On 09.08.21 11:35, Jarkko Sakkinen wrote: > On Fri, Aug 06, 2021 at 05:12:19PM +0200, Ahmad Fatoum wrote: >> Dear trusted key maintainers, >> >> On 21.07.21 18:48, Ahmad Fatoum wrote: >>> Series applies on top of >>> https://lore.kernel.org/linux-integrity/20210721160258.7024-1-a.fatoum@xxxxxxxxxxxxxx/T/#u >>> >>> v2 -> v3: >>> - Split off first Kconfig preparation patch. It fixes a regression, >>> so sent that out, so it can be applied separately (Sumit) >>> - Split off second key import patch. I'll send that out separately >>> as it's a development aid and not required within the CAAM series >>> - add MAINTAINERS entry >> >> Gentle ping. I'd appreciate feedback on this series. > > Simple question: what is fscrypt? For supported file systems, fscrypt[1] allows you to encrypt at a directory level. It has no trusted key integration yet, which is something I am trying to upstream in parallel to this series, so I eventually can use fscrypt together with CAAM-backed trusted keys on an unpatched kernel. If it interests you, I described[2] my CAAM+ubifs+fscrypt use case in the discussion thread on my fscrypt-trusted-keys v1. Jan, a colleague of mine, held a talk[3] on the different solutions for authenticated and encrypted storage, which you may want to check out. I'd really appreciate feedback here on the the CAAM parts of this series, so this can eventually go mainline. Thanks, Ahmad [1]: https://www.kernel.org/doc/html/v5.13/filesystems/fscrypt.html [2]: https://lore.kernel.org/linux-fscrypt/367ea5bb-76cf-6020-cb99-91b5ca82d679@xxxxxxxxxxxxxx/ [3]: https://www.youtube.com/watch?v=z_y84v9076c > > /Jarkko > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
