tpm_manager: enable minijail sandboxing

This CL makes tpm_manager daemon run inside a minijail
sandbox. tpm_managerd now runs as tpm_manager user.
This CL also defines the seccomp policy file for amd64 architecture.

BUG=brillo:1039
TEST=run tpm_managerd on a DUT
CQ-DEPEND=CL:273273

Change-Id: Icb8dbf967a05c0bd26c624ff79127504f21aad19
Reviewed-on: https://chromium-review.googlesource.com/273340
Reviewed-by: Utkarsh Sanghi <[email protected]>
Commit-Queue: Utkarsh Sanghi <[email protected]>
Tested-by: Utkarsh Sanghi <[email protected]>
4 files changed
tree: ec290ef97895a9521c5430bf3d0a51aa3bb9b3a3
  1. client/
  2. common/
  3. server/
  4. tpm_manager.gyp
  5. tpm_manager_testrunner.cc