable for users to add sudo
in the exceptional cases. cryptsetup is being discussed in the thread
https://lore.kernel.org/linux-crypto/5dd3be22-13fb-41fb-b469-1ae6472200b1@gmail.com/ (local)
bluez needs investigation.
- Eric