From: Eric Biggers <ebiggers@kernel.org>
To: Linlin Zhang <linlin.zhang@oss.qualcomm.com>
Cc: Mikulas Patocka <mpatocka@redhat.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@kernel.org>,
Benjamin Marzinski <bmarzins@redhat.com>,
dm-devel@lists.linux.dev, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v1 1/1] dm-inlinecrypt: initialize blk-crypto key as HW-wrapped key
Date: Tue, 12 May 2026 18:53:35 +0000 [thread overview]
Message-ID: <20260512185335.GA3085076@google.com> (raw)
In-Reply-To: <20260512095203.3688708-2-linlin.zhang@oss.qualcomm.com>
On Tue, May 12, 2026 at 02:52:03AM -0700, Linlin Zhang wrote:
> dm-inlinecrypt currently initializes the blk-crypto key using
> BLK_CRYPTO_KEY_TYPE_RAW, which implies that the provided key material
> is a plaintext software key owned by the block layer.
>
> However, on platforms where dm-inlinecrypt is used together with a
> hardware-backed key source (e.g. TrustZone/TEE or other secure key
> wrapping mechanisms), the key material passed down is already wrapped
> and must be treated as opaque by the block layer.
>
> Initialize the blk-crypto key using BLK_CRYPTO_KEY_TYPE_HW_WRAPPED
> instead, so that dm-inlinecrypt correctly models hardware-wrapped keys
> and avoids incorrect assumptions about key ownership and visibility.
>
> Signed-off-by: Linlin Zhang <linlin.zhang@oss.qualcomm.com>
> ---
> drivers/md/dm-inlinecrypt.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/md/dm-inlinecrypt.c b/drivers/md/dm-inlinecrypt.c
> index bd8e58a028c5..bcbf363c533a 100644
> --- a/drivers/md/dm-inlinecrypt.c
> +++ b/drivers/md/dm-inlinecrypt.c
> @@ -386,7 +386,7 @@ static int inlinecrypt_ctr(struct dm_target *ti, unsigned int argc, char **argv)
> dun_bytes = DIV_ROUND_UP(fls64(ctx->max_dun), 8);
>
> err = blk_crypto_init_key(&ctx->key, raw_key, ctx->key_size,
> - BLK_CRYPTO_KEY_TYPE_RAW,
> + BLK_CRYPTO_KEY_TYPE_HW_WRAPPED,
> cipher->mode_num, dun_bytes,
> ctx->sector_size);
The raw key support is useful too, and it should be the default.
I recommend adding a "wrappedkey" optional argument that enables
BLK_CRYPTO_KEY_TYPE_HW_WRAPPED.
- Eric
next prev parent reply other threads:[~2026-05-12 18:53 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-12 9:52 [PATCH v1 0/1] dm-inlinecrypt: move to HW-wrapped key Linlin Zhang
2026-05-12 9:52 ` [PATCH v1 1/1] dm-inlinecrypt: initialize blk-crypto key as " Linlin Zhang
2026-05-12 18:53 ` Eric Biggers [this message]
2026-05-13 17:22 ` Eric Biggers
2026-05-14 9:48 ` Linlin Zhang
2026-05-14 15:43 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260512185335.GA3085076@google.com \
--to=ebiggers@kernel.org \
--cc=agk@redhat.com \
--cc=bmarzins@redhat.com \
--cc=dm-devel@lists.linux.dev \
--cc=linlin.zhang@oss.qualcomm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mpatocka@redhat.com \
--cc=snitzer@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.