1tpm_nvdefine(8) tpm_nvdefine(8)
2
6 tpm_nvdefine
7
9 tpm_nvdefine [OPTIONS]
10
12 tpm_nvdefine defines a new NVRAM area at the given index and of given
13 size. The user has to provide the permissions that control access to
14 the NVRAM area.
15 Owner authentication is necessary once the NVRAM area 0xFFFFFFFF has
17 been defined. The owner password may be provided on the command line
18 using the owner password option.
19 The following options are supported:
21 -h, --help
23 Display command usage info.
24 -v, --version
26 Display command version info.
27 -l, --log [none|error|info|debug]
29 Set logging level.
30 -u, --unicode
32 Use TSS UNICODE encoding for passwords to comply with applications
33 using TSS popup boxes
34 -y, --owner-well-known
36 Use a secret of all zeros (20 bytes of zeros) as the owner's
37 secret.
38 -z, --area-well-known
40 Use a secret of all zeros (20 bytes of zeros) as the NVRAM area's
41 secret.
42 -o, --pwdo (optional parameter)
44 The owner password.
45 A password may be directly provided for example by using
47 '--pwdo=password' or '-opassword'. If no password is provided with
48 this option then the program will prompt the user for the password.
49 -a, --pwda (optional parameter)
51 The NVRAM area password.
52 A password may be directly provided for example by using
54 '--pwda=password' or '-apassword'. If no password is provided with
55 this option then the program will prompt the user for the password.
56 -i, --index
58 The index of the NVRAM area. The parameter must either be a
59 decimal number or a hexadecimal number starting with '0x'.
60 To select the NVRAM area with index 0x100, the command line
62 parameter should be '-i 0x100' or '--index 0x100'.
63 -s, --size
65 The size of the NVRAM area. The parameter must either be a decimal
66 number or a hexadecimal number starting with '0x'.
67 -p, --permissions
69 The access permissions associated with the NVRAM area. The
70 parameter must either be a decimal number or a hexadecimal number
71 staring with '0x'. It is possible to logically 'or' numbers or
72 strings. The following strings are supported:
73 AUTHREAD
75 Reading requires NVRAM area authorization.
76 AUTHWRITE
78 Writing requires NVRAM area authorization.
79 PPREAD
81 Reading requires physical presence.
82 PPWRITE
84 Writing requires physical presence.
85 OWNERREAD
87 Reading requires owner authorization.
88 OWNERWRITE
90 Writing requires owner authorization.
91 GLOBALLOCK
93 A write to index 0 locks the NVRAM area until the next
94 TPM_Startup(ST_CLEAR)
95 READ_STCLEAR
97 A read with size 0 on the same index prevents further reading
98 until the next TPM_Startup(ST_CLEAR)
99 WRITE_STCLEAR
101 A write with size 0 to the same index prevents further writing
102 until the next TPM_Startup(ST_CLEAR)
103 WRITEDEFINE
105 A write with size 0 to the same index locks the NVRAM area
106 permanently
107 WRITEALL
109 The value must be written in a single operation
110 An example of a permission parameter is:
112 --permissions="OWNERREAD|OWNERWRITE"
114
118 tpm_nvread(8), tpm_nvwrite(8), tpm_nvrelease(8), tpm_nvinfo(8)
119
121 Report bugs to <trousers-users@lists.sourceforge.net>
122TPM Management 2011-07-07 tpm_nvdefine(8)