[dm-devel] dm-crypt: support using encrypted keys
Milan Broz
gmazyland at gmail.com
Thu Apr 23 14:41:20 UTC 2020
On 23/04/2020 16:06, Mike Snitzer wrote:
>
> Seems you didn't look at the fixed patch, here is what I ultimately
> staged yesterday:
> https://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm.git/commit/?h=dm-5.8&id=a2b35bd064baf1f4e7504c23d493a3e149172dd1
>
> dm-crypt doesn't have a hard dependency on CONFIG_ENCRYPTED_KEYS. If it
> is enabled support will be available, if not enabled support isn't.
It is acceptable solution if you really want to push it now.
Just you will repeat the same #ifdef exercise for the "trusted" key type.
What we did last time, is here - it combines dynamic key type loading
and #if IS_REACHABLE(CONFIG_ENCRYPTED_KEYS) (we cannot avoid it if it is completely compiled out here)
It is somewhat more readable for me and eliminates few ifdefs.
Just it can be no longer applied, but the idea is here in two old patches:
https://mbroz.fedorapeople.org/tmp/
Milan
More information about the dm-devel
mailing list