This is yet another proposal for dm-inlinecrypt, this one resulting from the conversation at https://lore.kernel.org/linux-block/20240916085741.1636554-2-quic_mdalam@xxxxxxxxxxx/T/#u. This brings in the work that was already done in Android's dm-default-key but drops the passthrough support, as it doesn't seem like that will go anywhere upstream anytime soon. This makes the proposal suitable as a replacement for dm-crypt only. Compared to the other patch linked above, this patch addresses a large number of issues, the main ones being mentioned at https://lore.kernel.org/linux-block/20240921185519.GA2187@quark.localdomain/ Changed in v2: - Split block exports into a separate patch. - Return the key from STATUSTYPE_TABLE. This is a misfeature, but it's needed to comply with the device-mapper UAPI. - Don't pass uninitialized key to blk_crypto_evict_key(). - Use {} instead of {0}. - Simplify inlinecrypt_prepare_ioctl(). Eric Biggers (2): block: export blk-crypto symbols required by dm-inlinecrypt dm-inlinecrypt: add target for inline block device encryption block/blk-crypto.c | 3 + drivers/md/Kconfig | 10 + drivers/md/Makefile | 1 + drivers/md/dm-inlinecrypt.c | 417 ++++++++++++++++++++++++++++++++++++ 4 files changed, 431 insertions(+) create mode 100644 drivers/md/dm-inlinecrypt.c base-commit: c964ced7726294d40913f2127c3f185a92cb4a41 -- 2.47.0
