1swtpm_ioctl(8)                                                  swtpm_ioctl(8)
2
3
4

NAME

6       swtpm_ioctl - Utility for sending control commands to swtpm
7

SYNOPSIS

9       swtpm_ioctl [COMMAND] <device>
10

DESCRIPTION

12       swtpm_ioctl implements a client tool for controlling the swtpm_cuse TPM
13       software emulator, such as for example its initialization and shutdown.
14       Once the swtpm_cuse has been initialized, TPM commands can be sent to
15       it.
16
17       The full path to the swtpm_cuse's character device must be provided
18       such as for example /dev/vtpm-200.
19
20       The environment variable SWTPM_IOCTL_BUFFERSIZE can be set to the size
21       for the buffer for state blob transfer to use. If it is not set, the
22       ioctl() interface is used for transferring the state. This environment
23       variable is primarily used for testing purposes.
24
25       The following commands are supported:
26
27       --tpm-device <device>
28           Use the given device.
29
30           This option can be used instead of providing the device as the last
31           parameter.
32
33       --tcp <server>:<port>
34           Connect to the given server and port; if no server is given,
35           127.0.0.1 is used; if port is not given, the default port 6545 is
36           used.
37
38       --unixio <path>
39           Connect to the given UnixIO path.
40
41       -c  Get the swtpm_cuse's capability flags indicating which commands are
42           supported.
43
44       -i  Send a hardware initialization signal to the swtpm_cuse. Volatile
45           state previously written by the TPM will be read and the file
46           automatically delete.
47
48       -s  Gracefully shut the swtpm_cuse down.
49
50       --stop
51           Stop the swtpm_cuse. This does not shut it down. The -i command can
52           again be sent to it. After a stop it is also possible to load TPM
53           stateblobs into the TPM using the --load command.
54
55       -e  Get the tpmEstablished bit.
56
57       -r locality
58           Reset the tpmEstablished bit using the given locality. Only
59           localities 3 and 4 work.  This operation will not permanently
60           change the localty that was previously set using the -l option.
61
62       -l locality
63           Set the locality for the subsequent TPM commands.
64
65       -v  Have the TPM write the volatile state to a file. Upon a TPM_Init
66           (-i) the TPM state will be read and the TPM can then resume
67           operation without further intialization.
68
69       -C  Cancel an ongoing TPM command.
70
71       -h data
72           Reset and extend PCR 17 with the hash of the given data. If data is
73           the single character '-', then all data are read from stdin.
74
75       --save <TPM state blob name> <filename>
76           Save the TPM state blob into the given file. Valid TPM state blob
77           names are permanent, volatile, and savestate.
78
79           Note that this command can be executed at any time. However, to
80           retrieve the latest volatile state, the -v command should have been
81           run immediately before running this command. The savestate blob
82           will only be returned if a TPM_SaveState command was executed in
83           the TPM.
84
85       --load <TPM state blob name> <filename>
86           Load the given TPM state blob from the given file. Valid TPM state
87           blob names are permanent, volatile, and savestate.
88
89           Note that this command can only be executed on a TPM that is shut
90           down.  To then start the TPM with the uploaded state, the -i
91           command must be issued.
92
93       -g  Get configuration flags that for example indicate which keys (file
94           encryption or migration key) are in use by the TPM.
95
96       --info <flag>
97           Get information about the TPM implementation in JSON format. The
98           flag <TPMLIB_INFO_TPMSPECIFICATION>, which has the value 1, returns
99           information about the specification the TPM implementation
100           followed.
101

SEE ALSO

103       swtpm_cuse
104
105
106
107swtpm                             2017-11-13                    swtpm_ioctl(8)
Impressum