1tcsd.conf(5)                  File Formats Manual                 tcsd.conf(5)
2
3
4
5                              TCG Software Stack
6

NAME

8       tcsd.conf - configuration file for the trousers TCS daemon.
9

DESCRIPTION

11       This  file, by default /etc/tcsd.conf is read by the trousers TCSD dae‐
12       mon, tcsd (see tcsd(8)).  The  tcsd.conf  file  that  is  installed  by
13       trousers contains all the default options, commented out.
14

OPTIONS

16       port  The  port  that  TCSD  will  listen on for connections, local and
17       remote, from applications.
18
19       num_threads The maximum number of threads  that  the  TCSD  will  spawn
20       simultaneously  to service applications. After num_threads threads have
21       been spawned, any application that attempts to connect to the TCSD will
22       receive an error.
23
24       system_ps_file  The location of the system persistent storage file. The
25       system persistent storage file holds keys and data across  restarts  of
26       the TCSD and system reboots.
27
28       firmware_log_file  Path to the file containing the current firmware PCR
29       event log data. The interface to this log is usually  provided  by  the
30       TPM device driver.
31
32       kernel_log_file  Path  to  the  file  containing the current kernel PCR
33       event log data. By default, this data will be parsed in the format pro‐
34       vided by the Integrity Measurement Architecture LSM.
35
36       firmware_pcrs  A  list  of PCR indices that are manipulated only by the
37       system firmware and therefore are not extended or logged by  the  TCSD.
38       Applications  that call Tcsi_PcrExtend on PCRs listed here will receive
39       an error.
40
41       kernel_pcrs A list of PCR indices that are manipulated only by the ker‐
42       nel  and therefore are not extended or logged by the TCSD. Applications
43       that call Tcsi_PcrExtend on PCRs listed here will receive an error.
44
45       platform_cred Path to the platform credential for your TPM.   Your  TPM
46       manufacturer  may have provided you with a set of credentials (certifi‐
47       cates) that should be used when creating  identities  using  your  TPM.
48       When  a  user  of  your  TPM makes an identity, this credential will be
49       encrypted as part of that process. See the 1.1b TPM Main  specification
50       section 9.3 for information on this process.
51
52       conformance_cred Path to the conformance credential for your TPM.  Your
53       TPM manufacturer may have provided you with a set of credentials  (cer‐
54       tificates) that should be used when creating identities using your TPM.
55       When a user of your TPM makes an  identity,  this  credential  will  be
56       encrypted  as part of that process. See the 1.1b TPM Main specification
57       section 9.3 for information on this process.
58
59       endorsement_cred Path to the endorsement credential for your TPM.  Your
60       TPM  manufacturer may have provided you with a set of credentials (cer‐
61       tificates) that should be used when creating identities using your TPM.
62       When  a  user  of  your  TPM makes an identity, this credential will be
63       encrypted as part of that process. See the 1.1b TPM Main  specification
64       section 9.3 for information on this process.
65
66       remote_ops  A list of TCS commands which will be allowed to be executed
67       on this machine's TCSD by TSP's on non-local hosts (over the internet).
68       By default, access to all operations is denied.
69
70       host_platform_class  Determines  the  TCG  specification  of the host's
71       platform class. This refers to one of the specifications  contained  in
72       the TCG web site. The default is PC specification version 1.2 .
73
74       all_platform_classes Specifies all the TCG defined platforms associated
75       with the host platform. The host_platform_class  must  not  be  defined
76       here. By default, all platforms but the host platform are associated.
77
78

EXAMPLE

80              port = 30003
81              num_threads = 10
82              system_ps_file = /usr/local/var/tpm/system.data
83              firmware_log_file = /proc/tpm/firmware_events
84              kernel_log_file = /proc/tcg/measurement_events
85              firmware_pcrs = 0,1,2,3,4,5,6,7
86              kernel_pcrs = 10,11
87              platform_cred = /usr/local/var/lib/tpm/platform.cert
88              conformance_cred = /usr/local/var/lib/tpm/conformance.cert
89              endorsement_cred = /usr/local/var/lib/tpm/endorsement.cert
90              remote_ops = create_key,random
91              host_platform_class = server_12
92              all_platform_classes = pc_11,pc_12,mobile_12
93

SEE ALSO

95       tcsd(8)
96

AUTHOR

98       Kent Yoder
99

REPORTING BUGS

101       Report bugs to <trousers-tech@lists.sf.net>
102
103
104
105TSS 1.1                           2006-07-14                      tcsd.conf(5)