On Wed, May 07, 2025 at 10:50:00AM +0300, Sagi Grimberg wrote: > Just so I understand, this is a separate issue from passing the keyring to > tlshd correct? Is the suggesting that nfs will create a special .nfs keyring > similar to what nvme does? Yeah. > Note that nvme also allows the user to pass its own keyring (never tried > it before - we probably need a blktest for it //hannes). So in this case, > the > possessor will need to set user READ perms on the key itself (assuming that > it updated tlshd.conf to know this keyring)? I think so. Or give user read permissions for the keys (which from my limited undertanding renders the patches a bit useless). Let me send out my current patches and discuss it there.
