crosvm

mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2025-02-05 18:20:34 +00:00

History

David Tolnay 41a6f84d85 tpm: Store TPM state under /run/vm When running in multiprocess mode, such as on a device, TPM state gets placed in /run/vm/tpm.{pid} (e.g. /run/vm/tpm.22726) where pid is the pid of the original crosvm process. The TPM simulator will write a single file called NVChip of size 16384 bytes into this directory. The directory and NVChip file will have uid and pid set to crosvm. When running without multiprocess mode / without minijail / probably in cros_sdk, TPM state is placed in /tmp/tpm-simulator as before. The /run/vm directory is not present under cros_sdk. Will follow up with a separate CL to remove the TPM state directory at crosvm exit. Tested by running the following on a grunt board (Barla) in dev mode: sudo crosvm run \ --root rootfs.ext4 \ --socket crosvm.sock \ --seccomp-policy-dir seccomp \ --software-tpm \ -p init=/bin/bash \ -p panic=-1 \ vmlinux.bin and confirming that /dev/tpm0 and /dev/tpmrm0 are present in the VM. BUG=chromium:921841 TEST=manual testing on grunt Change-Id: I1868896b9eb6f510d8b97022ba950b3604d9d40b Reviewed-on: https://chromium-review.googlesource.com/1496910 Commit-Ready: David Tolnay <dtolnay@chromium.org> Tested-by: David Tolnay <dtolnay@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Dylan Reid <dgreid@chromium.org>	2019-03-02 17:41:27 -08:00
..
src	tpm: Store TPM state under /run/vm	2019-03-02 17:41:27 -08:00
Cargo.toml	io_jail: Add a wrapper around minijail	2017-05-25 12:25:27 -07:00

David Tolnay 41a6f84d85 tpm: Store TPM state under /run/vm

When running in multiprocess mode, such as on a device, TPM state gets
placed in /run/vm/tpm.{pid} (e.g. /run/vm/tpm.22726) where pid is the
pid of the original crosvm process. The TPM simulator will write a
single file called NVChip of size 16384 bytes into this directory. The
directory and NVChip file will have uid and pid set to crosvm.

When running without multiprocess mode / without minijail / probably in
cros_sdk, TPM state is placed in /tmp/tpm-simulator as before. The
/run/vm directory is not present under cros_sdk.

Will follow up with a separate CL to remove the TPM state directory at
crosvm exit.

Tested by running the following on a grunt board (Barla) in dev mode:

    sudo crosvm run \
        --root rootfs.ext4 \
        --socket crosvm.sock \
        --seccomp-policy-dir seccomp \
        --software-tpm \
        -p init=/bin/bash \
        -p panic=-1 \
        vmlinux.bin

and confirming that /dev/tpm0 and /dev/tpmrm0 are present in the VM.

BUG=chromium:921841
TEST=manual testing on grunt

Change-Id: I1868896b9eb6f510d8b97022ba950b3604d9d40b
Reviewed-on: https://chromium-review.googlesource.com/1496910
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

2019-03-02 17:41:27 -08:00

src

tpm: Store TPM state under /run/vm

2019-03-02 17:41:27 -08:00

Cargo.toml

io_jail: Add a wrapper around minijail

2017-05-25 12:25:27 -07:00