Re: [PATCH 02/11] libnvdimm/security: change clear text nvdimm keys to encrypted keys

In order to make nvdimm more secure, encrypted keys will be used instead of clear text keys. A master key will be created to seal encrypted nvdimm keys. The master key can be a trusted key generated from TPM 2.0 or a less secure user key. In the process of this conversion, the kernel cached key will be removed in order to simplify the verification process. The hardware will be used to verify the decrypted user payload directly. Signed-off-by: Dave Jiang <dave.jiang(a)intel.com&gt; --- Documentation/nvdimm/security.txt | 29 ++- drivers/nvdimm/dimm.c | 3 drivers/nvdimm/dimm_devs.c | 2 drivers/nvdimm/nd-core.h | 3 drivers/nvdimm/nd.h | 5 - drivers/nvdimm/security.c | 316 ++++++++++--------------------------- 6 files changed, 108 insertions(+), 250 deletions(-)