Provided by: tpm2-abrmd_2.1.1-1_amd64
tpm2-abrmd - TPM2 access broker and resource management daemon
tpm2-abrmd [-m][-e][-i][-o][-l logger-name][-r][-s][-g /dev/urandom][-t conf]
tpm2-abrmd is a daemon that implements the TPM access broker and resource manager as described by the Trusted Computing Group (TGC) in the “TSS System Level API and TPM Command Transmission Interface Specification”. This daemon uses the DBus system bus and some pipes to communicate with clients.
-t, --tcti Provide the daemon with a string that describes the TCTI and how to configure it for communication with the next component down the TSS2 stack. This string is formatted as "tcti-name:tcti-conf" where: 'tcti-name' The name of the TCTI library shared object file. Libraries are found using the same algorithm as dlopen (3). If the TCTI library file name follows the naming convention: libtss2-tcti-<name>.so.0 where <name> is the name for the TCTI, the value of <name> may be supplied in place of the full library file name. See 'EXAMPLES' below. 'tcti-conf' The configuration string passed to the TCTI library upon initialization. If this option is omitted (or a NULL string provided) then a default TCTI is used in it's default configuration. If the string does not contain a colon then it will be interpreted as only the 'tcti-name'. To provide only the configuration string (using the default TCTI) then the first character in the string passed to this option must be a colon followed by the configuration string. See examples below. -o, --allow-root Allow daemon to run as root. If this option is not provided the daemon will refused to run as the root user. Use of this option is not recommended. -m, --max-connections Set an upper bound on the number of concurrent client connections allowed. Once this number of client connections is reached new connections will be rejected with an error. -f, --flush-all Flush all objects and sessions when daemon is started. -l, --logger Direct logging output to named logging target. Supported targets are stdout and syslog. If the logger option is not specified the default is stdout. -e, --max-sessions Set and upper bound on the number of sessions that each client connection is allowed to create (loaded or active) at any one time. -r, --max-transients Set an upper bound on the number of transient objects that each client connection allowed to load. Once this number of objects is reached attempts to load new transient objects will produce an error. -n, --dbus-name Claim the given name on dbus. This option overrides the default of com.intel.tss2.Tabrmd. -g, --prng-seed-file Read seed for pseudo-random number generator from the provided file. -s, --session Connect daemon to the session dbus. This option overrides the default behavior. -v, --version Display version string.
Execute daemon with default TCTI and options: tpm2-abrmd Execute daemon with default TCTI and provided config string: tpm2-abrmd --tcti=":/dev/tpm0" This is equivalent to: tpm2-abrmd --tcti="device:/dev/tpm0" tpm2-abrmd --tcti="libtss2-tcti-device.so.0:/dev/tpm0" Have daemon use Microsoft/IBM TPM2 Simulator tcti library ´libtss2-tcti-mssim.so.0´. This connects to a TPM2 simulator via a TCP mssim. tpm2-abrmd --tcti="mssim" tpm2-abrmd --tcti="libtss2-tcti-mssim.so.0" Have daemon use tcti library ´libtss2-tcti-mssim.so.0´ and config string ´host=127.0.0.1,port=5555´: tpm2-abrmd --tcti=mssim:host=127.0.0.1,port=5555" tpm2-abrmd --tcti="libtss2-tcti-mssim.so.0:host=127.0.0.1,port=5555"
Philip Tricca <firstname.lastname@example.org>
This page is part of the 2.1.1 release of Intel's TPM2 Access Broker & Resource Management Daemon. A description of the project, information about reporting bugs, and the latest version of this page can be found at https://github.com/01org/tpm2-abrmd/.