1tcsd(8)                     System Manager's Manual                    tcsd(8)
2
3
4
5                              TCG Software Stack
6

NAME

8       tcsd - daemon that manages Trusted Computing resources
9

SYNOPSIS

11       tcsd [-f] [-e] [-c <configfile> ] [-h]
12
13

DESCRIPTION

15       Trousers is an open-source TCG Software Stack (TSS), released under the
16       BSD License. Trousers aims to be compliant with the current (1.1b) and
17       upcoming (1.2) TSS specifications available from the Trusted Computing
18       Group website: http://www.trustedcomputinggroup.org.
19
20       tcsd is a user space daemon that should be (according to the TSS spec)
21       the only portal to the TPM device driver. At boot time, tcsd should be
22       started, it should open the TPM device driver and from that point on,
23       all requests to the TPM should go through the TSS stack. The tcsd
24       manages TPM resources and handles requests from TSP's both local and
25       remote.
26
27
28       -f, --foreground
29              run the daemon in the foreground
30
31
32       -e     attempt to connect to software TPMs over TCP
33
34
35       -c, --config <configfile>
36              use the provided configuration file rather than the default
37              configuration file
38
39
40       -h, --help
41              display help message
42
43

ACCESS CONTROL

45       There are two types of access control for the tcsd, access to the
46       daemon's socket itself and access to specific commands internal to the
47       tcsd. Access to the tcsd's port should be controlled by the system
48       administrator using firewall rules.  If using iptables, the following
49       rule will allow a specific host access to the tcsd:
50
51       # iptables -A INPUT -s $IP_ADDRESS -p tcp --destination-port 30003 -j
52       ACCEPT
53
54       Access to individual commands internal to the tcsd is configured by the
55       tcsd configuration file's "remote_ops" directive. Each function call in
56       the TCS API is reachable by a unique ordinal.  Each labeled "remote op"
57       actually defines a set of ordinals (usually more than one) necessary to
58       accomplish the operation. So, for example, the "random" operation
59       enables the ordinals for opening and closing a context, calling
60       TCS_StirRandom and TCS_GetRandom, as well as TCS_FreeMemory. By
61       default, connections from localhost will allow any ordinals.
62
63

DATA FILES

65       TSS applications have access to 2 different kinds of 'persistant'
66       storage. 'User' persistant storage has the lifetime of that of the
67       application using it and therefore is destroyed when an application
68       exits.  User PS is controlled by the TSP of the application.  'System'
69       persistent storage is controlled by the TCS and stays valid across
70       application lifetimes, tcsd restarts and system resets. Data registered
71       in system PS stays valid until an application requests that it be
72       removed. User PS files are by default stored as /var/lib/tpm/user.{pid}
73       and the system PS file by default is /var/lib/tpm/system.data.  The
74       system PS file is initially created when ownership of the TPM is first
75       taken.
76
77

CONFIGURATION

79       tcsd configuration is stored by default in /etc/tcsd.conf
80
81

DEBUG OUTPUT

83       If TrouSerS has been compiled with debugging enabled, the debugging
84       output can be supressed by setting the TSS_DEBUG_OFF environment
85       variable.
86
87

DEVICE DRIVERS

89       tcsd is compatible with the IBM Research TPM device driver available
90       from http://ibmswtpm.sourceforge.net/ and the TPM device driver
91       available from http://sf.net/projects/tpmdd, which is also available in
92       the upstream Linux kernel and many Linux distros.
93
94

CONFORMING TO

96       tcsd conforms to the Trusted Computing Group Software Specification
97       version 1.1 Golden
98
99

SEE ALSO

101       tcsd.conf(5)
102
103

AUTHOR

105       Kent Yoder
106
107

REPORTING BUGS

109       Report bugs to <trousers-tech@lists.sf.net>
110
111
112
113TSS 1.1                           2005-03-15                           tcsd(8)
Impressum