For the first time ever, the Linux Kernel includes a stackable file system. The new file system name is eCryptfs and it is based on FiST.
“eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between hosts; the file will be decryptable with the proper key, and there is no need to keep track of any additional information aside from what is already in the encrypted file itself. ”
eCryptfs can make use of the TPM (Trusted Platform Module) using TPM Keyring.