Provided by: tboot_1.9.7-0ubuntu1_amd64 bug


       lcp_crtpolelt - create an Intel(R) TXT policy element of specified type.


       lcp_crtpolelt COMMAND [OPTION]


       lcp_crtpolelt is used to create an Intel(R) TXT policy element of specified type.


              create an policy element

              --type type           type  of  element;  must  be first option; see below for type
                                    strings and their options

              --out file            output file name

              [--ctrl pol-elt-ctr1] PolEltControl field (hex or decimal)

       --show file
              show policy element

              enable verbose output; can be specified with any command

       --help print out the help message

   Available type options:
       mle [--minver ver]
              minimum version of SINIT

       mle [file1][file2]...
              one or more files containing MLE hash(es); each file can contain multiple hashes

       pconf [file1][file2]...
              one or more files containing PCR numbers and the desired digest of each; each  file
              will be a PCONF

       custom [--uuid UUID]
              UUID  in format: {0xaabbccdd, 0xeeff, 0xgghh, 0xiijj, {0xkk 0xll, 0xmm, 0xnn, 0xoo,
              0xpp}} or "--uuid tboot" to use default

       custom [file]
              file containing element data


   Create an MLE element:
       1   lcp_mlehash -c "logging=serial,vga,memory" /boot/tboot.gz > mle-hash
       2   lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt mle-hash

   Create a PCONF element:
       1   cat /sys/devices/platform/tpm_tis/pcrs | grep -e PCR-00 -e PCR-01 > pcrs
       2   lcp_crtpolelt --create --type pconf --out pconf.elt pcrs

   Create an SBIOS element:
       1   Create hash file containing BIOS hash(es), e.g. named sbios-hash
       2   lcp_crtpolelt --create --type sbios --out sbios.elt sbios-hash

   Create a CUSTOM element:
       1   Create or determine  the  UUID  that  will  identify  this  data  format  (e.g.  using
       2   Create  the  data  file that will be placed in this element (e.g. the policy file from
       3   lcp_crtpolelt --create --type custom --out custom.elt --uuid uuid-value data-file


       lcp_crtpol2(8), lcp_mlehash(8), lcp_crtpollist(8), uuidgen(1), tb_polgen(8).