diff options
author | David Tolnay <dtolnay@chromium.org> | 2019-02-13 17:28:16 -0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2019-02-21 06:29:41 -0800 |
commit | 43f8e21dd29af32a8937e22d5c5e135370934353 (patch) | |
tree | cefb217ef8ad1423ed097ba92f0757227502a4e2 /src/linux.rs | |
parent | 42e5fbd9f33eff538ac36fe0935e2973ede5c281 (diff) | |
download | crosvm-43f8e21dd29af32a8937e22d5c5e135370934353.tar crosvm-43f8e21dd29af32a8937e22d5c5e135370934353.tar.gz crosvm-43f8e21dd29af32a8937e22d5c5e135370934353.tar.bz2 crosvm-43f8e21dd29af32a8937e22d5c5e135370934353.tar.lz crosvm-43f8e21dd29af32a8937e22d5c5e135370934353.tar.xz crosvm-43f8e21dd29af32a8937e22d5c5e135370934353.tar.zst crosvm-43f8e21dd29af32a8937e22d5c5e135370934353.zip |
tpm: Runtime flag for software tpm device
Gate the current software tpm device behind a crosvm flag called `--software-tpm`. When we get to leveraging the physical tpm, we will likely want that behind a separate `--hardware-tpm` flag that is automatically detected when the vm being launched is gLinux. Based on feedback from apronin: > Hm, long-term it may actually make sense to have software-tpm and > real-tpm-for-glinux as two separate run-time options and only enable > real-tpm-for-glinux for glinux. > > we want to protect guests from exploits, but we also want to limit > access to tpm for random guests. So, enterprises may set this to "no > TPM" for Linux images their employees run on their devices, so that > they don't get creative with trying to break TPM from inside those > images. BUG=chromium:911799 TEST=run TPM playground program inside crosvm with flag set TEST=confirm TPM playground does not run with flag unset Change-Id: I1bccf62be63d40203463623f43b1a6ee2d51f6c0 Reviewed-on: https://chromium-review.googlesource.com/1478377 Commit-Ready: David Tolnay <dtolnay@chromium.org> Tested-by: David Tolnay <dtolnay@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Zach Reizner <zachr@chromium.org>
Diffstat (limited to 'src/linux.rs')
-rw-r--r-- | src/linux.rs | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/src/linux.rs b/src/linux.rs index 0391f9d..2d6673d 100644 --- a/src/linux.rs +++ b/src/linux.rs @@ -312,17 +312,19 @@ fn create_virtio_devs( #[cfg(feature = "tpm")] { - let tpm_box = Box::new(devices::virtio::Tpm::new()); - let tpm_jail = if cfg.multiprocess { - let policy_path = cfg.seccomp_policy_dir.join("tpm_device.policy"); - Some(create_base_minijail(empty_root_path, &policy_path)?) - } else { - None - }; - devs.push(VirtioDeviceStub { - dev: tpm_box, - jail: tpm_jail, - }); + if cfg.software_tpm { + let tpm_box = Box::new(devices::virtio::Tpm::new()); + let tpm_jail = if cfg.multiprocess { + let policy_path = cfg.seccomp_policy_dir.join("tpm_device.policy"); + Some(create_base_minijail(empty_root_path, &policy_path)?) + } else { + None + }; + devs.push(VirtioDeviceStub { + dev: tpm_box, + jail: tpm_jail, + }); + } } if let Some(trackpad_spec) = cfg.virtio_trackpad { |