tpm2_getcap(1)

1tpm2_getcap(1)              General Commands Manual             tpm2_getcap(1)
2
3
4

6       tpm2_getcap(1) - Display TPM capabilities in a human readable form.
7

9       tpm2_getcap [OPTIONS] [CAPABILITY]
10

12       tpm2_getcap(1)  -  Query the TPM for it's capabilities / properties and
13       print them to the console.  It takes a string form of the capability to
14       query  as  an  argument  to  the  tool.  Currently supported capability
15       groups are:
16
17       · algorithms: Display data about supported algorithms.
18
19       · commands: Display data about supported commands.
20
21       · pcrs: Display currently allocated PCRs.
22
23       · properties-fixed: Display fixed TPM properties.
24
25       · properties-variable: Display variable TPM properties.
26
27       · ecc-curves: Display data about elliptic curves.
28
29       · handles-transient: Display handles about transient objects.
30
31       · handles-persistent: Display handles about persistent objects.
32
33       · handles-permanent: Display handles about permanent objects.
34
35       · handles-pcr: Display handles about PCRs.
36
37       · handles-nv-index: Display handles about NV Indices.
38
39       · handles-loaded-session: Display handles about both  loaded  HMAC  and
40         policy sessions.
41
42       · handles-saved-session: Display handles about saved sessions.
43

45       · -l, --list:
46
47         List  known  supported capability names.  These names can be supplied
48         as the argument to the -c option.  Output is in a YAML compliant list
49         to stdout.
50
51         For example:
52
53                  - algorithms
54                  - commands
55                  - properties-fixed
56                  ...
57

59       This  collection of options are common to many programs and provide in‐
60       formation that many users may expect.
61
62       · -h, --help=[man|no-man]: Display the tools manpage.  By  default,  it
63         attempts  to  invoke  the  manpager for the tool, however, on failure
64         will output a short tool summary.  This is the same behavior  if  the
65         "man"  option argument is specified, however if explicit "man" is re‐
66         quested, the tool will provide errors from man  on  stderr.   If  the
67         "no-man"  option  if  specified, or the manpager fails, the short op‐
68         tions will be output to stdout.
69
70         To successfully use the manpages feature requires the manpages to  be
71         installed or on MANPATH, See man(1) for more details.
72
73       · -v,  --version:  Display version information for this tool, supported
74         tctis and exit.
75
76       · -V, --verbose: Increase the information that the tool prints  to  the
77         console  during  its  execution.  When using this option the file and
78         line number are printed.
79
80       · -Q, --quiet: Silence normal tool output to stdout.
81
82       · -Z, --enable-errata: Enable the application of errata fixups.  Useful
83         if  an  errata fixup needs to be applied to commands sent to the TPM.
84         Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent.
85

87       The TCTI or "Transmission Interface"  is  the  communication  mechanism
88       with  the TPM.  TCTIs can be changed for communication with TPMs across
89       different mediums.
90
91       To control the TCTI, the tools respect:
92
93       1. The command line option -T or --tcti
94
95       2. The environment variable: TPM2TOOLS_TCTI.
96
97       Note: The command line option always overrides  the  environment  vari‐
98       able.
99
100       The current known TCTIs are:
101
102       · tabrmd      -     The     resource     manager,     called     tabrmd
103         (https://github.com/tpm2-software/tpm2-abrmd).  Note that tabrmd  and
104         abrmd as a tcti name are synonymous.
105
106       · mssim  - Typically used for communicating to the TPM software simula‐
107         tor.
108
109       · device - Used when talking directly to a TPM device file.
110
111       · none - Do not initalize a connection with the TPM.  Some tools  allow
112         for off-tpm options and thus support not using a TCTI.  Tools that do
113         not support it will error when attempted to be used  without  a  TCTI
114         connection.   Does  not  support ANY options and MUST BE presented as
115         the exact text of "none".
116
117       The arguments to either the command  line  option  or  the  environment
118       variable are in the form:
119
120       <tcti-name>:<tcti-option-config>
121
122       Specifying  an  empty  string  for  either the <tcti-name> or <tcti-op‐
123       tion-config> results in the default being used for that portion respec‐
124       tively.
125
126   TCTI Defaults
127       When  a  TCTI  is not specified, the default TCTI is searched for using
128       dlopen(3) semantics.  The tools will  search  for  tabrmd,  device  and
129       mssim  TCTIs  IN THAT ORDER and USE THE FIRST ONE FOUND.  You can query
130       what TCTI will be chosen as the default by using the -v option to print
131       the  version information.  The "default-tcti" key-value pair will indi‐
132       cate which of the aforementioned TCTIs is the default.
133
134   Custom TCTIs
135       Any TCTI that implements the dynamic TCTI interface can be loaded.  The
136       tools internally use dlopen(3), and the raw tcti-name value is used for
137       the lookup.  Thus, this could be a path to the shared library, or a li‐
138       brary name as understood by dlopen(3) semantics.
139

141       This collection of options are used to configure the various known TCTI
142       modules available:
143
144       · device: For the device TCTI, the TPM character device file for use by
145         the device TCTI can be specified.  The default is /dev/tpm0.
146
147         Example:    -T   device:/dev/tpm0   or   export   TPM2TOOLS_TCTI="de‐
148         vice:/dev/tpm0"
149
150       · mssim: For the mssim TCTI, the domain name or  IP  address  and  port
151         number  used  by  the  simulator  can  be specified.  The default are
152         127.0.0.1 and 2321.
153
154         Example: -T mssim:host=localhost,port=2321  or  export  TPM2TOOLS_TC‐
155         TI="mssim:host=localhost,port=2321"
156
157       · abrmd:  For  the abrmd TCTI, the configuration string format is a se‐
158         ries of simple key value pairs separated by a  ','  character.   Each
159         key and value string are separated by a '=' character.
160
161         · TCTI abrmd supports two keys:
162
163           1. 'bus_name'  :  The  name  of  the  tabrmd  service on the bus (a
164              string).
165
166           2. 'bus_type' : The type of the dbus instance (a string) limited to
167              'session' and 'system'.
168
169         Specify  the tabrmd tcti name and a config string of bus_name=com.ex‐
170         ample.FooBar:
171
172         \--tcti=tabrmd:bus_name=com.example.FooBar
173
174         Specify the default (abrmd) tcti and a config string of bus_type=ses‐
175         sion:
176
177         \--tcti:bus_type=session
178
179         NOTE: abrmd and tabrmd are synonymous.
180

182   To list the fixed properties of the TPM
183              tpm2_getcap properties-fixed
184
185   To list the supported capability groups
186              tpm2_getcap -l
187

189       Tools can return any of the following codes:
190
191       · 0 - Success.
192
193       · 1 - General non-specific error.
194
195       · 2 - Options handling error.
196
197       · 3 - Authentication error.
198
199       · 4 - TCTI related error.
200
201       · 5 - Non supported scheme.  Applicable to tpm2_testparams.
202

204       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)
205

207       See the Mailing List (https://lists.01.org/mailman/listinfo/tpm2)
208
209
210
211tpm2-tools                                                      tpm2_getcap(1)

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

COMMON OPTIONS

TCTI Configuration

TCTI OPTIONS

EXAMPLES

Returns

BUGS

HELP