Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG | linux-api

[PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Eric Biggers <ebiggers@kernel.org> · 2026-04-30
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Herbert Xu <herbert@gondor.apana.org.au> · 2026-04-30
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Eric Biggers <ebiggers@kernel.org> · 2026-04-30
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Jon Kohler <hidden> · 2026-05-04
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Eric Biggers <ebiggers@kernel.org> · 2026-05-04
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Jeff Barnes <hidden> · 2026-05-04
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Eric Biggers <ebiggers@kernel.org> · 2026-05-04
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Simo Sorce <hidden> · 2026-05-04
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Jeff Barnes <hidden> · 2026-05-04
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Herbert Xu <herbert@gondor.apana.org.au> · 2026-05-05
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Andy Lutomirski <luto@amacapital.net> · 2026-05-05
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Eric Biggers <ebiggers@kernel.org> · 2026-05-06
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Jeff Barnes <hidden> · 2026-05-06
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Kamran Khan <hidden> · 2026-05-10
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Eric Biggers <ebiggers@kernel.org> · 2026-05-10
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Andy Lutomirski <luto@amacapital.net> · 2026-05-10
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Ignat Korchagin <ignat@linux.win> · 2026-05-11
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Eric Biggers <ebiggers@kernel.org> · 2026-05-11
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Ignat Korchagin <ignat@linux.win> · 2026-05-12
Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG · Jeff Barnes <hidden> · 2026-05-13

Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG

From: Andy Lutomirski <luto@amacapital.net>
Date: 2026-05-10 18:07:12
Also in: linux-crypto, linux-doc, lkml, netdev

On Sun, May 10, 2026 at 9:33 AM Eric Biggers [off-list ref] wrote:

In any case, any hypothetical security benefit provided by AF_ALG would
have to be *very high* to outweigh the continuous stream of
vulnerabilities in it.  I understand that people using AF_ALG might not
be familiar with that continuous stream of vulnerabilities, but it would
be worth spending some time researching what has been going on.


It would not be completely crazy to have a simple, straightforward
interface by which user code could ask the kernel to do a
cryptographic operation.  Think:

int compute_keyed_hash(int key_fd, const void *data, size_t len);

where key_fd encodes both the key and the hash type (HMAC-SHA256 or
whatever), and there is a very, very small menu of hashes to choose
from.

But this is not really obviously worth the hassle.  And AF_ALG is
definitely not the right interface.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help