tssimaextend - Man Page
Replay IMA event log
Description
Replays the provided IMA event log.
Without -sim, uses TPM2_PCR_Extend to extend the events into the TPM.
With -sim, extends into simulated PCRs and traces the result.
Without -sim, hash algorithms not allocated are ignored, the TPM behavior.
With -sim, all specified hash algorithms are used. If no hash algorithms are specified, defaults to sha1 and sha256.
Two IMA log formats are currently supported:
1: SHA1 - A zero padded measurement is extended into other PCR banks.
2: SHA1 - A digest of the template data is extended into other PCR banks.
This handles the case where a zero measurement extends ones into the IMA PCR.
- -if
IMA event log file name
- [-of
With -sim, PCR 10 of first algorithm specified]
- [-le
input file is little endian (default big endian)]
- [-halg
(sha1, sha256, sha384, sha512)]
-halg may be specified more than once- [-ty
IMA log format (default type 1)]
- [-tpm
extend TPM PCRs (default)]
- [-sim
calculate simulated PCRs]
- [-checkhash
verify IMA event log hashes]
- [-checkdata
verify IMA event log template data, stop on error]
- [-b
beginning entry (default 0, beginning of log)] A beginning entry after the end of the log becomes a noop
- [-e
ending entry (default end of log)] E.g., -b 0 -e 0 sends one entry
- [-l
time - run in a continuous loop, sleep 'time' seconds betwteen loops] The intent is that this be run without specifying -b and -e Afer each pass, the next beginning entry is set to the last entry +1