1tcsd(8)                     System Manager's Manual                    tcsd(8)
2
3
4
5                              TCG Software Stack
6

NAME

8       tcsd - daemon that manages Trusted Computing resources
9

SYNOPSIS

11       tcsd [-f]
12
13

DESCRIPTION

15       Trousers is an open-source TCG Software Stack (TSS), released under the
16       Common Public License. Trousers aims to be compliant with the current
17       (1.1b) and upcoming (1.2) TSS specifications available from the Trusted
18       Computing Group website: http://www.trustedcomputinggroup.org.
19
20       tcsd is a user space daemon that should be (according to the TSS spec)
21       the only portal to the TPM device driver. At boot time, tcsd should be
22       started, it should open the TPM device driver and from that point on,
23       all requests to the TPM should go through the TSS stack. The tcsd
24       manages TPM resources and handles requests from TSP's both local and
25       remote.
26
27
28       -f     run the daemon in the foreground
29
30

ACCESS CONTROL

32       There are two types of access control for the tcsd, access to the
33       daemon's socket itself and access to specific commands internal to the
34       tcsd. Access to the tcsd's port should be controlled by the system
35       administrator using firewall rules.  If using iptables, the following
36       rule will allow a specific host access to the tcsd:
37
38       # iptables -A INPUT -s $IP_ADDRESS -p tcp --destination-port 30003 -j
39       ACCEPT
40
41       Access to individual commands internal to the tcsd is configured by the
42       tcsd configuration file's "remote_ops" directive. Each function call in
43       the TCS API is reachable by a unique ordinal.  Each labeled "remote op"
44       actually defines a set of ordinals (usually more than one) necessary to
45       accomplish the operation. So, for example, the "random" operation
46       enables the ordinals for opening and closing a context, calling
47       TCS_StirRandom and TCS_GetRandom, as well as TCS_FreeMemory. By
48       default, connections from localhost will allow any ordinals.
49
50

DATA FILES

52       TSS applications have access to 2 different kinds of 'persistant'
53       storage. 'User' persistant storage has the lifetime of that of the
54       application using it and therefore is destroyed when an application
55       exits.  User PS is controlled by the TSP of the application.  'System'
56       persistent storage is controlled by the TCS and stays valid across
57       application lifetimes, tcsd restarts and system resets. Data registered
58       in system PS stays valid until an application requests that it be
59       removed. User PS files are by default stored as /var/tpm/user.{pid} and
60       the system PS file by default is /var/tpm/system.data.  The system PS
61       file is initially created when ownership of the TPM is first taken.
62
63

CONFIGURATION

65       tcsd configuration is stored by default in /etc/tcsd.conf
66
67

DEBUG OUTPUT

69       If TrouSerS has been compiled with debugging enabled, the debugging
70       output can be supressed by setting the TSS_DEBUG_OFF environment
71       variable.
72
73

DEVICE DRIVERS

75       tcsd is compatible with the IBM Research TPM device driver available
76       from http://www.research.ibm.com/gsal/tcpa and the TPM device driver
77       available from http://sf.net/projects/tmpdd
78
79

CONFORMING TO

81       tcsd conforms to the Trusted Computing Group Software Specification
82       version 1.1 Golden
83
84

SEE ALSO

86       tcsd.conf(5)
87
88

AUTHOR

90       Kent Yoder
91
92

REPORTING BUGS

94       Report bugs to <trousers-tech@lists.sf.net>
95
96
97
98TSS 1.1                           2005-03-15                           tcsd(8)
Impressum