On 9/8/23 9:30 AM, gjoyce@linux.vnet.ibm.com wrote:

From: Greg Joyce <redacted>

This patchset extends the capabilites incorporated into for-6.6/block
(https://git.kernel.dk/cgit/linux/commit/?h=for-6.6/block&id=3bfeb61256643281ac4be5b8a57e9d9da3db4335) by allowing the SED Opal key to be seeded into
the keyring from a secure permanent keystore.

It has gone through numerous rounds of review and all comments/suggetions
have been addressed. The reviews have covered all relevant areas including
reviews by block and keyring developers as well as the SED Opal
maintainer. The last patchset submission has not solicited any responses
in the six weeks since it was last distributed. The changes are
generally useful and ready for inclusion.

TCG SED Opal is a specification from The Trusted Computing Group
that allows self encrypting storage devices (SED) to be locked at
power on and require an authentication key to unlock the drive.

Generic functions have been defined for accessing SED Opal keys.
The generic functions are defined as weak so that they may be superseded
by keystore specific versions.

PowerPC/pseries versions of these functions provide read/write access
to SED Opal keys in the PLPKS keystore.

The SED block driver has been modified to read the SED Opal
keystore to populate a key in the SED Opal keyring. Changes to the
SED Opal key will be written to the SED Opal keystore.

Applied for 6.7, thanks.

-- 
Jens Axboe