1 =head1 NAME 2 3 tpm_nvdefine 4 5 =head1 SYNOPSIS 6 7 B<tpm_nvdefine [OPTIONS]> 8 9 =head1 DESCRIPTION 10 11 B<tpm_nvdefine> defines a new NVRAM area at the given index and of given 12 size. The user has to provide the permissions that control access to 13 the NVRAM area. 14 15 Owner authentication is necessary once the NVRAM area 0xFFFFFFFF has been 16 defined. The owner password may be provided on the command line using 17 the owner password option. 18 19 The following options are supported: 20 21 =over 4 22 23 =item B<-h, --help> 24 25 Display command usage info. 26 27 =item B<-v, --version> 28 29 Display command version info. 30 31 =item B<-l, --log [none|error|info|debug]> 32 33 Set logging level. 34 35 =item B<-u, --unicode> 36 37 Use TSS UNICODE encoding for passwords to comply with applications 38 using TSS popup boxes 39 40 =item B<-y, --owner-well-known> 41 42 Use a secret of all zeros (20 bytes of zeros) as the owner's secret. 43 44 =item B<-z, --area-well-known> 45 46 Use a secret of all zeros (20 bytes of zeros) as the NVRAM area's secret. 47 48 =item B<-o, --pwdo> (optional parameter) 49 50 The owner password. 51 52 A password may be directly provided for example by using '--pwdo=password' or 53 '-opassword'. If no password is provided with this option then the program will 54 prompt the user for the password. 55 56 =item B<-a, --pwda> (optional parameter) 57 58 The NVRAM area password. 59 60 A password may be directly provided for example by using '--pwda=password' or 61 '-apassword'. If no password is provided with this option then the program will 62 prompt the user for the password. 63 64 =item B<-i, --index> 65 66 The index of the NVRAM area. 67 The parameter must either be a decimal number or a hexadecimal number starting with '0x'. 68 69 To select the NVRAM area with index 0x100, the command line parameter should be '-i 0x100' or 70 '--index 0x100'. 71 72 =item B<-s, --size> 73 74 The size of the NVRAM area. 75 The parameter must either be a decimal number or a hexadecimal number starting with '0x'. 76 77 =item B<-p, --permissions> 78 79 The access permissions associated with the NVRAM area. 80 The parameter must either be a decimal number or a hexadecimal number staring with '0x'. It is 81 possible to logically 'or' numbers or strings. The following strings are supported: 82 83 =over 4 84 85 =item B<AUTHREAD> 86 87 Reading requires NVRAM area authorization. 88 89 =item B<AUTHWRITE> 90 91 Writing requires NVRAM area authorization. 92 93 =item B<PPREAD> 94 95 Reading requires physical presence. 96 97 =item B<PPWRITE> 98 99 Writing requires physical presence. 100 101 =item B<OWNERREAD> 102 103 Reading requires owner authorization. 104 105 =item B<OWNERWRITE> 106 107 Writing requires owner authorization. 108 109 =item B<GLOBALLOCK> 110 111 A write to index 0 locks the NVRAM area until the next TPM_Startup(ST_CLEAR) 112 113 =item B<READ_STCLEAR> 114 115 A read with size 0 on the same index prevents further reading until the next TPM_Startup(ST_CLEAR) 116 117 =item B<WRITE_STCLEAR> 118 119 A write with size 0 to the same index prevents further writing until the next TPM_Startup(ST_CLEAR) 120 121 =item B<WRITEDEFINE> 122 123 A write with size 0 to the same index locks the NVRAM area permanently 124 125 =item B<WRITEALL> 126 127 The value must be written in a single operation 128 129 =back 130 131 An example of a permission parameter is: 132 133 --permissions="OWNERREAD|OWNERWRITE" 134 135 =item B<> 136 137 =back 138 139 =head1 SEE ALSO 140 141 B<tpm_nvread>(8), B<tpm_nvwrite>(8), B<tpm_nvrelease>(8), B<tpm_nvinfo>(8) 142 143 =head1 REPORTING BUGS 144 145 Report bugs to <trousers-users (a] lists.sourceforge.net> 146
Indexes created Sat May 02 00:23:24 UTC 2026