These are the remaining features to enable trusted keys for TPM 2.0 that very not finished by the v4.4 merge window. These patches enable authorization policy based sealing (like using PCRs together with a password for example or something more complicated) with a user selected hash algorithm. Jarkko Sakkinen (2): keys, trusted: select hash algorithm for TPM2 chips keys, trusted: seal with a policy Documentation/security/keys-trusted-encrypted.txt | 31 ++++++---- crypto/hash_info.c | 2 + drivers/char/tpm/tpm.h | 10 +++- drivers/char/tpm/tpm2-cmd.c | 60 ++++++++++++++++--- include/crypto/hash_info.h | 3 + include/keys/trusted-type.h | 4 ++ include/uapi/linux/hash_info.h | 1 + security/keys/Kconfig | 1 + security/keys/trusted.c | 73 ++++++++++++++++++++++- 9 files changed, 161 insertions(+), 24 deletions(-) -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html