diff options
| author | David Tolnay <dtolnay@chromium.org> | 2019-01-04 11:50:58 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2019-01-13 03:23:13 -0800 |
| commit | c49ef3e03bcce3a507c37daeba0da6234d7025bc (patch) | |
| tree | 910c77d146210db05723a153748dbf839d04b1a8 /tpm2-sys | |
| parent | 4adfdc03227a076b485d8b37fc8f227c08897696 (diff) | |
| download | crosvm-c49ef3e03bcce3a507c37daeba0da6234d7025bc.tar crosvm-c49ef3e03bcce3a507c37daeba0da6234d7025bc.tar.gz crosvm-c49ef3e03bcce3a507c37daeba0da6234d7025bc.tar.bz2 crosvm-c49ef3e03bcce3a507c37daeba0da6234d7025bc.tar.lz crosvm-c49ef3e03bcce3a507c37daeba0da6234d7025bc.tar.xz crosvm-c49ef3e03bcce3a507c37daeba0da6234d7025bc.tar.zst crosvm-c49ef3e03bcce3a507c37daeba0da6234d7025bc.zip | |
tpm: Add tpm2-sys crate
This CL adds a tpm2-sys crate that builds libtpm2 from source (from a
git submodule) using the existing Makefile and then links the generated
static library as -ltpm2.
For production builds there is a flag `RUSTFLAGS='--cfg hermetic'` to
disallow building our own libtpm2. Instead it will expect to find
libtpm2 installed in the standard system location. Building from the
libtpm2 submodule is a convenience only intended for developer
environments.
The functions exposed by tpm2-sys are the ones that will be necessary to
initialize a TPM simulator in crosvm and execute TPM commands. Trunks
uses the same functions for its simulator mode here:
https://chromium.googlesource.com/chromiumos/platform2/+/e4cf13c05773f3446bd76a13c4e37f0b80728711/trunks/tpm_simulator_handle.cc
Tested by running:
fn main() {
unsafe {
tpm2_sys::TPM_Manufacture(1);
}
}
inside cros_sdk. Libtpm2 cannot be built outside of cros_sdk because it
requires openssl 1.0.2p, whereas dev machines come with openssl 1.1.0j.
I have not yet added any dependency on tpm2-sys from crosvm, but when it
does get added it will be behind a tpm feature flag so that crosvm can
continue to build outside of cros_sdk just without tpm support.
I published num_cpus version 1.9.0 to chromeos-localmirror.
TEST=running the code snippet above as described
BUG=chromium:911799
Change-Id: I097729bc447f9dc95e39959a426d1ac42f46b16d
Reviewed-on: https://chromium-review.googlesource.com/1396280
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Diffstat (limited to 'tpm2-sys')
| -rw-r--r-- | tpm2-sys/Cargo.toml | 12 | ||||
| -rw-r--r-- | tpm2-sys/build.rs | 48 | ||||
| m--------- | tpm2-sys/libtpm2 | 0 | ||||
| -rw-r--r-- | tpm2-sys/src/lib.rs | 18 |
4 files changed, 78 insertions, 0 deletions
diff --git a/tpm2-sys/Cargo.toml b/tpm2-sys/Cargo.toml new file mode 100644 index 0000000..0297bf0 --- /dev/null +++ b/tpm2-sys/Cargo.toml @@ -0,0 +1,12 @@ +[package] +name = "tpm2-sys" +version = "0.1.0" +authors = ["The Chromium OS Authors"] +edition = "2018" +links = "tpm2" + +[build-dependencies] +num_cpus = "*" +pkg-config = "*" + +[workspace] diff --git a/tpm2-sys/build.rs b/tpm2-sys/build.rs new file mode 100644 index 0000000..f1abd4a --- /dev/null +++ b/tpm2-sys/build.rs @@ -0,0 +1,48 @@ +// Copyright 2019 The Chromium OS Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +use std::env; +use std::io; +use std::path::Path; +use std::process::{self, Command}; + +fn main() -> io::Result<()> { + println!("cargo:rustc-link-lib=ssl"); + println!("cargo:rustc-link-lib=crypto"); + + if pkg_config::probe_library("libtpm2").is_ok() { + // Use tpm2 package from the standard system location if available. + return Ok(()); + } + + // Build with `RUSTFLAGS='--cfg hermetic'` to disallow building our own + // libtpm2 in a production build context. Building from the libtpm2 + // submodule is a convenience only intended for developer environments. + if cfg!(hermetic) { + eprintln!("libtpm2 not found; unable to perform hermetic build"); + process::exit(1); + } + + if !Path::new("libtpm2/.git").exists() { + Command::new("git") + .args(&["submodule", "update", "--init"]) + .status()?; + } + + if !Path::new("libtpm2/build/libtpm2.a").exists() { + let ncpu = num_cpus::get(); + let status = Command::new("make") + .arg(format!("-j{}", ncpu)) + .current_dir("libtpm2") + .status()?; + if !status.success() { + process::exit(status.code().unwrap_or(1)); + } + } + + let dir = env::var("CARGO_MANIFEST_DIR").unwrap(); + println!("cargo:rustc-link-search={}/libtpm2/build", dir); + println!("cargo:rustc-link-lib=static=tpm2"); + Ok(()) +} diff --git a/tpm2-sys/libtpm2 b/tpm2-sys/libtpm2 new file mode 160000 +Subproject 15260c8cd98eb10b4976d2161cd5cb9bc0c3ada diff --git a/tpm2-sys/src/lib.rs b/tpm2-sys/src/lib.rs new file mode 100644 index 0000000..456cc87 --- /dev/null +++ b/tpm2-sys/src/lib.rs @@ -0,0 +1,18 @@ +// Copyright 2019 The Chromium OS Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +use std::os::raw::{c_int, c_uchar, c_uint}; + +extern "C" { + pub fn TPM_Manufacture(firstTime: c_int) -> c_int; + pub fn _plat__SetNvAvail(); + pub fn _plat__Signal_PowerOn() -> c_int; + pub fn _TPM_Init(); + pub fn ExecuteCommand( + requestSize: c_uint, + request: *mut c_uchar, + responseSize: *mut c_uint, + response: *mut *mut c_uchar, + ); +} |