From: colyli@suse.de
To: keyrings@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: Coly Li <colyli@suse.de>, Dan Williams <dan.j.williams@intel.com>,
James Bottomley <jejb@linux.ibm.com>,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
Mimi Zohar <zohar@linux.ibm.com>,
Stefan Berger <stefanb@linux.ibm.com>
Subject: [PATCH RESEND] docs: update trusted-encrypted.rst
Date: Sat, 15 Aug 2020 12:46:14 +0000 [thread overview]
Message-ID: <20200815124614.115201-1-colyli@suse.de> (raw)
In-Reply-To: <20200815075143.47082-1-colyli@suse.de>
From: Coly Li <colyli@suse.de>
The parameters in tmp2 commands are outdated, people are not able to
create trusted key by the example commands.
This patch updates the paramerters of tpm2 commands, they are verified
by tpm2-tools-4.1 with Linux v5.8 kernel.
Signed-off-by: Coly Li <colyli@suse.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Mimi Zohar <zohar@linux.ibm.com>
Cc: Stefan Berger <stefanb@linux.ibm.com>
---
Documentation/security/keys/trusted-encrypted.rst | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst
index 9483a7425ad5..442a2775156e 100644
--- a/Documentation/security/keys/trusted-encrypted.rst
+++ b/Documentation/security/keys/trusted-encrypted.rst
@@ -39,10 +39,9 @@ With the IBM TSS 2 stack::
Or with the Intel TSS 2 stack::
- #> tpm2_createprimary --hierarchy o -G rsa2048 -o key.ctxt
+ #> tpm2_createprimary --hierarchy o -G rsa2048 key.ctxt
[...]
- handle: 0x800000FF
- #> tpm2_evictcontrol -c key.ctxt -p 0x81000001
+ #> tpm2_evictcontrol -c key.ctxt 0x81000001
persistentHandle: 0x81000001
Usage::
@@ -115,7 +114,7 @@ append 'keyhandle=0x81000001' to statements between quotes, such as
::
- $ keyctl add trusted kmk "new 32" @u
+ $ keyctl add trusted kmk "new 32 keyhandle=0x81000001" @u
440502848
$ keyctl show
@@ -138,7 +137,7 @@ append 'keyhandle=0x81000001' to statements between quotes, such as
Load a trusted key from the saved blob::
- $ keyctl add trusted kmk "load `cat kmk.blob`" @u
+ $ keyctl add trusted kmk "load `cat kmk.blob` keyhandle=0x81000001" @u
268728824
$ keyctl print 268728824
--
2.26.2
next prev parent reply other threads:[~2020-08-15 12:46 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-15 7:51 [PATCH RESEND] docs: update trusted-encrypted.rst Coly Li
2020-08-15 12:46 ` colyli [this message]
2020-08-16 16:06 ` Stefan Berger
2020-08-16 16:36 ` James Bottomley
2020-08-16 16:57 ` Coly Li
2020-08-16 17:12 ` James Bottomley
2020-08-16 17:15 ` Coly Li
2020-08-18 15:44 ` Jarkko Sakkinen
2020-08-18 16:19 ` James Bottomley
2020-08-19 21:01 ` Jarkko Sakkinen
2020-08-16 17:01 ` Coly Li
2020-08-16 17:08 ` James Bottomley
2020-08-16 17:22 ` Coly Li
2020-08-16 17:05 ` Coly Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200815124614.115201-1-colyli@suse.de \
--to=colyli@suse.de \
--cc=dan.j.williams@intel.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jejb@linux.ibm.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stefanb@linux.ibm.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).