tpm_nvdefine(8) [centos man page]

tpm_nvdefine(8) 														   tpm_nvdefine(8)

NAME

       tpm_nvdefine

SYNOPSIS

       tpm_nvdefine [OPTIONS]

DESCRIPTION

       tpm_nvdefine defines a new NVRAM area at the given index and of given size. The user has to provide the permissions that control access to
       the NVRAM area.

       Owner authentication is necessary once the NVRAM area 0xFFFFFFFF has been defined. The owner password may be provided on the command line
       using the owner password option.

       The following options are supported:

       -h, --help
	   Display command usage info.

       -v, --version
	   Display command version info.

       -l, --log [none|error|info|debug]
	   Set logging level.

       -u, --unicode
	   Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes

       -y, --owner-well-known
	   Use a secret of all zeros (20 bytes of zeros) as the owner's secret.

       -z, --area-well-known
	   Use a secret of all zeros (20 bytes of zeros) as the NVRAM area's secret.

       -o, --pwdo (optional parameter)
	   The owner password.

	   A password may be directly provided for example by using '--pwdo=password' or '-opassword'. If no password is provided with this option
	   then the program will prompt the user for the password.

       -a, --pwda (optional parameter)
	   The NVRAM area password.

	   A password may be directly provided for example by using '--pwda=password' or '-apassword'. If no password is provided with this option
	   then the program will prompt the user for the password.

       -i, --index
	   The index of the NVRAM area.  The parameter must either be a decimal number or a hexadecimal number starting with '0x'.

	   To select the NVRAM area with index 0x100, the command line parameter should be '-i 0x100' or '--index 0x100'.

       -s, --size
	   The size of the NVRAM area.	The parameter must either be a decimal number or a hexadecimal number starting with '0x'.

       -p, --permissions
	   The access permissions associated with the NVRAM area.  The parameter must either be a decimal number or a hexadecimal number staring
	   with '0x'. It is possible to logically 'or' numbers or strings. The following strings are supported:

	   AUTHREAD
	       Reading requires NVRAM area authorization.

	   AUTHWRITE
	       Writing requires NVRAM area authorization.

	   PPREAD
	       Reading requires physical presence.

	   PPWRITE
	       Writing requires physical presence.

	   OWNERREAD
	       Reading requires owner authorization.

	   OWNERWRITE
	       Writing requires owner authorization.

	   GLOBALLOCK
	       A write to index 0 locks the NVRAM area until the next TPM_Startup(ST_CLEAR)

	   READ_STCLEAR
	       A read with size 0 on the same index prevents further reading until the next TPM_Startup(ST_CLEAR)

	   WRITE_STCLEAR
	       A write with size 0 to the same index prevents further writing until the next TPM_Startup(ST_CLEAR)

	   WRITEDEFINE
	       A write with size 0 to the same index locks the NVRAM area permanently

	   WRITEALL
	       The value must be written in a single operation

	   An example of a permission parameter is:

	   --permissions="OWNERREAD|OWNERWRITE"

SEE ALSO

       tpm_nvread(8), tpm_nvwrite(8), tpm_nvrelease(8), tpm_nvinfo(8)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>

TPM Management							    2011-07-07							   tpm_nvdefine(8)