From: Herbert Xu <herbert@gondor.apana.org.au>
To: Eric Biggers <ebiggers@kernel.org>
Cc: linux-crypto@vger.kernel.org, linux-doc@vger.kernel.org,
linux-api@vger.kernel.org, linux-kernel@vger.kernel.org,
netdev@vger.kernel.org,
Linus Torvalds <torvalds@linux-foundation.org>,
David Howells <dhowells@redhat.com>
Subject: Re: [PATCH] crypto: af_alg - Document the deprecation of AF_ALG
Date: Thu, 30 Apr 2026 10:05:00 +0800 [thread overview]
Message-ID: <afK4zC-Mgo6LBfUh@gondor.apana.org.au> (raw)
In-Reply-To: <20260430011544.31823-1-ebiggers@kernel.org>
On Wed, Apr 29, 2026 at 06:15:44PM -0700, Eric Biggers wrote:
> AF_ALG is almost completely unnecessary, and it exposes a massive attack
> surface that hasn't been standing up to modern vulnerability discovery
> tools. The latest one even has its own website, providing a small
> Python script that reliably roots most Linux distros: https://copy.fail/
>
> This isn't sustainable, especially as LLMs have accelerated the rate the
> vulnerabilities are coming in. The effort that is being put into this
> thing is vastly disproportional to the few programs that actually use
> it, and those programs would be better served by userspace code anyway.
>
> These issues have been noted in many mailing list discussions already.
> But until now they haven't been reflected in the documentation or
> kconfig menu itself, and the vulnerabilities are still coming in.
>
> Let's go ahead and document the deprecation.
>
> This isn't intended to change anything overnight. After all, most Linux
> distros won't be able to disable the kconfig options quite yet, mainly
> because of iwd. But this should create a bit more impetus for these
> userspace programs to be fixed, and the documentation update should also
> help prevent more users from appearing.
>
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
What about the exposure of akcipher through security/keys/keyctl_pkey.c?
There isn't even a Kconfig option to disable that user-space API.
If module signatures are enabled then this automatically gets added
to the kernel:
MODULE_SIG -> MODULE_SIG_FORMAT -> SYSTEM_DATA_VERIFICATION ->
KEYS + ASYMMETRIC_KEY_TYPE
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
next prev parent reply other threads:[~2026-04-30 2:37 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-30 1:15 [PATCH] crypto: af_alg - Document the deprecation of AF_ALG Eric Biggers
2026-04-30 2:05 ` Herbert Xu [this message]
2026-04-30 2:10 ` Eric Biggers
2026-05-04 14:39 ` Jon Kohler
2026-05-04 17:39 ` Eric Biggers
2026-05-04 18:12 ` Jeff Barnes
2026-05-04 18:24 ` Eric Biggers
2026-05-04 18:27 ` Simo Sorce
2026-05-04 17:41 ` Jeff Barnes
2026-05-05 9:31 ` Herbert Xu
2026-05-05 23:17 ` Andy Lutomirski
2026-05-06 0:17 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afK4zC-Mgo6LBfUh@gondor.apana.org.au \
--to=herbert@gondor.apana.org.au \
--cc=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox