1tpm_nvdefine(8)                                                tpm_nvdefine(8)
2
3
4

NAME

6       tpm_nvdefine
7

SYNOPSIS

9       tpm_nvdefine [OPTIONS]
10

DESCRIPTION

12       tpm_nvdefine defines a new NVRAM area at the given index and of given
13       size. The user has to provide the permissions that control access to
14       the NVRAM area.
15
16       Owner authentication is necessary once the NVRAM area 0xFFFFFFFF has
17       been defined. The owner password may be provided on the command line
18       using the owner password option.
19
20       The following options are supported:
21
22       -h, --help
23           Display command usage info.
24
25       -v, --version
26           Display command version info.
27
28       -l, --log [none|error|info|debug]
29           Set logging level.
30
31       -u, --unicode
32           Use TSS UNICODE encoding for passwords to comply with applications
33           using TSS popup boxes
34
35       -y, --owner-well-known
36           Use a secret of all zeros (20 bytes of zeros) as the owner's
37           secret.
38
39       -z, --area-well-known
40           Use a secret of all zeros (20 bytes of zeros) as the NVRAM area's
41           secret.
42
43       -o, --pwdo (optional parameter)
44           The owner password.
45
46           A password may be directly provided for example by using
47           '--pwdo=password' or '-opassword'. If no password is provided with
48           this option then the program will prompt the user for the password.
49
50       -a, --pwda (optional parameter)
51           The NVRAM area password.
52
53           A password may be directly provided for example by using
54           '--pwda=password' or '-apassword'. If no password is provided with
55           this option then the program will prompt the user for the password.
56
57       -i, --index
58           The index of the NVRAM area.  The parameter must either be a
59           decimal number or a hexadecimal number starting with '0x'.
60
61           To select the NVRAM area with index 0x100, the command line
62           parameter should be '-i 0x100' or '--index 0x100'.
63
64       -s, --size
65           The size of the NVRAM area.  The parameter must either be a decimal
66           number or a hexadecimal number starting with '0x'.
67
68       -p, --permissions
69           The access permissions associated with the NVRAM area.  The
70           parameter must either be a decimal number or a hexadecimal number
71           staring with '0x'. It is possible to logically 'or' numbers or
72           strings. The following strings are supported:
73
74           AUTHREAD
75               Reading requires NVRAM area authorization.
76
77           AUTHWRITE
78               Writing requires NVRAM area authorization.
79
80           PPREAD
81               Reading requires physical presence.
82
83           PPWRITE
84               Writing requires physical presence.
85
86           OWNERREAD
87               Reading requires owner authorization.
88
89           OWNERWRITE
90               Writing requires owner authorization.
91
92           GLOBALLOCK
93               A write to index 0 locks the NVRAM area until the next
94               TPM_Startup(ST_CLEAR)
95
96           READ_STCLEAR
97               A read with size 0 on the same index prevents further reading
98               until the next TPM_Startup(ST_CLEAR)
99
100           WRITE_STCLEAR
101               A write with size 0 to the same index prevents further writing
102               until the next TPM_Startup(ST_CLEAR)
103
104           WRITEDEFINE
105               A write with size 0 to the same index locks the NVRAM area
106               permanently
107
108           WRITEALL
109               The value must be written in a single operation
110
111           An example of a permission parameter is:
112
113           --permissions="OWNERREAD|OWNERWRITE"
114
115
116

SEE ALSO

118       tpm_nvread(8), tpm_nvwrite(8), tpm_nvrelease(8), tpm_nvinfo(8)
119

REPORTING BUGS

121       Report bugs to <trousers-users@lists.sourceforge.net>
122
123
124
125TPM Management                    2011-07-07                   tpm_nvdefine(8)
Impressum