Both Android and iPhone's use their secure enclave's for storing their encryption keys limiting the effective targets of these attacks (and would be quite difficult to physically extract from).
I suppose this is still useful for older hardware and ultra budget phones... But this is a protection against state actors and high end espionage which wouldn't use those classes of devices...
Soooooo who is this for? What threat model is this meaningful for? In what world am I trusting a random unaudited security module that taints my kernel for _any_ security sensitive application?
For some definition of great. E.g. Ryzen-based Thinkpad, not enabled by default, hangs on boot if requested via mem_encrypt=on kernel command line[0].
https://www.kernel.org/doc/html/v5.8/x86/amd-memory-encrypti...