On 21/04/2020 20:27, Mike Snitzer wrote: > On Mon, Apr 20 2020 at 9:46P -0400, > Dmitry Baryshkov <dbaryshkov@xxxxxxxxx> wrote: > >> From: Dmitry Baryshkov <dmitry_baryshkov@xxxxxxxxxx> >> >> Allow one to use encrypted in addition to user and login key types for >> device encryption. >> >> Signed-off-by: Dmitry Baryshkov <dmitry_baryshkov@xxxxxxxxxx> > > I fixed up some issues, please see the following incremental patch, > I'll get this folded in and staged for 5.8. And you just created hard dependence on encrypted key type... If you disable this type (CONFIG_ENCRYPTED_KEYS option), it cannot load the module anymore: ERROR: modpost: "key_type_encrypted" [drivers/md/dm-crypt.ko] undefined! We had this idea before, and this implementation in dm-crypt just requires dynamic key type loading implemented first. David Howells (cc) promised that moths ago, but apparently nothing was yet submitted (and the proof-of-concept patch no longer works). Mike, I think you should revert this patch from the tree until it is solved. Once fixed, we should also support "trusted" key type. Also please - do no forget to increase dm-crypt minor version here... Thanks, Milan -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
