ANDROID: Add TPM support and the vTPM proxy to Cuttlefish.

This module allows presenting the kernel TPM interface while proxying
the TPM commands into a file descriptor. The module was originally
implemented to support running a TPM simulator on the same host system
and exposing a kernel TPM interface to a Linux container, but it is also
a convenient incremental step while we figure out our long-term strategy
with crosvm, which does not have TPM support following the same
standards as qemu.

CONFIG_TCG_TPM, the base config for the various TPM drivers, required
CONFIG_SECURITYFS. CONFIG_SECURITYFS exists only as a boolean and not a
tristate, so we can't install it as a module.

Bug: 148102533
Test: Build and run locally with cuttlefish, check for /dev/vtpmx
Change-Id: I568a50c2ecb7899aae70e7a20efaedc84443511d
Signed-off-by: A. Cody Schuffelen <schuffelen@google.com>
This commit is contained in:
A. Cody Schuffelen 2020-02-11 18:01:10 -08:00 committed by Alistair Delva
parent 7ce1dbd3c6
commit 36f746c2b7
3 changed files with 4 additions and 0 deletions

View file

@ -451,6 +451,7 @@ CONFIG_NLS_MAC_TURKISH=y
CONFIG_NLS_UTF8=y
CONFIG_UNICODE=y
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
CONFIG_HARDENED_USERCOPY=y
CONFIG_SECURITY_SELINUX=y

View file

@ -393,6 +393,7 @@ CONFIG_NLS_MAC_TURKISH=y
CONFIG_NLS_UTF8=y
CONFIG_UNICODE=y
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y
CONFIG_HARDENED_USERCOPY=y
CONFIG_SECURITY_SELINUX=y

View file

@ -20,3 +20,5 @@ CONFIG_ION_SYSTEM_HEAP=y
CONFIG_TEST_STACKINIT=m
CONFIG_TEST_MEMINIT=m
CONFIG_SDCARD_FS=m
CONFIG_TCG_TPM=m
CONFIG_TCG_VTPM_PROXY=m