I gave a talk about file based encryption and the proposed inner workings
of inline encryption at last year's LPC. Since then, the patchset has gone
through almost 10 revisions, and the block layer patches have been merged
a little while ago into Linux v5.8 (and the remaining patches are being
targeted for the v5.9 release). There have been many changes in the design
and implementation over the past 10 revisions, some of which are likely
worth going over.
An older version of the implementation has also been checked into Android
for more than half a year now, and new changes and features have been
proposed and implemented on top of the base inline encryption patchset,
and are currently being maintained out of tree in Android like
- hardware wrapped key support
- device mapper support
- UFS crypto variant operations
- eMMC inline encryption support
- direct I/O support for fscrypt
- metadata encryption.
These are all features we'd like to see upstreamed soon. I'd like to talk
about and discuss some of these features and what we'd like to propose
upstream for them.
|I agree to abide by the anti-harassment policy||I agree|