AF_ALG Deprecation Approved For Linux 7.2, Useless & Insecure Crypto Driver Code Removed
The cryptographic subsystem updates have been merged for the ongoing Linux 7.2 kernel merge window.
Headlining the Linux 7.2 crypto changes is the deprecation of the AF_ALG interface. As reported about at the beginning of the month, Linux kernel developers have been planning to deprecate AF_ALG due to its massive attack surface<./a>. In particular, recent AI/LLM security tools have been poking holes into it and there has been little work to improve AF_ALG. Most notably, the recent Copy Fail vulnerability for root access. The AF_ALG interface has historically been used for user-space applications to directly access the Linux kernel's built-in cryptographic API. This does impact the likes of IWD that make use of AF_ALG currently.
Besides deprecating AF_ALG, the hardware offload support is already removed with Linux 7.2. Furthermore, the zero-copy support was also removed already due to security concerns. The deprecation and these removals have now happened for Linux 7.2 without the objection of Linus Torvalds or any other prominent Linux kernel developers.
Also removed is support for AIO on sockets as it was just used by AF_ALG. The AIO sockets support was known to "bloat the entire socket subsystem".
The Linux 7.2 crypto pull also removed a number of useless, insecure, or otherwise less than ideal code. The crypto4xx_rng code was removed as its insecure and unused with no known users. CTR_DRBG and HASH_GRBG support was also remvoed on the basis of likely being unused. The Samsung exynos-rng driver was also removed for having "no purpose" as it doesn't ultimately feed into the Linux RNG and does not implement the HWRNG interface, with only being used by RNG with AF_ALG. The Allwinner sun4i_ss_rng was also removed due to having multiple vulnerabilities and no known users of it outside RNG with AF_ALG.
Plus other unused/insecure crypto code also removed with this pull request now in Linux 7.2 Git. The only crypto additions worth mentioning this cycle is for the Intel QuickAssist (QAT) driver. There is now sysfs PCI reset support for QAT devices as well as enabling Key Protection Technology "KPT" for next-gen QAT devices (GEN6 QAT hardware).
Headlining the Linux 7.2 crypto changes is the deprecation of the AF_ALG interface. As reported about at the beginning of the month, Linux kernel developers have been planning to deprecate AF_ALG due to its massive attack surface<./a>. In particular, recent AI/LLM security tools have been poking holes into it and there has been little work to improve AF_ALG. Most notably, the recent Copy Fail vulnerability for root access. The AF_ALG interface has historically been used for user-space applications to directly access the Linux kernel's built-in cryptographic API. This does impact the likes of IWD that make use of AF_ALG currently.
Besides deprecating AF_ALG, the hardware offload support is already removed with Linux 7.2. Furthermore, the zero-copy support was also removed already due to security concerns. The deprecation and these removals have now happened for Linux 7.2 without the objection of Linus Torvalds or any other prominent Linux kernel developers.
Also removed is support for AIO on sockets as it was just used by AF_ALG. The AIO sockets support was known to "bloat the entire socket subsystem".
The Linux 7.2 crypto pull also removed a number of useless, insecure, or otherwise less than ideal code. The crypto4xx_rng code was removed as its insecure and unused with no known users. CTR_DRBG and HASH_GRBG support was also remvoed on the basis of likely being unused. The Samsung exynos-rng driver was also removed for having "no purpose" as it doesn't ultimately feed into the Linux RNG and does not implement the HWRNG interface, with only being used by RNG with AF_ALG. The Allwinner sun4i_ss_rng was also removed due to having multiple vulnerabilities and no known users of it outside RNG with AF_ALG.
Plus other unused/insecure crypto code also removed with this pull request now in Linux 7.2 Git. The only crypto additions worth mentioning this cycle is for the Intel QuickAssist (QAT) driver. There is now sysfs PCI reset support for QAT devices as well as enabling Key Protection Technology "KPT" for next-gen QAT devices (GEN6 QAT hardware).