mirror of
https://github.com/hardkernel/linux.git
synced 2026-06-09 04:10:18 +09:00
1f876610fe
To prevent keys from being compromised if an attacker acquires read access to kernel memory, some inline encryption hardware supports protecting the keys in hardware without software having access to or the ability to set the plaintext keys. Instead, software only sees "wrapped keys", which may differ on every boot. The keys can be initially generated either by software (in which case they need to be imported to hardware to be wrapped), or directly by the hardware. Add support for this type of hardware by allowing keys to be flagged as hardware-wrapped. When used, dm-default-key will pass the wrapped key to the inline encryption hardware to encryption metadata. The hardware will internally unwrap the key and derive the metadata encryption key. Bug: 147209885 Test: Validate metadata encryption & FBE with wrapped keys. Change-Id: I8078b116dab9e04d7f3f15f29f11823185ea5d50 Signed-off-by: Barani Muthukumaran <bmuthuku@codeaurora.org>
Linux kernel
============
There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.
In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``. The formatted documentation can also be read online at:
https://www.kernel.org/doc/html/latest/
There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.
Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.