tpm: Add tpm2-sys crate

This CL adds a tpm2-sys crate that builds libtpm2 from source (from a
git submodule) using the existing Makefile and then links the generated
static library as -ltpm2.

For production builds there is a flag `RUSTFLAGS='--cfg hermetic'` to
disallow building our own libtpm2. Instead it will expect to find
libtpm2 installed in the standard system location. Building from the
libtpm2 submodule is a convenience only intended for developer
environments.

The functions exposed by tpm2-sys are the ones that will be necessary to
initialize a TPM simulator in crosvm and execute TPM commands. Trunks
uses the same functions for its simulator mode here:

    https://chromium.googlesource.com/chromiumos/platform2/+/e4cf13c05773f3446bd76a13c4e37f0b80728711/trunks/tpm_simulator_handle.cc

Tested by running:

    fn main() {
        unsafe {
            tpm2_sys::TPM_Manufacture(1);
        }
    }

inside cros_sdk. Libtpm2 cannot be built outside of cros_sdk because it
requires openssl 1.0.2p, whereas dev machines come with openssl 1.1.0j.

I have not yet added any dependency on tpm2-sys from crosvm, but when it
does get added it will be behind a tpm feature flag so that crosvm can
continue to build outside of cros_sdk just without tpm support.

I published num_cpus version 1.9.0 to chromeos-localmirror.

TEST=running the code snippet above as described
BUG=chromium:911799

Change-Id: I097729bc447f9dc95e39959a426d1ac42f46b16d
Reviewed-on: https://chromium-review.googlesource.com/1396280
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>

1 files changed, 3 insertions, 0 deletions

diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..f04998d
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "tpm2-sys/libtpm2"]
+	path = tpm2-sys/libtpm2
+	url = https://chromium.googlesource.com/chromiumos/third_party/tpm2