TSSIMAEXTEND

Section: User Commands (1)
Updated: January 2021
Page Index

---

 

NAME

tssimaextend - Replay the IMA event log  

DESCRIPTION

Replays the provided IMA event log.

Without -sim, uses TPM2_PCR_Extend to extend the events into the TPM.
With -sim, extends into simulated PCRs and traces the result.

Without -sim, hash algorithms not allocated are ignored, the TPM behavior.
With -sim, all specified hash algorithms are used. If no hash algorithms are specified, defaults to sha1 and sha256.

Two IMA log formats are currently supported:

1: SHA1 - A zero padded measurement is extended into other PCR banks.
2: SHA1 - A digest of the template data is extended into other PCR banks.

This handles the case where a zero measurement extends ones into the IMA PCR.

-if

IMA event log file name

[-of

With -sim, PCR 10 of first algorithm specified]

[-le

input file is little endian (default big endian)]

[-halg

(sha1, sha256, sha384, sha512)]
-halg may be specified more than once

[-ty

IMA log format (default type 1)]

[-tpm

extend TPM PCRs (default)]

[-sim

calculate simulated PCRs]

[-checkhash

verify IMA event log hashes]

[-b

beginning entry (default 0, beginning of log)] A beginning entry after the end of the log becomes a noop

[-e

ending entry (default end of log)] E.g., -b 0 -e 0 sends one entry

[-l

time - run in a continuous loop, sleep 'time' seconds betwteen loops] The intent is that this be run without specifying -b and -e Afer each pass, the next beginning entry is set to the last entry +1

---

 

Index

NAME

DESCRIPTION

Index (this page) | LinuxReviews : manual page archive : man1