Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp2132772pxa;
        Fri, 7 Aug 2020 04:04:41 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJz9NZgUuqLAWzvX9WmUVDbgN0x16zQrHKZ9TaRi1fPQqXXSsSaW4eI9/MD96G0qfcdvjowf
X-Received: by 2002:a05:6402:1457:: with SMTP id d23mr8303282edx.149.1596798280796;
        Fri, 07 Aug 2020 04:04:40 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1596798280; cv=none;
        d=google.com; s=arc-20160816;
        b=ILoEgfwd7IxWvO5yzelO4RgnQiCL30BUg4Abwh5eYtoaKSMFGgJxMvrqamSQsPrfA7
         W698kkCz+e4soQzq4YCVpaaVAiNmzVOlQU4/2qqk45s5SxcCx4O4zdNczRSKOi68UVpL
         Ma6yEJs5GnAnBkWMBqUPIzvdrfHN70E7FdKxKwuGCdNzzARSkQHEjnsCF7gxQJVdUdLk
         7InNrrY5lLvXCMyLFs0Tz208fBmIzJ+bRdFMQfpgwjsoX/jx8f8nGkia4kP1DsNfzVtk
         X7ECb+3XAuASJP8DvMu4He0ZHz7hTaBRMSKRPOpQFuHAk3Z3/rwr+L7IB5uP6a3VnFsL
         jCNA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=6fvQs7MJIU/Ze75havPYg/faaFmBJjMW15exMpEq/hA=;
        b=uzPKWuEZvyQA1xSBob4z/7suwUFz71XMoDzajXMRzhXP/J0naHZ0T2lJZrWFWMHkuU
         0PYbN+t1qDw/RwgigdzrFn239gmscbrG8Iz5pJaieRXYS/y0hYKuCIw0xWcls0j9Ngvy
         o0DyKE7G/cbi4choxBA1txqByn8KE26yw64XhxmPCD5yQVTS69RoeePQMgOco+aHYrXS
         tHBPzOGjsiDmt7OjIpsL0AWTd54ypdYMovvKbjleD4hlcBQQl0dN29GeR4l0jGsfcS9c
         0A4+So4Poh3RRQg/0GHgPW9bwZhe5TiBbQRuvWxcKLwp46j2/R24/G+i4ePw/3nBIH+l
         VVGg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id do5si5947642ejc.612.2020.08.07.04.04.01;
        Fri, 07 Aug 2020 04:04:40 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728181AbgHGLBP (ORCPT <rfc822;chenl.lei@gmail.com> + 99 others);
        Fri, 7 Aug 2020 07:01:15 -0400
Received: from mx2.suse.de ([195.135.220.15]:53276 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726635AbgHGK6i (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 7 Aug 2020 06:58:38 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.221.27])
        by mx2.suse.de (Postfix) with ESMTP id 3E588AB3D;
        Fri,  7 Aug 2020 10:58:36 +0000 (UTC)
From:   Coly Li <colyli@suse.de>
To:     linux-kernel@vger.kernel.org
Cc:     Coly Li <colyli@suse.de>, Stefan Berger <stefanb@linux.ibm.com>,
        Dan Williams <dan.j.williams@intel.com>,
        Mimi Zohar <zohar@linux.ibm.com>
Subject: [PATCH] docs: update trusted-encrypted.rst
Date:   Fri,  7 Aug 2020 18:58:13 +0800
Message-Id: <20200807105813.59900-1-colyli@suse.de>
X-Mailer: git-send-email 2.26.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

The parameters in tmp2 commands are outdated, people are not able to
create trusted key by the example commands.

This patch updates the paramerters of tpm2 commands, they are verified
by tpm2-tools-4.1 with Linux v5.8 kernel.

Signed-off-by: Coly Li <colyli@suse.de>
Cc: Stefan Berger <stefanb@linux.ibm.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Mimi Zohar <zohar@linux.ibm.com>
---
 Documentation/security/keys/trusted-encrypted.rst | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst
index 9483a7425ad5..442a2775156e 100644
--- a/Documentation/security/keys/trusted-encrypted.rst
+++ b/Documentation/security/keys/trusted-encrypted.rst
@@ -39,10 +39,9 @@ With the IBM TSS 2 stack::
 
 Or with the Intel TSS 2 stack::
 
-  #> tpm2_createprimary --hierarchy o -G rsa2048 -o key.ctxt
+  #> tpm2_createprimary --hierarchy o -G rsa2048 key.ctxt
   [...]
-  handle: 0x800000FF
-  #> tpm2_evictcontrol -c key.ctxt -p 0x81000001
+  #> tpm2_evictcontrol -c key.ctxt 0x81000001
   persistentHandle: 0x81000001
 
 Usage::
@@ -115,7 +114,7 @@ append 'keyhandle=0x81000001' to statements between quotes, such as
 
 ::
 
-    $ keyctl add trusted kmk "new 32" @u
+    $ keyctl add trusted kmk "new 32 keyhandle=0x81000001" @u
     440502848
 
     $ keyctl show
@@ -138,7 +137,7 @@ append 'keyhandle=0x81000001' to statements between quotes, such as
 
 Load a trusted key from the saved blob::
 
-    $ keyctl add trusted kmk "load `cat kmk.blob`" @u
+    $ keyctl add trusted kmk "load `cat kmk.blob` keyhandle=0x81000001" @u
     268728824
 
     $ keyctl print 268728824
-- 
2.26.2