1TPM2-ABRMD(8)                 TPM2 Software Stack                TPM2-ABRMD(8)
2
3
4

NAME

6       tpm2-abrmd - TPM2 access broker and resource management daemon
7

SYNOPSIS

9       tpm2-abrmd       [-m][-e][-i][-o][-l logger-name][-r][-s][-g /dev/uran‐
10       dom][-t conf]
11

DESCRIPTION

13       tpm2-abrmd is a daemon  that  implements  the  TPM  access  broker  and
14       resource  manager  as described by the Trusted Computing Group (TGC) in
15       the “TSS System Level API and TPM Command Transmission Interface Speci‐
16       fication”.  This daemon uses the DBus system bus and some pipes to com‐
17       municate with clients.
18

OPTIONS

20       -t, --tcti
21              Provide the daemon with a string that describes the TCTI and how
22              to  configure  it for communication with the next component down
23              the TSS2 stack. This string  is  formatted  as  "tcti-name:tcti-
24              conf" where:
25
26              'tcti-name'
27                     The   name  of  the  TCTI  library  shared  object  file.
28                     Libraries are found using the same  algorithm  as  dlopen
29                     (3).  If  the  TCTI  library file name follows the naming
30                     convention: libtss2-tcti-<name>.so.0 where <name> is  the
31                     name for the TCTI, the value of <name> may be supplied in
32                     place of the  full  library  file  name.  See  'EXAMPLES'
33                     below.
34
35              'tcti-conf'
36                     The  configuration string passed to the TCTI library upon
37                     initialization.
38
39              If this option is omitted (or a NULL  string  provided)  then  a
40              default  TCTI  is  used  in  it's  default configuration. If the
41              string does not contain a colon then it will be  interpreted  as
42              only  the  'tcti-name'. To provide only the configuration string
43              (using the default TCTI) then the first character in the  string
44              passed to this option must be a colon followed by the configura‐
45              tion string. See examples below.
46
47       -o, --allow-root
48              Allow daemon to run as root. If this option is not provided  the
49              daemon  will refused to run as the root user. Use of this option
50              is not recommended.
51
52       -m, --max-connections
53              Set an upper bound on the number of  concurrent  client  connec‐
54              tions  allowed.   Once  this  number  of  client  connections is
55              reached new connections will be rejected with an error.
56
57       -f, --flush-all
58              Flush all objects and sessions when daemon is started.
59
60       -l, --logger
61              Direct logging output to named logging target. Supported targets
62              are stdout and syslog. If the logger option is not specified the
63              default is stdout.
64
65       -e, --max-sessions
66              Set and upper bound on the number of sessions that  each  client
67              connection  is  allowed  to create (loaded or active) at any one
68              time.
69
70       -r, --max-transients
71              Set an upper bound on the number of transient objects that  each
72              client  connection  allowed to load. Once this number of objects
73              is reached attempts to load new transient objects  will  produce
74              an error.
75
76       -n, --dbus-name
77              Claim  the given name on dbus. This option overrides the default
78              of com.intel.tss2.Tabrmd.
79
80       -g, --prng-seed-file
81              Read seed for pseudo-random number generator from  the  provided
82              file.
83
84       -s, --session
85              Connect  daemon  to  the session dbus. This option overrides the
86              default behavior.
87
88       -v, --version
89              Display version string.
90

EXAMPLES

92       Execute daemon with default TCTI and options:
93          tpm2-abrmd
94
95       Execute daemon with default TCTI and provided config string:
96          tpm2-abrmd --tcti=":/dev/tpm0"
97
98       This is equivalent to:
99          tpm2-abrmd --tcti="device:/dev/tpm0"
100          tpm2-abrmd --tcti="libtss2-tcti-device.so.0:/dev/tpm0"
101
102       Have daemon use Microsoft/IBM TPM2 Simulator tcti library
103          This connects to a TPM2 simulator via a TCP mssim.
104          tpm2-abrmd --tcti="mssim"
105          tpm2-abrmd --tcti="libtss2-tcti-mssim.so.0"
106
107       Have daemon  use  tcti  library  'libtss2-tcti-mssim.so.0'  and  config
108       string
109          tpm2-abrmd --tcti=mssim:tcp://127.0.0.1:5555"
110          tpm2-abrmd --tcti="libtss2-tcti-mssim.so.0:tcp://127.0.0.1:5555"
111

AUTHOR

113       Philip Tricca <philip.b.tricca@intel.com>
114

SEE ALSO

116       tcsd(8)
117

COLOPHON

119       This  page is part of the 2.0.0 release of Intel's TPM2 Access Broker &
120       Resource Management Daemon. A description of the  project,  information
121       about  reporting bugs, and the latest version of this page can be found
122       at https://github.com/01org/tpm2-abrmd/.
123
124
125
126Intel                             March 2018                     TPM2-ABRMD(8)
Impressum