From: Jarkko Sakkinen Subject: [PATCH v2 0/3] TPM 2.0 trusted key features for v4.5 Date: Sun, 13 Dec 2015 17:42:28 +0200 Message-ID: <1450021353-8775-1-git-send-email-jarkko.sakkinen@linux.intel.com> Cc: Jarkko Sakkinen , James Morris , Jason Gunthorpe , keyrings-u79uwXL29TY76Z2rM5mHXA@public.gmane.org (open list:KEYS-ENCRYPTED), linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org (open list:ABI/API), linux-crypto-u79uwXL29TY76Z2rM5mHXA@public.gmane.org (open list:CRYPTO API), linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org (open list:DOCUMENTATION), linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org (open list), linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org (open list:KEYS-ENCRYPTED), tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org (moderated list:TPM DEVICE DRIVER) To: Peter Huewe , Marcel Selhorst , David Howells , Mimi Zohar , Jonathan Corbet Return-path: Sender: linux-api-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org List-Id: linux-crypto.vger.kernel.org These are the remaining features to enable trusted keys for TPM 2.0 that were not finished by the v4.4 merge window. These patches enable authorization policy based sealing (like using PCRs together with a password for example or something more complicated) with a user selected hash algorithm. Jarkko Sakkinen (3): keys, trusted: fix: *do not* allow duplicate key options keys, trusted: select hash algorithm for TPM2 chips keys, trusted: seal with a TPM2 authorization policy Documentation/security/keys-trusted-encrypted.txt | 31 +++++++----- crypto/hash_info.c | 2 + drivers/char/tpm/tpm.h | 10 ++-- drivers/char/tpm/tpm2-cmd.c | 60 ++++++++++++++++++++--- include/crypto/hash_info.h | 3 ++ include/keys/trusted-type.h | 5 ++ include/uapi/linux/hash_info.h | 1 + security/keys/Kconfig | 1 + security/keys/trusted.c | 56 ++++++++++++++++++++- 9 files changed, 147 insertions(+), 22 deletions(-) -- 2.5.0