On Thu, Nov 19, 2015 at 10:59:57AM +0000, Fuchs, Andreas wrote: > > ________________________________________ > > From: Jarkko Sakkinen [jarkko.sakki...@linux.intel.com] > > Sent: Tuesday, November 17, 2015 17:27 > > > > Support for sealing with a authorization policy. > > > > Two new options for trusted keys: > > > > * 'policydigest=': provide an auth policy digest for sealing. > > * 'policyhandle=': provide a policy session handle for unsealing. > > Hi Jarkko, > > just out of curiosity; when testing this, how did you calculate the blobauth > parameter ? > Since its calculation requires the cpHash for the unseal()-command... > If you "predict" the cpHash in userSpace, this would mean that userspace > needs to know the > kernels way of constructing the unseal()-command to the TPM, which in turn > would make > this part of the ABI and require documentation before upstreaming, imho.
Is this a comment about the patch? Have you actually read the source code or where is this coming from? Please read the source code. > Cheers, > Andreas-- /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
