The latest systemd README and NEWS claim that the userspace interface to the
in-kernel hash algorithms (CONFIG_CRYPTO_USER_API_HASH) is now required.
I don't know how much thought was put into this decision, but I think it's a
mistake security-wise. AF_ALG sockets increase the kernel's attack surface by
allowing users to instantiate and use arbitrary crypto algorithms, in
combinations or ways which may not have been tested. Indeed, historically there
have been a number of security vulnerabilities related to this feature, both in
the API itself and in the various crypto modules. For this reason, I think
security-conscious users would prefer to have this kernel feature turned off.
Why exactly does systemd suddenly need this feature? If it's really just to
compute hashes, then please do it in userspace instead. Unless systemd *really*
needs to support using hardware crypto accelerators, there is no need to call
into the kernel just to compute hashes. Or at the very least, make the
systemd-devel mailing list