diff options
| author | David Tolnay <dtolnay@chromium.org> | 2018-12-20 11:49:46 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2019-01-24 07:43:30 -0800 |
| commit | de6b29ab9d1a90a56874e6b33d35b5bf077acbfc (patch) | |
| tree | e513ca66f2c91366007925419ccf7a934a91b7c8 /tpm2 | |
| parent | 5c8dae6ad7829b2db5317e0431d0ab2de5a9d725 (diff) | |
| download | crosvm-de6b29ab9d1a90a56874e6b33d35b5bf077acbfc.tar crosvm-de6b29ab9d1a90a56874e6b33d35b5bf077acbfc.tar.gz crosvm-de6b29ab9d1a90a56874e6b33d35b5bf077acbfc.tar.bz2 crosvm-de6b29ab9d1a90a56874e6b33d35b5bf077acbfc.tar.lz crosvm-de6b29ab9d1a90a56874e6b33d35b5bf077acbfc.tar.xz crosvm-de6b29ab9d1a90a56874e6b33d35b5bf077acbfc.tar.zst crosvm-de6b29ab9d1a90a56874e6b33d35b5bf077acbfc.zip | |
tpm: Virtio tpm device
This CL adds a "tpm" Cargo cfg to crosvm which enables a TPM device
backed by libtpm2 simulator.
Tested by running the following inside cros_sdk:
LIBRARY_PATH=~/src/minijail LD_LIBRARY_PATH=~/src/minijail \
cargo run --release \
--features tpm \
-- \
run \
-r rootfs.ext4 \
--seccomp-policy-dir seccomp/x86_64/ \
-p init=/bin/bash \
-p panic=-1 \
--disable-sandbox \
vmlinux.bin
with a Linux image built from CL:1387655.
The TPM self test completes successfully with the following output:
https://paste.googleplex.com/5996075978588160?raw
Justin's TPM playground runs with the following trace output.
https://paste.googleplex.com/4909751007707136?raw
Design doc: go/vtpm-for-glinux
TEST=ran TPM playground program inside crosvm
TEST=local kokoro
BUG=chromium:911799
Change-Id: I2feb24a3e38cba91f62c6d2cd1f378de4dd03ecf
Reviewed-on: https://chromium-review.googlesource.com/1387624
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Diffstat (limited to 'tpm2')
| -rw-r--r-- | tpm2/Cargo.toml | 2 | ||||
| -rw-r--r-- | tpm2/src/lib.rs | 4 |
2 files changed, 1 insertions, 5 deletions
diff --git a/tpm2/Cargo.toml b/tpm2/Cargo.toml index 80a43bc..56ee5fb 100644 --- a/tpm2/Cargo.toml +++ b/tpm2/Cargo.toml @@ -6,5 +6,3 @@ edition = "2018" [dependencies] tpm2-sys = { path = "../tpm2-sys" } - -[workspace] diff --git a/tpm2/src/lib.rs b/tpm2/src/lib.rs index 53022c6..4de849c 100644 --- a/tpm2/src/lib.rs +++ b/tpm2/src/lib.rs @@ -165,9 +165,7 @@ fn tpm_manufacture(first_time: bool) { // Unsafe only because this is over FFI and we need to know that the // signature declared by tpm2-sys is ABI-compatible with the symbol provided // by libtpm2. There are no other invariants to uphold. - let ret: c_int = unsafe { - tpm2_sys::TPM_Manufacture(first_time as c_int) - }; + let ret: c_int = unsafe { tpm2_sys::TPM_Manufacture(first_time as c_int) }; // We expect that the TPM must not already have been manufactured. The // SIMULATOR_EXISTS atomic flag guards calls to this function such that only |