[PATCH v3 0/1] dm-inlinecrypt: add support for hardware-wrapped keys

Next message: Linlin Zhang: "[PATCH v3 1/1] dm-inlinecrypt: add support for hardware-wrapped keys"
Previous message: Yongxing Mou: "Re: [PATCH v4 16/39] drm/msm/dp: use stream_id to change offsets in dp_catalog"
Next in thread: Linlin Zhang: "[PATCH v3 1/1] dm-inlinecrypt: add support for hardware-wrapped keys"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Linlin Zhang

Date: Mon May 25 2026 - 08:14:04 EST

dm-inlinecrypt currently assumes that all keys are raw software keys.
That does not work for platforms where inline encryption expects
hardware-wrapped key material managed by secure firmware/hardware.

This series adds support for hardware-wrapped keys in dm-inlinecrypt by
introducing an optional <key_type> target argument. The flag lets
dm-inlinecrypt select the proper blk-crypto key type at key
initialization time:

- 1: BLK_CRYPTO_KEY_TYPE_RAW
- 2: BLK_CRYPTO_KEY_TYPE_HW_WRAPPED

With this change, dm-inlinecrypt can support both raw and wrapped key
deployment models without hardcoding one key ownership model.
The series also:
- updates target argument parsing to include the new required flag
- propagates the wrapped/raw state in target status output
- updates dm-inlinecrypt documentation and examples accordingly
Linlin Zhang (1):
dm-inlinecrypt: add support for hardware-wrapped keys

.../device-mapper/dm-inlinecrypt.rst | 20 +++---
drivers/md/dm-inlinecrypt.c | 63 ++++++++++++-------
2 files changed, 54 insertions(+), 29 deletions(-)

--
2.34.1