ee7bdc62fd
This is a snapshot of the crypto drivers as of msm-4.14 commit 367c46b1 (Enable hardware based FBE on f2fs and adapt ext4 fs). Change-Id: Ifb52ed101d6e971c5823037f7895049b830c78c5 Signed-off-by: Zhen Kong <zkong@codeaurora.org>
43 lines
1.2 KiB
Plaintext
43 lines
1.2 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
menu "Qualcomm Technologies, Inc Per File Encryption security device drivers"
|
|
depends on ARCH_QCOM
|
|
|
|
config PFT
|
|
bool "Per-File-Tagger driver"
|
|
depends on SECURITY
|
|
default n
|
|
help
|
|
This driver is used for tagging enterprise files.
|
|
It is part of the Per-File-Encryption (PFE) feature.
|
|
The driver is tagging files when created by
|
|
registered application.
|
|
Tagged files are encrypted using the dm-req-crypt driver.
|
|
|
|
config PFK
|
|
bool "Per-File-Key driver"
|
|
depends on SECURITY
|
|
depends on SECURITY_SELINUX
|
|
default n
|
|
help
|
|
This driver is used for storing eCryptfs information
|
|
in file node.
|
|
This is part of eCryptfs hardware enhanced solution
|
|
provided by Qualcomm Technologies, Inc.
|
|
Information is used when file is encrypted later using
|
|
ICE or dm crypto engine
|
|
|
|
config PFK_WRAPPED_KEY_SUPPORTED
|
|
bool "Per-File-Key driver with wrapped key support"
|
|
depends on SECURITY
|
|
depends on SECURITY_SELINUX
|
|
depends on QSEECOM
|
|
depends on PFK
|
|
default n
|
|
help
|
|
Adds wrapped key support in PFK driver. Instead of setting
|
|
the key directly in ICE, it unwraps the key and sets the key
|
|
in ICE.
|
|
It ensures the key is protected within a secure environment
|
|
and only the wrapped key is present in the kernel.
|
|
endmenu
|