Expand description
crypt_policy contains all the key policy logic for the different operations that can be done with hardware keys. Keeping the policy logic in one place makes it easier to audit.
Enums§
- KeyConsumer
- Fxfs and zxcrypt have different null keys, so operations have to indicate which is ultimately going to consume the key we produce.
- KeySource
- Policy
Functions§
- format_
sources - Returns all valid key sources when formatting a volume, based on
policy. - get_
policy - Reads the policy from well-known locations in
/boot. - unseal_
sources - Returns all valid key sources when unsealing a volume, based on
policy.