Hardware cryptographic accelerators have been essential in embedded SoCs for decades, yet upstream Linux maintainers are removing/rejecting them. The extinction is underway.
In 2025, maintainers began removing async crypto API support, targeting engines from major SoC vendors for deprecation.[1][2] Software wins on throughput for typical payloads. ARMv8/v9 Crypto Extensions amplify this advantage. Performance-wise, maintainers have a point.
But benchmarks miss critical security. Hardware provides what software cannot: DPA/EMA side-channel attack resistance[3], hardware-backed wrapped key isolation, and secure boundaries essential for physically accessible devices. With PQC transition, hardware crypto becomes more essential.
The crisis: maintainers remove features certifications require and contracts mandate, forcing vendor forks from mainline.
We address making the security case and finding compromises satisfying both maintainability and embedded security.
[1] https://lore.kernel.org/all/
[email protected]/
[2] https://lore.kernel.org/all/
[email protected]/
[3] https://lore.kernel.org/all/
[email protected]/
