Re: [PATCH v1 4/4] keys, trusted: update documentation for 'hash=' option

[Jarkko Sakkinen]

On Thu, Oct 29, 2015 at 03:26:02PM -0400, Mimi Zohar wrote:
> On Thu, 2015-10-29 at 17:59 +0200, Jarkko Sakkinen wrote:
> > Documented 'hash=' option.
> 
> No reason for a separate patch.  Please squash this patch with the one
> that introduced the new option.

Right. I'm going to do this and also swapping the order of patches (from
"1.  tpm 2. trusted" to "1. trusted 2. tpm") so that they can be tested
separately (and thereby also moving change to trusted_key_option to
"trusted" patch).

> Mimi

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe 
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH v1 4/4] keys, trusted: update documentation for 'hash=' option

[Jarkko Sakkinen]

Documented 'hash=' option.

Signed-off-by: Jarkko Sakkinen 
---
 Documentation/security/keys-trusted-encrypted.txt | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Documentation/security/keys-trusted-encrypted.txt 
b/Documentation/security/keys-trusted-encrypted.txt
index e105ae9..fd2565b 100644
--- a/Documentation/security/keys-trusted-encrypted.txt
+++ b/Documentation/security/keys-trusted-encrypted.txt
@@ -38,6 +38,9 @@ Usage:
pcrlock=  pcr number to be extended to "lock" blob
migratable= 0|1 indicating permission to reseal to new PCR values,
default 1 (resealing allowed)
+   hash=  hash algorithm name as a string. For TPM 1.x the only
+  allowed value is sha1. For TPM 2.x the allowed values
+ are sha1, sha256, sha384, sha512 and sm3-256.
 
 "keyctl print" returns an ascii hex copy of the sealed key, which is in 
standard
 TPM_STORED_DATA format.  The key length for new keys are always in bytes.
-- 
2.5.0

--
To unsubscribe from this list: send the line "unsubscribe 
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html