Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp1310605pxa; Sat, 15 Aug 2020 15:25:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxrnRwLKO5bWXVfq8PpGKK2mfxR63MK6KyNN2a3dWVoCjikF4UhhOQ7XrTE8K23Nvi9YGrK X-Received: by 2002:a05:6402:212:: with SMTP id t18mr8829818edv.124.1597530337019; Sat, 15 Aug 2020 15:25:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597530337; cv=none; d=google.com; s=arc-20160816; b=0MkeCJLEhXNtvWLWs39bf0F/UmUi02sj+/Evgy+ELOd+e9Rg3yp9U4pr3FOcF4l6k/ FDKHprpbiPcvoPt9hJ6AXnv1MFvlTlzwIm5fd/eIQBjpxmAX4qJiFMLZq+FBvbRcIjBO 2AvPFq8t5a5HoYvBZBxtDIPpnmwIu5rG80wc8PTJqJ7iLzUmWRai6Jv9EC9IEujyfoJ0 mKptXxiUVe47xJPQnyvvf2gifP37dCUGEj+lMv3ioVaLq39qTUITDIu5L3JAW0n5y2kY h89/ggFpgcvYtpV+f8MLOP7Ta4BJ/Si+AdnSCltRIRFe5sxIdRNlXNpvixgu3LBAIKcG +aeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=UGnqfKZX4r7TguLjlxGfHSR080+ZUBq6KdTjrmfpvgY=; b=rkQaYLfglQ9ndYR4VhYMBpbYKPFT3hLR+STQ30cbL5RcRk8lGNtdhdtIfY7GE2Ydxp XXUvVpzwbhCYV747bcRWmcI0tnHuGdZu2Lr/c0/zRBN5pc2w90mzrydcCYZJ9qx2c0Rs BA3cRi1VLtevnIjdAmtlhctKfR6RlP/gmbRaJrbt29xa6GsC73xC4jYNxH/S4nOL3hf7 gSq15hvEQ497TmR0wgNWzI5Ib0ik/bpbeuuaGntcZs/FH2+VZZnu3/O01e/p5Rv+oWxA Qe7KK+uEoPQS+e6hChli/HuHaehvnrDZcRmvc20tWHhZvbx5ZnMRK+zugbKLGw1PPKTR 1otg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r25si7604367edw.333.2020.08.15.15.25.14; Sat, 15 Aug 2020 15:25:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729268AbgHOWYB (ORCPT + 99 others); Sat, 15 Aug 2020 18:24:01 -0400 Received: from mx2.suse.de ([195.135.220.15]:37958 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726541AbgHOWXu (ORCPT ); Sat, 15 Aug 2020 18:23:50 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id C53CFB65B; Sat, 15 Aug 2020 07:52:17 +0000 (UTC) From: Coly Li To: keyrings@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Coly Li , Dan Williams , James Bottomley , Jarkko Sakkinen , Mimi Zohar , Stefan Berger Subject: [PATCH RESEND] docs: update trusted-encrypted.rst Date: Sat, 15 Aug 2020 15:51:43 +0800 Message-Id: <20200815075143.47082-1-colyli@suse.de> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The parameters in tmp2 commands are outdated, people are not able to create trusted key by the example commands. This patch updates the paramerters of tpm2 commands, they are verified by tpm2-tools-4.1 with Linux v5.8 kernel. Signed-off-by: Coly Li Cc: Dan Williams Cc: James Bottomley Cc: Jarkko Sakkinen Cc: Mimi Zohar Cc: Stefan Berger --- Documentation/security/keys/trusted-encrypted.rst | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst index 9483a7425ad5..442a2775156e 100644 --- a/Documentation/security/keys/trusted-encrypted.rst +++ b/Documentation/security/keys/trusted-encrypted.rst @@ -39,10 +39,9 @@ With the IBM TSS 2 stack:: Or with the Intel TSS 2 stack:: - #> tpm2_createprimary --hierarchy o -G rsa2048 -o key.ctxt + #> tpm2_createprimary --hierarchy o -G rsa2048 key.ctxt [...] - handle: 0x800000FF - #> tpm2_evictcontrol -c key.ctxt -p 0x81000001 + #> tpm2_evictcontrol -c key.ctxt 0x81000001 persistentHandle: 0x81000001 Usage:: @@ -115,7 +114,7 @@ append 'keyhandle=0x81000001' to statements between quotes, such as :: - $ keyctl add trusted kmk "new 32" @u + $ keyctl add trusted kmk "new 32 keyhandle=0x81000001" @u 440502848 $ keyctl show @@ -138,7 +137,7 @@ append 'keyhandle=0x81000001' to statements between quotes, such as Load a trusted key from the saved blob:: - $ keyctl add trusted kmk "load `cat kmk.blob`" @u + $ keyctl add trusted kmk "load `cat kmk.blob` keyhandle=0x81000001" @u 268728824 $ keyctl print 268728824 -- 2.26.2