Lines Matching +full:single +full:- +full:master

6 ---------------
16 ------------------
28 update <old_keyid> <new_keyid> - enable or update passphrase.
29 disable <keyid> - disable enabled security and remove key.
30 freeze - freeze changing of security states.
31 erase <keyid> - delete existing user encryption key.
32 overwrite <keyid> - wipe the entire nvdimm.
33 master_update <keyid> <new_keyid> - enable or update master passphrase.
34 master_erase <keyid> - delete existing user encryption key.
37 -----------------
41 8089-a2-1740-00000133
45 The security keys are managed on the basis of a single key per DIMM. The
51 A nvdimm encrypted-key of format enc32 has the description format of:
52 nvdimm:<bus-provider-specific-unique-id>
54 See file ``Documentation/security/keys/trusted-encrypted.rst`` for creating
55 encrypted-keys of enc32 format. TPM usage with a master trusted key is
56 preferred for sealing the encrypted-keys.
59 ------------
64 relevant encrypted-keys into the kernel user keyring during the initramfs phase.
70 ---------
84 ---------
89 ----------
97 ---------------
105 ------------
115 An encrypted-key with the current user passphrase that is tied to the nvdimm
118 10. Master Update
119 -----------------
120 The command format for doing a master update is:
123 The operating mechanism for master update is identical to update except the
124 master passphrase key is passed to the kernel. The master passphrase key
125 is just another encrypted-key.
129 11. Master Erase
130 ----------------
131 The command format for doing a master erase is:
134 This command has the same operating mechanism as erase except the master
135 passphrase key is passed to the kernel. The master passphrase key is just
136 another encrypted-key.
138 This command is only available when the master security is enabled, indicated
141 [1]: https://pmem.io/documents/NVDIMM_DSM_Interface-V1.8.pdf
143 [2]: http://www.t13.org/documents/UploadedDocuments/docs2006/e05179r4-ACS-SecurityClarifications.pdf