1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
.\"
.TH LCP_CRTPOL2 8 "2011-12-31" "tboot" "User Manuals"
.SH NAME
lcp_crtpol2 \- create an Intel(R) TXT policy (and policy data file)
.SH SYNOPSIS
.B lcp_crtpol2
.I COMMAND
.RI [ OPTION ]
.SH DESCRIPTION
.B lcp_crtpol2
is used to create an Intel(R) TXT policy (and policy data file) for platforms
produced after 2008.
.SH OPTIONS
.TP
.B \-\-create
Create an TXT policy. The following options are available:
.RS
.TP \w'\fR[\fB\-\-rev\ \fIctr1\fR[,\fIctrN\fR]'u+1n
\fB\-\-type\ \fIany\||\|list\fR
type
.TP
\fB\-\-pol\ \fIfile\fR
policy file
.TP
\fR[\fB\-\-ver\ \fIversion\fR]
version
.TP
\fR[\fB\-\-minver\ \fIver\fR]
SINITMinVersion
.TP
\fR[\fB\-\-rev\ \fIctr1\fR,\fIctrN\fR]
revocation values (comma separated, no spaces)
.TP
\fR[\fB\-\-ctrl\ \fIpol-ctrl\fR]
policy control
.TP
\fR[\fB\-\-data\ \fIfile\fR]
policy data file
.TP
\fR[\fIfile\fR]...
policy list files
.RE
.TP
.B \-\-show
Show the content of policy file or policy data file. Available options are:
.RS
.TP \w'\fR[\fB\-\-rev\ \fIctr1\fR[,\fIcrtN\fR]'u+1n
\fR[\fB\-\-brief\fR]
brief format output
.TP
\fR[\fIpolicy-file\fR]
policy file
.TP
\fR[\fIpolicy-data-file\fR]
policy data file
.RE
.TP
.B \-\-help
Print out the help message.
.TP
.B \-\-verbose
Enable verbose output; can be specified with any command.
.SH EXAMPLES
Assuming a policy list file
.I list-unsig.lst
has been created by the command
.B lcp_crtpolist(8).
The following example will create a policy and policy data file.
.PP
\fBlcp_crtpol2\ \-\-create\ \-\-type \fIlist \fB\-\-pol \fIlist.pol \fB\-\-data \fIlist.data\ list-unsig.lst
.SH "SEE ALSO"
.BR lcp_crtpol (8),
.BR lcp_mlehash (8),
.BR lcp_crtpolelt (8),
.BR lcp_crtpollist (8).
|
