summaryrefslogtreecommitdiff
path: root/drivers/nvdimm/Kconfig
diff options
context:
space:
mode:
authorDave Jiang <dave.jiang@intel.com>2018-12-06 12:40:01 -0800
committerDan Williams <dan.j.williams@intel.com>2018-12-13 17:54:13 -0800
commit4c6926a23b76ea23403976290cd45a7a143f6500 (patch)
tree55dc830eafb03c36a4445f6b03c7e5dbe46be2dd /drivers/nvdimm/Kconfig
parent37833fb7989a9d3c3e26354e6878e682c340d718 (diff)
downloadlwn-4c6926a23b76ea23403976290cd45a7a143f6500.tar.gz
lwn-4c6926a23b76ea23403976290cd45a7a143f6500.zip
acpi/nfit, libnvdimm: Add unlock of nvdimm support for Intel DIMMs
Add support to unlock the dimm via the kernel key management APIs. The passphrase is expected to be pulled from userspace through keyutils. The key management and sysfs attributes are libnvdimm generic. Encrypted keys are used to protect the nvdimm passphrase at rest. The master key can be a trusted-key sealed in a TPM, preferred, or an encrypted-key, more flexible, but more exposure to a potential attacker. Signed-off-by: Dave Jiang <dave.jiang@intel.com> Co-developed-by: Dan Williams <dan.j.williams@intel.com> Reported-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Diffstat (limited to 'drivers/nvdimm/Kconfig')
-rw-r--r--drivers/nvdimm/Kconfig5
1 files changed, 5 insertions, 0 deletions
diff --git a/drivers/nvdimm/Kconfig b/drivers/nvdimm/Kconfig
index 9d36473dc2a2..5e27918e4624 100644
--- a/drivers/nvdimm/Kconfig
+++ b/drivers/nvdimm/Kconfig
@@ -112,4 +112,9 @@ config OF_PMEM
Select Y if unsure.
+config NVDIMM_KEYS
+ def_bool y
+ depends on ENCRYPTED_KEYS
+ depends on (LIBNVDIMM=ENCRYPTED_KEYS) || LIBNVDIMM=m
+
endif