tpm: Store TPM state under /run/vm

When running in multiprocess mode, such as on a device, TPM state gets
placed in /run/vm/tpm.{pid} (e.g. /run/vm/tpm.22726) where pid is the
pid of the original crosvm process. The TPM simulator will write a
single file called NVChip of size 16384 bytes into this directory. The
directory and NVChip file will have uid and pid set to crosvm.

When running without multiprocess mode / without minijail / probably in
cros_sdk, TPM state is placed in /tmp/tpm-simulator as before. The
/run/vm directory is not present under cros_sdk.

Will follow up with a separate CL to remove the TPM state directory at
crosvm exit.

Tested by running the following on a grunt board (Barla) in dev mode:

    sudo crosvm run \
        --root rootfs.ext4 \
        --socket crosvm.sock \
        --seccomp-policy-dir seccomp \
        --software-tpm \
        -p init=/bin/bash \
        -p panic=-1 \
        vmlinux.bin

and confirming that /dev/tpm0 and /dev/tpmrm0 are present in the VM.

BUG=chromium:921841
TEST=manual testing on grunt

Change-Id: I1868896b9eb6f510d8b97022ba950b3604d9d40b
Reviewed-on: https://chromium-review.googlesource.com/1496910
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

1 files changed, 2 insertions, 0 deletions

diff --git a/io_jail/src/lib.rs b/io_jail/src/lib.rs
index b56924d..ef0b935 100644
--- a/io_jail/src/lib.rs
+++ b/io_jail/src/lib.rs
@@ -153,6 +153,8 @@ impl fmt::Display for Error {
     }
 }
 
+impl std::error::Error for Error {}
+
 pub type Result<T> = std::result::Result<T, Error>;
 
 /// Configuration to jail a process based on wrapping libminijail.