Sophie

Sophie

distrib > Fedora > 18 > x86_64 > by-pkgid > 168a0bfc1399f1ef7f3fab3a3897cf45 > files > 30

tboot-1.7.3-3.fc18.x86_64.rpm

.\"
.TH LCP_CRTPOL 8 "2011-12-31" "tboot" "User Manuals"
.SH NAME
lcp_crtpol \- create a TXT v1 Launch Control Policy
.SH SYNOPSIS
.B lcp_crtpol
.B \-t
.I policy-type
.RB [\| \-a
.IR hashalg \|]
.RB [\| \-v
.IR version \|]
.RB [\| \-sr
.IR SINIT-revocation-counter \|]
.RB [\| \-s
.IR srtm-file \|]
.RB [\| \-m
.IR mle-file \|]
.RB [\| \-o
.IR policy-file \|]
.RB [\| \-b
.IR policy-data-file \|]
.RB [\| \-pcf
.IR policy-control-field \|]
.RB [\| \-h \|]
.SH DESCRIPTION
.B lcp_crtpol
is used to create a TXT v1 LCP policy (and optionally policy data), which can later be written to the TPM. The policy created are for platforms produced before 2009 (Weybridge, Montevina, McCreary).
.SH OPTIONS
.TP
.BI \-t\  policy-type
Policy type can be UINT8 or string. 5 strings are supported for the reserved LCP
policy types. Strings and default policy type values for each string are: 
.RS
.TP
0 or "hashonly"
.TP
1 or "unsigned"
.TP
2 or "signed"
.TP
3 or "any"
.TP
4 or "forceowner"
.RE
.TP
.BI \-a\  hashalg
Hash algorithm. Currently we only support SHA-1 algorithm: 0 OR 'sha1'.
.TP
.BI \-v\  version
Version number. Currently it can be set to 0 or 1 if specified. The default value is 0.
.TP
.BI \-sr\  SINIT-revocation-counter
The default sinit revocation counter is 0.
.TP
.BI \-s\  srtm-file
File name of platform configuration data, as produced by
.BR lcp_crtpconf.
.TP
.BI \-m\  mle-file
File name of file containing the MLE hash values. This is a text file that contains one SHA-1 hash per line. The value of the hash must be hexadecimal values, specified either a single un-deliminated set or as space-delimited two-character (i.e. one byte) values.  This can be produced by the
.BR lcp_mlehash
command.
.TP
.BI \-o\  policy-file
File name to store the output policy.
.TP
.BI \-b\  policy-data-file
File name to store the LCP Policy data.
.TP
.BI \-pcf\  policy-control-field
The default policy control field value is 0.
.TP
.B \-h
Print out the help message
.SH EXAMPLES
\fBlcp_crtpol \-t \fI0 \fB \-m \fImle-file \fB \-o \fIpolicy-hashonly-file
.PP
\fBlcp_crtpol \-t \fI1 \fB \-m \fImle-file \fB \-s \fIpconf-file \fB \-b \fI policy-data-file
.PP
\fBlcp_crtpol \-t \fIunsigned \fB \-a \fIsha1 \fB \-m \fImle-file \fB \-s \fIpconf-file \fB \-o \fIpolicy-unsigned-file \fB \-b \fIpolicy-data-file
.SH "SEE ALSO"
.BR lcp_readpol (8),
.BR lcp_writepol (8),
.BR lcp_mlehash (8),
.BR lcp_crtpconf (8).

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional