Add overwrite command usages to security documentation. Signed-off-by: Dave Jiang <dave.ji...@intel.com> --- Documentation/nvdimm/security.txt | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/Documentation/nvdimm/security.txt b/Documentation/nvdimm/security.txt index 11240ce48755..dfe70a8fa25b 100644 --- a/Documentation/nvdimm/security.txt +++ b/Documentation/nvdimm/security.txt @@ -96,9 +96,19 @@ its keyid should be passed in via sysfs. The command format for doing a secure erase is: erase <current keyid> -An "old" key with the passphrase payload that is tied to the nvdimm should be -injected with a key description that does not have the "nvdimm:" prefix and -its keyid should be passed in via sysfs. +9. Overwrite +------------ +The command format for doing an overwrite is: +overwrite <current keyid> + +Overwrite can be done without a key if security is not enabled. A key serial +of 0 can be passed in to indicate no key. + +The sysfs attribute "security" can be polled to wait on overwrite completion. +Overwrite can last tens of minutes or more depending on nvdimm size. + +An encrypted key with the current key passphrase that is tied to the nvdimm +should be injected and its keyid should be passed in via sysfs. [1]: http://pmem.io/documents/NVDIMM_DSM_Interface-V1.7.pdf [2]: http://www.t13.org/documents/UploadedDocuments/docs2006/e05179r4-ACS-SecurityClarifications.pdf _______________________________________________ Linux-nvdimm mailing list Linux-nvdimm@lists.01.org https://lists.01.org/mailman/listinfo/linux-nvdimm
