On 6/17/19 5:15 PM, Andy Lutomirski wrote: >>> But I really expect that the encryption of a DAX device will actually >>> be a block device setting and won't look like this at all. It'll be >>> more like dm-crypt except without device mapper. >> Are you suggesting not to support MKTME for DAX, or adding MKTME support to dm-crypt? > I'm proposing exposing it by an interface that looks somewhat like > dm-crypt. Either we could have a way to create a device layered on > top of the DAX devices that exposes a decrypted view or we add a way > to tell the DAX device to kindly use MKTME with such-and-such key. I think this basically implies that we need to settle (or at least present) on an interface for storage (FS-DAX, Device DAX, page cache) before we merge one for anonymous memory. That sounds like a reasonable exercise.
