From 36f746c2b7ed1c23febe69ea9a08ab1c736c54f5 Mon Sep 17 00:00:00 2001 From: "A. Cody Schuffelen" Date: Tue, 11 Feb 2020 18:01:10 -0800 Subject: [PATCH] ANDROID: Add TPM support and the vTPM proxy to Cuttlefish. This module allows presenting the kernel TPM interface while proxying the TPM commands into a file descriptor. The module was originally implemented to support running a TPM simulator on the same host system and exposing a kernel TPM interface to a Linux container, but it is also a convenient incremental step while we figure out our long-term strategy with crosvm, which does not have TPM support following the same standards as qemu. CONFIG_TCG_TPM, the base config for the various TPM drivers, required CONFIG_SECURITYFS. CONFIG_SECURITYFS exists only as a boolean and not a tristate, so we can't install it as a module. Bug: 148102533 Test: Build and run locally with cuttlefish, check for /dev/vtpmx Change-Id: I568a50c2ecb7899aae70e7a20efaedc84443511d Signed-off-by: A. Cody Schuffelen --- arch/arm64/configs/gki_defconfig | 1 + arch/x86/configs/gki_defconfig | 1 + cuttlefish.fragment | 2 ++ 3 files changed, 4 insertions(+) diff --git a/arch/arm64/configs/gki_defconfig b/arch/arm64/configs/gki_defconfig index 7e4620841593..8b091484f88f 100644 --- a/arch/arm64/configs/gki_defconfig +++ b/arch/arm64/configs/gki_defconfig @@ -451,6 +451,7 @@ CONFIG_NLS_MAC_TURKISH=y CONFIG_NLS_UTF8=y CONFIG_UNICODE=y CONFIG_SECURITY=y +CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y CONFIG_HARDENED_USERCOPY=y CONFIG_SECURITY_SELINUX=y diff --git a/arch/x86/configs/gki_defconfig b/arch/x86/configs/gki_defconfig index 9fa868610256..e5b40d7da1db 100644 --- a/arch/x86/configs/gki_defconfig +++ b/arch/x86/configs/gki_defconfig @@ -393,6 +393,7 @@ CONFIG_NLS_MAC_TURKISH=y CONFIG_NLS_UTF8=y CONFIG_UNICODE=y CONFIG_SECURITY=y +CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y CONFIG_HARDENED_USERCOPY=y CONFIG_SECURITY_SELINUX=y diff --git a/cuttlefish.fragment b/cuttlefish.fragment index fd4e45b30dc4..b2b17f532f6a 100644 --- a/cuttlefish.fragment +++ b/cuttlefish.fragment @@ -20,3 +20,5 @@ CONFIG_ION_SYSTEM_HEAP=y CONFIG_TEST_STACKINIT=m CONFIG_TEST_MEMINIT=m CONFIG_SDCARD_FS=m +CONFIG_TCG_TPM=m +CONFIG_TCG_VTPM_PROXY=m