From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757542AbbJ2T1R (ORCPT ); Thu, 29 Oct 2015 15:27:17 -0400 Received: from e23smtp06.au.ibm.com ([202.81.31.148]:54391 "EHLO e23smtp06.au.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756870AbbJ2T1O (ORCPT ); Thu, 29 Oct 2015 15:27:14 -0400 X-Helo: d23dlp02.au.ibm.com X-MailFrom: zohar@linux.vnet.ibm.com X-RcptTo: linux-security-module@vger.kernel.org Message-ID: <1446146762.13911.3.camel@linux.vnet.ibm.com> Subject: Re: [PATCH v1 4/4] keys, trusted: update documentation for 'hash=' option From: Mimi Zohar To: Jarkko Sakkinen Cc: Peter Huewe , Marcel Selhorst , David Howells , tpmdd-devel@lists.sourceforge.net, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, chris.j.arges@canonical.com, seth.forshee@canonical.com, colin.king@canonical.com, josh@joshtriplett.org, David Safford , Jonathan Corbet , "open list:DOCUMENTATION" Date: Thu, 29 Oct 2015 15:26:02 -0400 In-Reply-To: <1446134370-11460-5-git-send-email-jarkko.sakkinen@linux.intel.com> References: <1446134370-11460-1-git-send-email-jarkko.sakkinen@linux.intel.com> <1446134370-11460-5-git-send-email-jarkko.sakkinen@linux.intel.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.12.11 (3.12.11-1.fc21) Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 15102919-0021-0000-0000-0000021348A5 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2015-10-29 at 17:59 +0200, Jarkko Sakkinen wrote: > Documented 'hash=' option. No reason for a separate patch. Please squash this patch with the one that introduced the new option. Mimi > Signed-off-by: Jarkko Sakkinen > --- > Documentation/security/keys-trusted-encrypted.txt | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/Documentation/security/keys-trusted-encrypted.txt b/Documentation/security/keys-trusted-encrypted.txt > index e105ae9..fd2565b 100644 > --- a/Documentation/security/keys-trusted-encrypted.txt > +++ b/Documentation/security/keys-trusted-encrypted.txt > @@ -38,6 +38,9 @@ Usage: > pcrlock= pcr number to be extended to "lock" blob > migratable= 0|1 indicating permission to reseal to new PCR values, > default 1 (resealing allowed) > + hash= hash algorithm name as a string. For TPM 1.x the only > + allowed value is sha1. For TPM 2.x the allowed values > + are sha1, sha256, sha384, sha512 and sm3-256. > > "keyctl print" returns an ascii hex copy of the sealed key, which is in standard > TPM_STORED_DATA format. The key length for new keys are always in bytes.