On Fri, 21 Aug 2020 21:53:56 +0800 Coly Li <colyli@xxxxxxx> wrote: > The parameters in command examples for tpm2_createprimary and > tpm2_evictcontrol are outdated, people (like me) are not able to create > trusted key by these command examples. > > This patch updates the parameters of command example tpm2_createprimary > and tpm2_evictcontrol in trusted-encrypted.rst. With Linux kernel v5.8 > and tpm2-tools-4.1, people can create a trusted key by following the > examples in this document. > > Signed-off-by: Coly Li <colyli@xxxxxxx> > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > Reviewed-by: Stefan Berger <stefanb@xxxxxxxxxxxxx> > Cc: Dan Williams <dan.j.williams@xxxxxxxxx> > Cc: James Bottomley <jejb@xxxxxxxxxxxxx> > Cc: Jason Gunthorpe <jgg@xxxxxxxx> > Cc: Jonathan Corbet <corbet@xxxxxxx> > Cc: Mimi Zohar <zohar@xxxxxxxxxxxxx> > Cc: Peter Huewe <peterhuewe@xxxxxx> > --- > Changelog: > v4: update Reviewed-by list, and Cc linux-doc and linux-integrity > maintainers. > v3: update commit log with review comments from Jarkko Sakkinen. > v2: remove the change of trusted key related operation. > v1: initial version. > > Documentation/security/keys/trusted-encrypted.rst | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/Documentation/security/keys/trusted-encrypted.rst b/Documentation/security/keys/trusted-encrypted.rst > index 9483a7425ad5..1da879a68640 100644 > --- a/Documentation/security/keys/trusted-encrypted.rst > +++ b/Documentation/security/keys/trusted-encrypted.rst > @@ -39,10 +39,9 @@ With the IBM TSS 2 stack:: > > Or with the Intel TSS 2 stack:: > > - #> tpm2_createprimary --hierarchy o -G rsa2048 -o key.ctxt > + #> tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt > [...] > - handle: 0x800000FF > - #> tpm2_evictcontrol -c key.ctxt -p 0x81000001 > + #> tpm2_evictcontrol -c key.ctxt 0x81000001 > persistentHandle: 0x81000001 This has been languishing, sorry; I've just applied it. Thanks, jon
