On Thu, Jan 10, 2019 at 12:39:58AM +0800, joeyli wrote:
> Hi Andy,
>
[...snip]
>
> Let's why I encrypt/decrypt data pages one by one, then I copy the
^^^^^^^ That's why
> encrypt/decrypt data from buffer page (only one buffer page reserved
> for encrypt/decrypt) to original page. I encreypt pages one by one, but
> I HMAC and verify the whole snapshot image by update mode.
>
[...snip]
>
> > Why are you manually supporting three different key types? Can’t you
> > just somehow support all key types? And shouldn’t you be verifying
>
> I only supported two key typs in my patch set, user defined key and
> TPM trusted key. The EFI secure boot did not accept by EFI subsystem.
^^^^^^^^^^^^^^^^^^^ EFI secure key
https://lkml.org/lkml/2018/8/5/10
Sorry for I produced too many typo when feeling sleepy...
Thanks a lot!
Joey Lee
