% tpm2_setprimarypolicy(1) tpm2-tools | General Commands Manual
tpm2_setprimarypolicy(1) - Sets the authorization policy for the lockout (lockoutPolicy), the platform hierarchy (platformPolicy), the storage hierarchy (ownerPolicy), and the endorsement hierarchy (endorsementPolicy).
tpm2_setprimarypolicy [OPTIONS]
tpm2_setprimarypolicy(1) - Sets the authorization policy for the lockout (lockoutPolicy), the platform hierarchy (platformPolicy), the storage hierarchy (ownerPolicy), and the endorsement hierarchy (endorsementPolicy).
These options control creating the policy authorization session:
-
-C, --hierarchy=OBJECT:
Specifies the hierarchy whose authorization policy is to be setup. It can be specified as o|p|e|l
-
-P, --auth=AUTH:
Specifies the authorization value for the hierarchy.
-
-L, --policy=FILE:
The file path of the authorization policy data.
-
-g, --hash-algorithm=ALGORITHM:
The hash algorithm used in computation of the policy digest.
-
--cphash=FILE
File path to record the hash of the command parameters. This is commonly termed as cpHash. NOTE: When this option is selected, The tool will not actually execute the command, it simply returns a cpHash.
context object format details the methods for specifying OBJECT.
authorization formatting details the methods for specifying AUTH.
algorithm specifiers details the options for specifying cryptographic algorithms ALGORITHM.
common options collection of common options that provide information many users may expect.
common tcti options collection of options used to configure the various known TCTI modules.
tpm2_setprimarypolicy -C e