Provided by: tboot_1.8.3-0ubuntu1_i386 bug


       lcp_crtpolelt  -  create  an  Intel(R)  TXT policy element of specified


       lcp_crtpolelt COMMAND [OPTION]


       lcp_crtpolelt is used to create  an  Intel(R)  TXT  policy  element  of
       specified type.


              create an policy element

              --type type           type of element; must be first option; see
                                    below for type strings and their options

              --out file            output file name

              [--ctrl pol-elt-ctr1] PolEltControl field (hex or decimal)

       --show file
              show policy element

              enable verbose output; can be specified with any command

       --help print out the help message

   Available type options:
       mle [--minver ver]
              minimum version of SINIT

       mle [file1][file2]...
              one or more files containing MLE hash(es); each file can contain
              multiple hashes

       pconf [file1][file2]...
              one  or more files containing PCR numbers and the desired digest
              of each; each file will be a PCONF

       custom [--uuid UUID]
              UUID in format: {0xaabbccdd, 0xeeff, 0xgghh, 0xiijj, {0xkk 0xll,
              0xmm, 0xnn, 0xoo, 0xpp}} or "--uuid tboot" to use default

       custom [file]
              file containing element data


   Create an MLE element:
       1   lcp_mlehash  -c  "logging=serial,vga,memory"  /boot/tboot.gz > mle-
       2   lcp_crtpolelt --create --type mle --ctrl  0x00  --minver  17  --out
           mle.elt mle-hash

   Create a PCONF element:
       1   cat /sys/devices/platform/tpm_tis/pcrs | grep -e PCR-00 -e PCR-01 >
       2   lcp_crtpolelt --create --type pconf --out pconf.elt pcrs

   Create an SBIOS element:
       1   Create hash file containing BIOS hash(es), e.g. named sbios-hash

       2   lcp_crtpolelt --create --type sbios --out sbios.elt sbios-hash

   Create a CUSTOM element:
       1   Create or determine the UUID that will identify  this  data  format
           (e.g. using uuidgen(1)).
       2   Create  the data file that will be placed in this element (e.g. the
           policy file from tb_polgen(8)).
       3   lcp_crtpolelt --create --type custom --out custom.elt --uuid  uuid-
           value data-file


       lcp_crtpol2(8),    lcp_mlehash(8),    lcp_crtpollist(8),    uuidgen(1),