Provided by: tpm-tools_1.3.9.2-0.1_amd64 bug

NAME
       tpm_nvdefine


SYNOPSIS
       tpm_nvdefine [OPTIONS]


DESCRIPTION
       tpm_nvdefine defines a new NVRAM area at the given index and of given size. The user has
       to provide the permissions that control access to the NVRAM area.

       Owner authentication is necessary once the NVRAM area 0xFFFFFFFF has been defined. The
       owner password may be provided on the command line using the owner password option.

       The following options are supported:

       -h, --help
           Display command usage info.

       -v, --version
           Display command version info.

       -l, --log [none|error|info|debug]
           Set logging level.

       -u, --unicode
           Use TSS UNICODE encoding for passwords to comply with applications using TSS popup
           boxes

       -y, --owner-well-known
           Use a secret of all zeros (20 bytes of zeros) as the owner's secret.

       -z, --data-well-known
           Use a secret of all zeros (20 bytes of zeros) as the NVRAM area's secret.

       -o, --pwdo (optional parameter)
           The owner password.

           A password may be directly provided for example by using '--pwdo=password' or
           '-opassword'. If no password is provided with this option then the program will prompt
           the user for the password.

       -a, --pwda (optional parameter)
           The NVRAM area password.

           A password may be directly provided for example by using '--pwda=password' or
           '-apassword'. If no password is provided with this option then the program will prompt
           the user for the password.

       -i, --index
           The index of the NVRAM area.  The parameter must either be a decimal number or a
           hexadecimal number starting with '0x'.

           To select the NVRAM area with index 0x100, the command line parameter should be '-i
           0x100' or '--index 0x100'.

       -s, --size
           The size of the NVRAM area.  The parameter must either be a decimal number or a
           hexadecimal number starting with '0x'.

       -r, --rpcsr
           PCRs to seal the NVRAM area to for reading (use multiple times)

       -w, --wpcrs
           PCRs to seal the NVRAM area to for writing (use multiple times)

       -f, --filename
           File containing PCR info for the NVRAM area.

       -p, --permissions
           The access permissions associated with the NVRAM area.  The parameter must either be a
           decimal number or a hexadecimal number staring with '0x'. It is possible to logically
           'or' numbers or strings. The following strings are supported:

           AUTHREAD
               Reading requires NVRAM area authorization.

           AUTHWRITE
               Writing requires NVRAM area authorization.

           PPREAD
               Reading requires physical presence.

           PPWRITE
               Writing requires physical presence.

           OWNERREAD
               Reading requires owner authorization.

           OWNERWRITE
               Writing requires owner authorization.

           GLOBALLOCK
               A write to index 0 locks the NVRAM area until the next TPM_Startup(ST_CLEAR)

           READ_STCLEAR
               A read with size 0 on the same index prevents further reading until the next
               TPM_Startup(ST_CLEAR)

           WRITE_STCLEAR
               A write with size 0 to the same index prevents further writing until the next
               TPM_Startup(ST_CLEAR)

           WRITEDEFINE
               A write with size 0 to the same index locks the NVRAM area permanently

           WRITEALL
               The value must be written in a single operation

           An example of a permission parameter is:

           --permissions="OWNERREAD|OWNERWRITE"


SEE ALSO
       tpm_nvread(8), tpm_nvwrite(8), tpm_nvrelease(8), tpm_nvinfo(8)


REPORTING BUGS
       Report bugs to <trousers-users@lists.sourceforge.net>