1 1.1 christos =head1 NAME 2 1.1 christos 3 1.1 christos tpm_nvdefine 4 1.1 christos 5 1.1 christos =head1 SYNOPSIS 6 1.1 christos 7 1.1 christos B<tpm_nvdefine [OPTIONS]> 8 1.1 christos 9 1.1 christos =head1 DESCRIPTION 10 1.1 christos 11 1.1 christos B<tpm_nvdefine> defines a new NVRAM area at the given index and of given 12 1.1 christos size. The user has to provide the permissions that control access to 13 1.1 christos the NVRAM area. 14 1.1 christos 15 1.1 christos Owner authentication is necessary once the NVRAM area 0xFFFFFFFF has been 16 1.1 christos defined. The owner password may be provided on the command line using 17 1.1 christos the owner password option. 18 1.1 christos 19 1.1 christos The following options are supported: 20 1.1 christos 21 1.1 christos =over 4 22 1.1 christos 23 1.1 christos =item B<-h, --help> 24 1.1 christos 25 1.1 christos Display command usage info. 26 1.1 christos 27 1.1 christos =item B<-v, --version> 28 1.1 christos 29 1.1 christos Display command version info. 30 1.1 christos 31 1.1 christos =item B<-l, --log [none|error|info|debug]> 32 1.1 christos 33 1.1 christos Set logging level. 34 1.1 christos 35 1.1 christos =item B<-u, --unicode> 36 1.1 christos 37 1.1 christos Use TSS UNICODE encoding for passwords to comply with applications 38 1.1 christos using TSS popup boxes 39 1.1 christos 40 1.1 christos =item B<-y, --owner-well-known> 41 1.1 christos 42 1.1 christos Use a secret of all zeros (20 bytes of zeros) as the owner's secret. 43 1.1 christos 44 1.1 christos =item B<-z, --area-well-known> 45 1.1 christos 46 1.1 christos Use a secret of all zeros (20 bytes of zeros) as the NVRAM area's secret. 47 1.1 christos 48 1.1 christos =item B<-o, --pwdo> (optional parameter) 49 1.1 christos 50 1.1 christos The owner password. 51 1.1 christos 52 1.1 christos A password may be directly provided for example by using '--pwdo=password' or 53 1.1 christos '-opassword'. If no password is provided with this option then the program will 54 1.1 christos prompt the user for the password. 55 1.1 christos 56 1.1 christos =item B<-a, --pwda> (optional parameter) 57 1.1 christos 58 1.1 christos The NVRAM area password. 59 1.1 christos 60 1.1 christos A password may be directly provided for example by using '--pwda=password' or 61 1.1 christos '-apassword'. If no password is provided with this option then the program will 62 1.1 christos prompt the user for the password. 63 1.1 christos 64 1.1 christos =item B<-i, --index> 65 1.1 christos 66 1.1 christos The index of the NVRAM area. 67 1.1 christos The parameter must either be a decimal number or a hexadecimal number starting with '0x'. 68 1.1 christos 69 1.1 christos To select the NVRAM area with index 0x100, the command line parameter should be '-i 0x100' or 70 1.1 christos '--index 0x100'. 71 1.1 christos 72 1.1 christos =item B<-s, --size> 73 1.1 christos 74 1.1 christos The size of the NVRAM area. 75 1.1 christos The parameter must either be a decimal number or a hexadecimal number starting with '0x'. 76 1.1 christos 77 1.1 christos =item B<-p, --permissions> 78 1.1 christos 79 1.1 christos The access permissions associated with the NVRAM area. 80 1.1 christos The parameter must either be a decimal number or a hexadecimal number staring with '0x'. It is 81 1.1 christos possible to logically 'or' numbers or strings. The following strings are supported: 82 1.1 christos 83 1.1 christos =over 4 84 1.1 christos 85 1.1 christos =item B<AUTHREAD> 86 1.1 christos 87 1.1 christos Reading requires NVRAM area authorization. 88 1.1 christos 89 1.1 christos =item B<AUTHWRITE> 90 1.1 christos 91 1.1 christos Writing requires NVRAM area authorization. 92 1.1 christos 93 1.1 christos =item B<PPREAD> 94 1.1 christos 95 1.1 christos Reading requires physical presence. 96 1.1 christos 97 1.1 christos =item B<PPWRITE> 98 1.1 christos 99 1.1 christos Writing requires physical presence. 100 1.1 christos 101 1.1 christos =item B<OWNERREAD> 102 1.1 christos 103 1.1 christos Reading requires owner authorization. 104 1.1 christos 105 1.1 christos =item B<OWNERWRITE> 106 1.1 christos 107 1.1 christos Writing requires owner authorization. 108 1.1 christos 109 1.1 christos =item B<GLOBALLOCK> 110 1.1 christos 111 1.1 christos A write to index 0 locks the NVRAM area until the next TPM_Startup(ST_CLEAR) 112 1.1 christos 113 1.1 christos =item B<READ_STCLEAR> 114 1.1 christos 115 1.1 christos A read with size 0 on the same index prevents further reading until the next TPM_Startup(ST_CLEAR) 116 1.1 christos 117 1.1 christos =item B<WRITE_STCLEAR> 118 1.1 christos 119 1.1 christos A write with size 0 to the same index prevents further writing until the next TPM_Startup(ST_CLEAR) 120 1.1 christos 121 1.1 christos =item B<WRITEDEFINE> 122 1.1 christos 123 1.1 christos A write with size 0 to the same index locks the NVRAM area permanently 124 1.1 christos 125 1.1 christos =item B<WRITEALL> 126 1.1 christos 127 1.1 christos The value must be written in a single operation 128 1.1 christos 129 1.1 christos =back 130 1.1 christos 131 1.1 christos An example of a permission parameter is: 132 1.1 christos 133 1.1 christos --permissions="OWNERREAD|OWNERWRITE" 134 1.1 christos 135 1.1 christos =item B<> 136 1.1 christos 137 1.1 christos =back 138 1.1 christos 139 1.1 christos =head1 SEE ALSO 140 1.1 christos 141 1.1 christos B<tpm_nvread>(8), B<tpm_nvwrite>(8), B<tpm_nvrelease>(8), B<tpm_nvinfo>(8) 142 1.1 christos 143 1.1 christos =head1 REPORTING BUGS 144 1.1 christos 145 1.1 christos Report bugs to <trousers-users (a] lists.sourceforge.net> 146
Indexes created Sat May 02 00:23:24 UTC 2026