[PATCH 17/17] Add standalone crypto kernel module technical documentation
Christoph Hellwig
hch at infradead.org
Wed Feb 25 06:08:54 PST 2026
On Tue, Feb 24, 2026 at 05:55:17PM -0800, Eric Biggers wrote:
> Let's be clear: this is possible only when the kernel has a stable ABI
> to the crypto module, which realistically isn't something that is going
> to be supported upstream. The Linux kernel is well-known for not
> maintaining a stable in-kernel ABI, for good reasons.
>
> So, the only case where this feature would have a benefit over the
> kernel's existing approach to FIPS 140 is in downstream kernels that
> maintain a stable in-kernel ABI. There would be no benefit to direct
> users of the mainline kernel or even the stable release series.
>
> For this to be considered for upstream there would need to be some level
> of consensus in the community to support this feature despite this.
That's a very nice way to say this goes against all the established
principles for kernel development.
More information about the linux-arm-kernel
mailing list