crypto/external/cpl/tpm-tools/dist/man/man8/tpm_setpresence.8
author yamt <yamt@NetBSD.org>
Tue, 17 Apr 2012 00:01:34 +0000
branchyamt-pagecache
changeset 280360 e98874280705
permissions -rw-r--r--
sync with head

.\" Copyright (C) 2005 International Business Machines Corporation
.\"
.de Sh \" Subsection
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.TH "tpm_setpresence" 8 "2005-05-06" "TPM Management"
.ce 1
TPM Management - tpm_setpresence
.SH NAME
tpm_setpresence\- change TPM physical presence states or settings
.SH "SYNOPSIS"
.ad l
.hy 0
.B tpm_setpresence
.RB [ OPTION ]

.SH "DESCRIPTION"
.PP
\fBtpm_setpresence\fR reports the status of the TPM's flags regarding physical presence.  This is the default behavior and also accessible via the \fB\-\-status\fR option. Requesting a report of this status prompts for the owner password.  The \fB\-\-assert\fR option changes the TPM to the physically present state.  The \fB\-\-clear\fR option changes the TPM to the not present state.  The \fB\-\-lock\fR option locks the TPM to the current physical presence state for the current boot cycle.  The \fB\-\-enable-cmd\fR option allows the TPM to accept local commands to toggle physical presence states. The \fB\-\-disable-cmd\fR option prevents the TPM from accepting local commands to toggle physical presence states.  The \fB\-\-enable-hw\fR option allows the TPM to accept hardware signals to toggle physical presence states. The \fB\-\-disable-hw\fR option prevents the TPM from accepting hardware signals to toggle physical presence states.  The \fB\-\-set-lifetime-lock\fR option locks the Command and Hardware enablement flags in their current state permenantly.  This option can never be undone.  The system will attempt to use the owner password to display the current states before preceding unless the \fB\-\-yes\fR option is given to answer yes to all questions.  All changes are made with the TSC_Physical Presence API.

.TP
\fB\-h\fR, \fB\-\-help\fR
Display command usage info.
.TP
\fB-v\fR, \fB\-\-version\fR
Display command version info.
.TP
\fB-l\fR, \fB\-\-log\fR [none|error|info|debug]
Set logging level.
.TP
\fB-u\fR, \fB\-\-unicode\fR
Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes
.TP
\fB-a\fR, \fB\-\-assert\fR
Assert that an admin is physically present at the machine.
.TP
\fB-c\fR, \fB\-\-clear\fR
Remove the assertion that an admin is physically present at the machine. 
.TP
\fB\-\-lock\fR
Lock the assertions of physical presence in there current states until a reboot.
.TP
\fB\-\-enable-cmd\fR
Allow use of commands to signal an admin is physically present.
.TP
\fB\-\-disable-cmd\fR
Disallow use of commands to signal an admin is physically present.
.TP
\fB\-\-enable-hw\fR
Allow use of hardware signals to signal an admin is physically present.
.TP
\fB\-\-disable-hw\fR
Disallow use of hardware signals to signal an admin is physically present.
.TP
\fB\-\-set-lifetime-lock\fR
Allow no further changes to the flags controling how physical presence can be signaled.  This is PERMANENT.
.TP
\fB\-y\fR, \fB\-\-yes\fR
Answer yes to all questions.  Only applicable with \fB\-\-set\-lifetime\-lock\fR.
.TP
\fB-z\fR, \fB\-\-well-known\fR
Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known Secret), instead of prompting for an owner password.

.SH "SEE ALSO"
.PP
\fBtpm_version\fR(1), \fBtpm_setenable\fR(8), \fBtpm_setactive\fR(8), \fBtpm_setownable\fR(8), \fBtcsd\fR(8)

.SH "REPORTING BUGS"
Report bugs to <trousers-users@lists.sourceforge.net>