Mimi Zohar <zo...@linux.vnet.ibm.com> wrote: > > As I understand the code, I think operations being performed from ->update() > > are: > > > > (a) Resealing a key with a new pcrs (trusted). > > > > (b) Changing the master key (encrypted). > > > > Mimi, Dmitry: is this list right? > > In addition to resealing trusted keys to a new TPM PCR value, there are > a few other options that can be modified (eg. keyauth, blobauth, > pcrlock). Encrypted keys can be encrypted/decrypted with a new master > key (trusted or user key type).
Can (re)sealing a key be viewed as encrypting it? Is the difference between sealing a key and encrypting a key the use of hardware support? David -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
