Hi,
On 6/29/26 3:54 AM, Eric Biggers wrote:
We could do that if it's what people want. Just keep in mind that it
would be much more complex than the single tristate sysctl. And in
practice the number of people who are knowledgeable enough to create
these lists is quite small; we've seen similar things with other "Crypto
API" configuration knobs that seem to never be touched in practice.
I don't think finer grained control is necessary.
The tristate is the best possible interface for the people running
precompiled distribution kernels. Ideally, deactivating the restriction
should also be disallowed in lockdown mode -- and this becomes a lot
easier to subvert if the list of algorithms is runtime configurable.
I think it is safe to assume that the people using AF_ALG with hardware
crypto engines are building embedded systems with a custom kernel
configuration, so the .config is probably the best place for the
selection of algorithms that should remain available in restricted mode.
Simon
