Training courses

Kernel and Embedded Linux

Bootlin training courses

Embedded Linux, kernel,
Yocto Project, Buildroot, real-time,
graphics, boot time, debugging...

Bootlin logo

Elixir Cross Referencer

Open Menu /crypto/external/cpl/trousers/dist/man/man5/tcsd.conf.5.in 
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
.\" Copyright (C) 2005 International Business Machines Corporation
.\"
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "tcsd.conf" 5 "2006-07-14" "TSS 1.1"
.ce 1
TCG Software Stack
.SH NAME
tcsd.conf \- configuration file for the trousers TCS daemon.
.SH "DESCRIPTION"
.PP
This file, by default
.IR /etc/tcsd.conf
is read by the trousers TCSD daemon, tcsd (see tcsd(8)). The tcsd.conf file
that is installed by trousers contains all the default options, commented out.
.SH "OPTIONS"
.PP
.BI port
The port that TCSD will listen on for connections, local and remote, from
applications.

.BI num_threads
The maximum number of threads that the TCSD will spawn simultaneously to service
applications. After
.BI num_threads
threads have been spawned, any application that attempts to connect to the TCSD
will receive an error.

.BI system_ps_file
The location of the system persistent storage file. The system persistent
storage file holds keys and data across restarts of the TCSD and system
reboots.

.BI firmware_log_file
Path to the file containing the current firmware PCR event log data. The
interface to this log is usually provided by the TPM device driver.

.BI kernel_log_file
Path to the file containing the current kernel PCR event log data. By default,
this data will be parsed in the format provided by the Integrity Measurement
Architecture LSM.

.BI firmware_pcrs
A list of PCR indices that are manipulated only by the system firmware and
therefore are not extended or logged by the TCSD. Applications that call
Tcsi_PcrExtend on PCRs listed here will receive an error.

.BI kernel_pcrs
A list of PCR indices that are manipulated only by the kernel and therefore
are not extended or logged by the TCSD. Applications that call Tcsi_PcrExtend
on PCRs listed here will receive an error.

.BI platform_cred
Path to the platform credential for your TPM.  Your TPM manufacturer may have
provided you with a set of credentials (certificates) that should be used when
creating identities using your TPM. When a user of your TPM makes an identity,
this credential will be encrypted as part of that process. See the 1.1b TPM Main
specification section 9.3 for information on this process.

.BI conformance_cred
Path to the conformance credential for your TPM.  Your TPM manufacturer may have
provided you with a set of credentials (certificates) that should be used when
creating identities using your TPM. When a user of your TPM makes an identity,
this credential will be encrypted as part of that process. See the 1.1b TPM Main
specification section 9.3 for information on this process.

.BI endorsement_cred
Path to the endorsement credential for your TPM.  Your TPM manufacturer may have
provided you with a set of credentials (certificates) that should be used when
creating identities using your TPM. When a user of your TPM makes an identity,
this credential will be encrypted as part of that process. See the 1.1b TPM Main
specification section 9.3 for information on this process.

.BI remote_ops
A list of TCS commands which will be allowed to be executed on this machine's
TCSD by TSP's on non-local hosts (over the internet). By default, access to all
operations is denied.

.BI host_platform_class
Determines the TCG specification of the host's platform class. This refers to
one of the specifications contained in the TCG web site. The default is PC
specification version 1.2 .

.BI all_platform_classes
Specifies all the TCG defined platforms associated with the host platform. The
host_platform_class must not be defined here. By default, all platforms but
the host platform are associated.

.SH "EXAMPLE"
.PP
.IP
.nf
port = 30003
num_threads = 10
system_ps_file = /usr/local/var/tpm/system.data
firmware_log_file = /proc/tpm/firmware_events
kernel_log_file = /proc/tcg/measurement_events
firmware_pcrs = 0,1,2,3,4,5,6,7
kernel_pcrs = 10,11
platform_cred = /usr/local/var/lib/tpm/platform.cert
conformance_cred = /usr/local/var/lib/tpm/conformance.cert
endorsement_cred = /usr/local/var/lib/tpm/endorsement.cert
remote_ops = create_key,random
host_platform_class = server_12
all_platform_classes = pc_11,pc_12,mobile_12
.fi
.SH "SEE ALSO"
.PP
\fBtcsd\fR(8)
.SH "AUTHOR"
Kent Yoder
.SH "REPORTING BUGS"
Report bugs to <@PACKAGE_BUGREPORT@>