On Thu, Jun 13, 2019 at 04:00:30PM +0530, Sumit Garg wrote: > Add support for TEE based trusted keys where TEE provides the functionality > to seal and unseal trusted keys using hardware unique key. > > Refer to Documentation/tee.txt for detailed information about TEE. > > Approach taken in this patch acts as an alternative to a TPM device in case > platform doesn't possess one. > > Signed-off-by: Sumit Garg <sumit.garg@xxxxxxxxxx> How does this interact with the trusted module? Why there is no update to security/keys/trusted-encrypted.txt? Somehow the existing trusted module needs to be re-architected to work with either. Otherwise, this will turn out to be a mess. /Jarkko
