Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

For anyone wondering: AF_ALG is a Linux socket interface that exposes the kernel’s crypto API via file descriptors, using normal read(2)/write(2) calls for hashing and encryption.


I wonder can the kernel just remove it and distros put on a compatiability layer.


It's already a configurable option in the kernel which can be fully disabled by distros if they wanted to provide their own compatibility layer, or just not ship any software that has a hard dependency on it.


I always use only custom compiled kernels on my computers, where I enable only the configuration options that I really need.

So the options related to AF_ALG have always been disabled, because I have not encountered an application that needs them, among those that I use.

Unfortunately the Linux distributions must enable in their default configuration most options, because they cannot predict what their users will need.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: