OLD | NEW |
(Empty) | |
| 1 .\" Copyright (C) 2005 International Business Machines Corporation |
| 2 .\" |
| 3 .de Sh \" Subsection |
| 4 .br |
| 5 .if t .Sp |
| 6 .ne 5 |
| 7 .PP |
| 8 \fB\\$1\fR |
| 9 .PP |
| 10 .. |
| 11 .de Sp \" Vertical space (when we can't use .PP) |
| 12 .if t .sp .5v |
| 13 .if n .sp |
| 14 .. |
| 15 .de Ip \" List item |
| 16 .br |
| 17 .ie \\n(.$>=3 .ne \\$3 |
| 18 .el .ne 3 |
| 19 .IP "\\$1" \\$2 |
| 20 .. |
| 21 .TH "tcsd" 8 "2005-03-15" "TSS 1.1" |
| 22 .ce 1 |
| 23 TCG Software Stack |
| 24 .SH NAME |
| 25 tcsd \- daemon that manages Trusted Computing resources |
| 26 .SH "SYNOPSIS" |
| 27 .ad l |
| 28 .hy 0 |
| 29 .B tcsd |
| 30 .RB [ \-f ] |
| 31 |
| 32 .SH "DESCRIPTION" |
| 33 .PP |
| 34 Trousers is an open-source TCG Software Stack (TSS), released under the Common |
| 35 Public License. Trousers aims to be compliant with the current (1.1b) and |
| 36 upcoming (1.2) TSS specifications available from the Trusted Computing Group |
| 37 website: http://www.trustedcomputinggroup.org. |
| 38 |
| 39 \fBtcsd\fR is a user space daemon that should be (according to the TSS spec) |
| 40 the only portal to the TPM device driver. At boot time, \fBtcsd\fR should |
| 41 be started, it should open the TPM device driver and from that point on, all |
| 42 requests to the TPM should go through the TSS stack. The \fBtcsd\fR manages TPM |
| 43 resources and handles requests from TSP's both local and remote. |
| 44 |
| 45 .TP |
| 46 \fB\-f\fR |
| 47 run the daemon in the foreground |
| 48 |
| 49 .SH "ACCESS CONTROL" |
| 50 .PP |
| 51 There are two types of access control for the \fBtcsd\fR, access to the |
| 52 daemon's socket itself and access to specific commands internal to the |
| 53 \fBtcsd\fR. Access to the \fBtcsd\fR's port should be controlled by the system |
| 54 administrator using firewall rules. If using iptables, the following rule |
| 55 will allow a specific host access to the tcsd: |
| 56 |
| 57 # iptables -A INPUT -s $IP_ADDRESS -p tcp --destination-port 30003 -j ACCEPT |
| 58 |
| 59 Access to individual commands internal to the tcsd is configured by the |
| 60 \fBtcsd\fR configuration file's "remote_ops" directive. Each function call |
| 61 in the TCS API is reachable by a unique ordinal. Each labeled "remote op" |
| 62 actually defines a set of ordinals (usually more than one) necessary to |
| 63 accomplish the operation. So, for example, the "random" operation enables |
| 64 the ordinals for opening and closing a context, calling TCS_StirRandom |
| 65 and TCS_GetRandom, as well as TCS_FreeMemory. By default, connections from |
| 66 localhost will allow any ordinals. |
| 67 |
| 68 .SH "DATA FILES" |
| 69 .PP |
| 70 TSS applications have access to 2 different kinds of 'persistant' storage. 'User
' |
| 71 persistant storage has the lifetime of that of the application using it |
| 72 and therefore is destroyed when an application exits. User PS is controlled |
| 73 by the TSP of the application. 'System' persistent storage is controlled by |
| 74 the TCS and stays valid across application lifetimes, \fBtcsd\fR restarts and |
| 75 system resets. Data registered in system PS stays valid until an application |
| 76 requests that it be removed. User PS files are by default stored as |
| 77 /var/tpm/user.{pid} and the system PS file by default is /var/tpm/system.data. |
| 78 The system PS file is initially created when ownership of the TPM is first |
| 79 taken. |
| 80 |
| 81 .SH "CONFIGURATION" |
| 82 \fBtcsd\fR configuration is stored by default in /etc/tcsd.conf |
| 83 |
| 84 .SH "DEBUG OUTPUT" |
| 85 If TrouSerS has been compiled with debugging enabled, the debugging output |
| 86 can be supressed by setting the TSS_DEBUG_OFF environment variable. |
| 87 |
| 88 .SH "DEVICE DRIVERS" |
| 89 .PP |
| 90 \fBtcsd\fR is compatible with the IBM Research TPM device driver available |
| 91 from http://www.research.ibm.com/gsal/tcpa and the TPM device driver available |
| 92 from http://sf.net/projects/tmpdd |
| 93 |
| 94 .SH "CONFORMING TO" |
| 95 .PP |
| 96 \fBtcsd\fR conforms to the Trusted Computing Group Software |
| 97 Specification version 1.1 Golden |
| 98 |
| 99 .SH "SEE ALSO" |
| 100 .PP |
| 101 \fBtcsd.conf\fR(5) |
| 102 |
| 103 .SH "AUTHOR" |
| 104 Kent Yoder |
| 105 |
| 106 .SH "REPORTING BUGS" |
| 107 Report bugs to <trousers-tech@lists.sf.net> |
OLD | NEW |