Re: [PATCH 17/17] Add standalone crypto kernel module technical documentation

[PATCH v1 00/17] crypto: Standalone crypto module (Series 1/4): Core implementation · Jay Wang <hidden> · 2026-02-12
[PATCH 01/17] crypto: add Kconfig options for standalone crypto module · Jay Wang <hidden> · 2026-02-12
[PATCH 02/17] crypto: add module entry for standalone crypto kernel module · Jay Wang <hidden> · 2026-02-12
[PATCH 03/17] build: special compilation rule for building the standalone crypto module · Jay Wang <hidden> · 2026-02-12
[PATCH 04/17] build: Add ELF marker for crypto-objs-m modules · Jay Wang <hidden> · 2026-02-12
[PATCH 05/17] module: allow kernel module loading directly from memory · Jay Wang <hidden> · 2026-02-12
[PATCH 06/17] crypto: add pluggable interface for builtin crypto modules · Jay Wang <hidden> · 2026-02-12
[PATCH 07/17] crypto: dedicated ELF sections for collected crypto initcalls · Jay Wang <hidden> · 2026-02-12
[PATCH 08/17] crypto: fips140: add crypto module loader · Jay Wang <hidden> · 2026-02-12
[PATCH 09/17] build: embed the standalone crypto module into vmlinux · Jay Wang <hidden> · 2026-02-12
[PATCH 10/17] build: add CONFIG_DEBUG_INFO_BTF_MODULES support for the standalone crypto kernel module · Jay Wang <hidden> · 2026-02-12
[PATCH 11/17] Allow selective crypto module loading at boot based on FIPS mode · Jay Wang <hidden> · 2026-02-12
[PATCH 12/17] Execute crypto initcalls during module initialization · Jay Wang <hidden> · 2026-02-12
[PATCH 13/17] crypto/algapi.c: skip crypto_check_module_sig() for the standalone crypto module · Jay Wang <hidden> · 2026-02-12
[PATCH 14/17] crypto: fips140: add module integrity self-check · Jay Wang <hidden> · 2026-02-12
[PATCH 15/17] x86: crypto: to convert exported crypto symbols into pluggable interface for x86 cryptos · Jay Wang <hidden> · 2026-02-12
[PATCH 16/17] arm64: crypto: to convert exported crypto symbols into pluggable interface for arm64 cryptos · Jay Wang <hidden> · 2026-02-12
[PATCH 17/17] Add standalone crypto kernel module technical documentation · Jay Wang <hidden> · 2026-02-12
Re: [PATCH 17/17] Add standalone crypto kernel module technical documentation · Eric Biggers <ebiggers@kernel.org> · 2026-02-25
Re: [PATCH 17/17] Add standalone crypto kernel module technical documentation · Christoph Hellwig <hch@infradead.org> · 2026-02-25
RE: [PATCH 17/17] Add standalone crypto kernel module technical documentation · Jay Wang <hidden> · 2026-02-25

From: Christoph Hellwig <hch@infradead.org>
Date: 2026-02-25 14:09:01
Also in: linux-crypto, linux-kbuild, linux-modules

On Tue, Feb 24, 2026 at 05:55:17PM -0800, Eric Biggers wrote:

Let's be clear: this is possible only when the kernel has a stable ABI
to the crypto module, which realistically isn't something that is going
to be supported upstream.  The Linux kernel is well-known for not
maintaining a stable in-kernel ABI, for good reasons.

So, the only case where this feature would have a benefit over the
kernel's existing approach to FIPS 140 is in downstream kernels that
maintain a stable in-kernel ABI.  There would be no benefit to direct
users of the mainline kernel or even the stable release series.

For this to be considered for upstream there would need to be some level
of consensus in the community to support this feature despite this.

That's a very nice way to say this goes against all the established
principles for kernel development.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help