Thread (24 messages) 24 messages, 10 authors, 10d ago

Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG

From: Eric Biggers <ebiggers@kernel.org>
Date: 2026-06-23 19:19:50
Also in: linux-api, linux-bluetooth, linux-crypto, linux-doc, lkml

On Tue, Jun 23, 2026 at 11:56:10AM -0700, Linus Torvalds wrote:
On Tue, 23 Jun 2026 at 09:51, Eric Biggers [off-list ref] wrote:
quoted
We're aware of that and are taking it into account in the allowlist:
Note that if we can  just unconditionally make it depend on
CAP_NET_ADMIN, that would be good - independently of any allowlist.

Because if iwd and abluetoothd are the main two users, and both of
those already require CAP_NET_ADMIN anyway...
There's also cryptsetup, including unprivileged benchmarking and also
(in theory) formatting support, and pre-7.0 versions of iproute2 which
used it for computing SHA-1 hashes of BPF programs.

If we broke unprivileged 'cryptsetup benchmark', some people would
definitely notice.  However, since it's just a manually-run benchmark
anyway, users could just run it with sudo.

I don't know about the iproute2 case.

It depends how aggressive we want to be.  My current proposal
(https://lore.kernel.org/linux-crypto/20260622234803.6982-1-ebiggers@kernel.org/ (local))
has the entries in the allowlist marked as either privileged or
unprivileged.  There are just a few unprivileged ones, for cryptsetup
and iproute2 as mentioned.  But we could try doing away with the
unprivileged ones entirely and see who complains.

- Eric
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help