mirrors/crosvm
1
0
Fork 0
mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2025-02-11 04:26:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

tpm: Runtime flag for software tpm device

Browse source 
Gate the current software tpm device behind a crosvm flag called
`--software-tpm`. When we get to leveraging the physical tpm, we will
likely want that behind a separate `--hardware-tpm` flag that is
automatically detected when the vm being launched is gLinux.

Based on feedback from apronin:

> Hm, long-term it may actually make sense to have software-tpm and
> real-tpm-for-glinux as two separate run-time options and only enable
> real-tpm-for-glinux for glinux.
>
> we want to protect guests from exploits, but we also want to limit
> access to tpm for random guests. So, enterprises may set this to "no
> TPM" for Linux images their employees run on their devices, so that
> they don't get creative with trying to break TPM from inside those
> images.

BUG=chromium:911799
TEST=run TPM playground program inside crosvm with flag set
TEST=confirm TPM playground does not run with flag unset

Change-Id: I1bccf62be63d40203463623f43b1a6ee2d51f6c0
Reviewed-on: https://chromium-review.googlesource.com/1478377
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This commit is contained in:
David Tolnay 2019-02-13 17:28:16 -08:00 committed by chrome-bot
parent 42e5fbd9f3
commit 43f8e21dd2
2 changed files with 20 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
src/linux.rs
View file

@ -312,17 +312,19 @@ fn create_virtio_devs(
#[cfg(feature = "tpm")]
{
let tpm_box = Box::new(devices::virtio::Tpm::new());
let tpm_jail = if cfg.multiprocess {
let policy_path = cfg.seccomp_policy_dir.join("tpm_device.policy");
Some(create_base_minijail(empty_root_path, &policy_path)?)
} else {
None
};
devs.push(VirtioDeviceStub {
dev: tpm_box,
jail: tpm_jail,
});
if cfg.software_tpm {
let tpm_box = Box::new(devices::virtio::Tpm::new());
let tpm_jail = if cfg.multiprocess {
let policy_path = cfg.seccomp_policy_dir.join("tpm_device.policy");
Some(create_base_minijail(empty_root_path, &policy_path)?)
} else {
None
};
devs.push(VirtioDeviceStub {
dev: tpm_box,
jail: tpm_jail,
});
}
}
if let Some(trackpad_spec) = cfg.virtio_trackpad {

7
src/main.rs
View file

@ -116,6 +116,7 @@ pub struct Config {
multiprocess: bool,
seccomp_policy_dir: PathBuf,
gpu: bool,
software_tpm: bool,
cras_audio: bool,
null_audio: bool,
virtio_trackpad: Option<TrackpadOption>,
@ -146,6 +147,7 @@ impl Default for Config {
tap_fd: Vec::new(),
cid: None,
gpu: false,
software_tpm: false,
wayland_socket_path: None,
wayland_dmabuf: false,
shared_dirs: Vec::new(),
@ -518,6 +520,9 @@ fn set_argument(cfg: &mut Config, name: &str, value: Option<&str>) -> argument::
"gpu" => {
cfg.gpu = true;
}
"software-tpm" => {
cfg.software_tpm = true;
}
"trackpad" => {
if cfg.virtio_trackpad.is_some() {
return Err(argument::Error::TooManyArguments(
@ -629,6 +634,8 @@ fn run_vm(args: std::env::Args) -> std::result::Result<(), ()> {
"File descriptor for configured tap device. A different virtual network card will be added each time this argument is given."),
#[cfg(feature = "gpu")]
Argument::flag("gpu", "(EXPERIMENTAL) enable virtio-gpu device"),
#[cfg(feature = "tpm")]
Argument::flag("software-tpm", "enable a software emulated trusted platform module device"),
Argument::value("evdev", "PATH", "Path to an event device node. The device will be grabbed (unusable from the host) and made available to the guest with the same configuration it shows on the host"),
Argument::value("trackpad", "PATH:WIDTH:HEIGHT", "Path to a socket from where to read trackpad input events and write status updates to, optionally followed by screen width and height (defaults to 800x1280)."),
Argument::value("mouse", "PATH", "Path to a socket from where to read mouse input events and write status updates to."),