The parameters in command examples for tpm2_createprimary and
tpm2_evictcontrol are outdated, people (like me) are not able to create
trusted key by these command examples.
This patch updates the parameters of command example tpm2_createprimary
and tpm2_evictcontrol in trusted-encrypted.rst. With Linux kernel v5.8
and tpm2-tools-4.1, people can create a trusted key by following the
examples in this document.
Signed-off-by: Coly Li <[email protected]>
Cc: Dan Williams <[email protected]>
Cc: James Bottomley <[email protected]>
Cc: Jarkko Sakkinen <[email protected]>
Cc: Mimi Zohar <[email protected]>
Cc: Stefan Berger <[email protected]>
---
Changelog:
v3: update commit log with review comments from Jarkko Sakkinen.
v2: remove the change of trusted key related operation.
v1: initial version.
Documentation/security/keys/trusted-encrypted.rst | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst
index 9483a7425ad5..1da879a68640 100644
--- a/Documentation/security/keys/trusted-encrypted.rst
+++ b/Documentation/security/keys/trusted-encrypted.rst
@@ -39,10 +39,9 @@ With the IBM TSS 2 stack::
Or with the Intel TSS 2 stack::
- #> tpm2_createprimary --hierarchy o -G rsa2048 -o key.ctxt
+ #> tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt
[...]
- handle: 0x800000FF
- #> tpm2_evictcontrol -c key.ctxt -p 0x81000001
+ #> tpm2_evictcontrol -c key.ctxt 0x81000001
persistentHandle: 0x81000001
Usage::
--
2.26.2
On Wed, Aug 19, 2020 at 01:00:02AM +0800, Coly Li wrote:
> The parameters in command examples for tpm2_createprimary and
> tpm2_evictcontrol are outdated, people (like me) are not able to create
> trusted key by these command examples.
>
> This patch updates the parameters of command example tpm2_createprimary
> and tpm2_evictcontrol in trusted-encrypted.rst. With Linux kernel v5.8
> and tpm2-tools-4.1, people can create a trusted key by following the
> examples in this document.
>
> Signed-off-by: Coly Li <[email protected]>
> Cc: Dan Williams <[email protected]>
> Cc: James Bottomley <[email protected]>
> Cc: Jarkko Sakkinen <[email protected]>
> Cc: Mimi Zohar <[email protected]>
> Cc: Stefan Berger <[email protected]>
OK, now it is clear. Thank you.
Reviewed-by: Jarkko Sakkinen <[email protected]>
/Jarkko
> ---
> Changelog:
> v3: update commit log with review comments from Jarkko Sakkinen.
> v2: remove the change of trusted key related operation.
> v1: initial version.
>
> Documentation/security/keys/trusted-encrypted.rst | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst
> index 9483a7425ad5..1da879a68640 100644
> --- a/Documentation/security/keys/trusted-encrypted.rst
> +++ b/Documentation/security/keys/trusted-encrypted.rst
> @@ -39,10 +39,9 @@ With the IBM TSS 2 stack::
>
> Or with the Intel TSS 2 stack::
>
> - #> tpm2_createprimary --hierarchy o -G rsa2048 -o key.ctxt
> + #> tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt
> [...]
> - handle: 0x800000FF
> - #> tpm2_evictcontrol -c key.ctxt -p 0x81000001
> + #> tpm2_evictcontrol -c key.ctxt 0x81000001
> persistentHandle: 0x81000001
>
> Usage::
> --
> 2.26.2
>
On Thu, Aug 20, 2020 at 12:02:38AM +0300, Jarkko Sakkinen wrote:
> On Wed, Aug 19, 2020 at 01:00:02AM +0800, Coly Li wrote:
> > The parameters in command examples for tpm2_createprimary and
> > tpm2_evictcontrol are outdated, people (like me) are not able to create
> > trusted key by these command examples.
> >
> > This patch updates the parameters of command example tpm2_createprimary
> > and tpm2_evictcontrol in trusted-encrypted.rst. With Linux kernel v5.8
> > and tpm2-tools-4.1, people can create a trusted key by following the
> > examples in this document.
> >
> > Signed-off-by: Coly Li <[email protected]>
> > Cc: Dan Williams <[email protected]>
> > Cc: James Bottomley <[email protected]>
> > Cc: Jarkko Sakkinen <[email protected]>
> > Cc: Mimi Zohar <[email protected]>
> > Cc: Stefan Berger <[email protected]>
>
> OK, now it is clear. Thank you.
>
> Reviewed-by: Jarkko Sakkinen <[email protected]>
There is one problem though.
You have missed to add linux-doc and linux-integrity maintainers and
also their maintainers from the CC list. You need to resend this patch
with that information. Use get_maintainers.pl or look from the file
called MAINTAINERS.
/Jarkko
On 8/19/20 5:02 PM, Jarkko Sakkinen wrote:
> On Wed, Aug 19, 2020 at 01:00:02AM +0800, Coly Li wrote:
>> The parameters in command examples for tpm2_createprimary and
>> tpm2_evictcontrol are outdated, people (like me) are not able to create
>> trusted key by these command examples.
>>
>> This patch updates the parameters of command example tpm2_createprimary
>> and tpm2_evictcontrol in trusted-encrypted.rst. With Linux kernel v5.8
>> and tpm2-tools-4.1, people can create a trusted key by following the
>> examples in this document.
>>
>> Signed-off-by: Coly Li <[email protected]>
>> Cc: Dan Williams <[email protected]>
>> Cc: James Bottomley <[email protected]>
>> Cc: Jarkko Sakkinen <[email protected]>
>> Cc: Mimi Zohar <[email protected]>
>> Cc: Stefan Berger <[email protected]>
> OK, now it is clear. Thank you.
>
> Reviewed-by: Jarkko Sakkinen <[email protected]>
Reviewed-by: Stefan Berger <[email protected]>
>
> /Jarkko
>
>> ---
>> Changelog:
>> v3: update commit log with review comments from Jarkko Sakkinen.
>> v2: remove the change of trusted key related operation.
>> v1: initial version.
>>
>> Documentation/security/keys/trusted-encrypted.rst | 5 ++---
>> 1 file changed, 2 insertions(+), 3 deletions(-)
>>
>> diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst
>> index 9483a7425ad5..1da879a68640 100644
>> --- a/Documentation/security/keys/trusted-encrypted.rst
>> +++ b/Documentation/security/keys/trusted-encrypted.rst
>> @@ -39,10 +39,9 @@ With the IBM TSS 2 stack::
>>
>> Or with the Intel TSS 2 stack::
>>
>> - #> tpm2_createprimary --hierarchy o -G rsa2048 -o key.ctxt
>> + #> tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt
>> [...]
>> - handle: 0x800000FF
>> - #> tpm2_evictcontrol -c key.ctxt -p 0x81000001
>> + #> tpm2_evictcontrol -c key.ctxt 0x81000001
>> persistentHandle: 0x81000001
>>
>> Usage::
>> --
>> 2.26.2
>>
On 2020/8/20 05:04, Jarkko Sakkinen wrote:
> On Thu, Aug 20, 2020 at 12:02:38AM +0300, Jarkko Sakkinen wrote:
>> On Wed, Aug 19, 2020 at 01:00:02AM +0800, Coly Li wrote:
>>> The parameters in command examples for tpm2_createprimary and
>>> tpm2_evictcontrol are outdated, people (like me) are not able to create
>>> trusted key by these command examples.
>>>
>>> This patch updates the parameters of command example tpm2_createprimary
>>> and tpm2_evictcontrol in trusted-encrypted.rst. With Linux kernel v5.8
>>> and tpm2-tools-4.1, people can create a trusted key by following the
>>> examples in this document.
>>>
>>> Signed-off-by: Coly Li <[email protected]>
>>> Cc: Dan Williams <[email protected]>
>>> Cc: James Bottomley <[email protected]>
>>> Cc: Jarkko Sakkinen <[email protected]>
>>> Cc: Mimi Zohar <[email protected]>
>>> Cc: Stefan Berger <[email protected]>
>>
>> OK, now it is clear. Thank you.
>>
>> Reviewed-by: Jarkko Sakkinen <[email protected]>
>
> There is one problem though.
>
> You have missed to add linux-doc and linux-integrity maintainers and
> also their maintainers from the CC list. You need to resend this patch
> with that information. Use get_maintainers.pl or look from the file
> called MAINTAINERS.
Copied. Some of the maintainers are in Cc list already, I add rested in
v4 patch, and Cc linux-doc and linux-integrity mailing lists.
Thanks.
Coly Li
On Fri, Aug 21, 2020 at 09:50:16PM +0800, Coly Li wrote:
> On 2020/8/20 05:04, Jarkko Sakkinen wrote:
> > On Thu, Aug 20, 2020 at 12:02:38AM +0300, Jarkko Sakkinen wrote:
> >> On Wed, Aug 19, 2020 at 01:00:02AM +0800, Coly Li wrote:
> >>> The parameters in command examples for tpm2_createprimary and
> >>> tpm2_evictcontrol are outdated, people (like me) are not able to create
> >>> trusted key by these command examples.
> >>>
> >>> This patch updates the parameters of command example tpm2_createprimary
> >>> and tpm2_evictcontrol in trusted-encrypted.rst. With Linux kernel v5.8
> >>> and tpm2-tools-4.1, people can create a trusted key by following the
> >>> examples in this document.
> >>>
> >>> Signed-off-by: Coly Li <[email protected]>
> >>> Cc: Dan Williams <[email protected]>
> >>> Cc: James Bottomley <[email protected]>
> >>> Cc: Jarkko Sakkinen <[email protected]>
> >>> Cc: Mimi Zohar <[email protected]>
> >>> Cc: Stefan Berger <[email protected]>
> >>
> >> OK, now it is clear. Thank you.
> >>
> >> Reviewed-by: Jarkko Sakkinen <[email protected]>
> >
> > There is one problem though.
> >
> > You have missed to add linux-doc and linux-integrity maintainers and
> > also their maintainers from the CC list. You need to resend this patch
> > with that information. Use get_maintainers.pl or look from the file
> > called MAINTAINERS.
>
> Copied. Some of the maintainers are in Cc list already, I add rested in
> v4 patch, and Cc linux-doc and linux-integrity mailing lists.
Please do.
> Thanks.
>
> Coly Li
BR,
/Jarkko