blocking algif_aead side effects? [LWN.net]

blocking algif_aead side effects?

Posted Apr 30, 2026 16:49 UTC (Thu) by dkg (subscriber, #55359)
In reply to: Poor coordination by Karellen
Parent article: A security bug in AEAD sockets

I see these mitigation suggestions, but i'm also curious about what their side effects will be. Is there any common tooling that uses AF_ALG socket creation, or the algif_aead module itself?

to post comments

blocking algif_aead side effects?

Posted Apr 30, 2026 22:56 UTC (Thu) by mussell (subscriber, #170320) [Link] (1 responses)

Searching through the source code of everything installed on my Gentoo system with rg 'socket([AP]F_ALG' /usr/src/debug found only 6 packages that use it: iproute2, util-linux, bluez, qtconnectivity, openssl, and ell. Out of these packages, only ell explicitly uses aead support in cipher.c. ell is depended on by bluez and iwd, and out of those two, iwd doesn't use aead support as none of the aead symbols are in the final binary. As far I know, the only thing that uses algif_aead is bluetooth-meshd.

blocking algif_aead side effects?

Posted May 4, 2026 3:48 UTC (Mon) by ebiggers (subscriber, #130760) [Link]

Yes, it's only a small set of userspace programs that made the shortsighted decision to use AF_ALG, instead of following the standard practice of using a userspace crypto library.

Help fixing these userspace programs would be greatly appreciated. It would be really impactful, as it would allow more people to disable CONFIG_CRYPTO_USER_API_* in their kernels.