Add UMA for consistency between TPM and install attributes.

chrome/browser/chromeos/policy/enterprise_install_attributes.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_
 #define CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_
 
 #include <map>
 #include <string>
 
@@ skipping 34 matching lines @@
   typedef base::Callback<void(LockResult lock_result)> LockResultCallback;
 
   // Return serialized InstallAttributes of an enterprise-owned configuration.
   static std::string GetEnterpriseOwnedInstallAttributesBlobForTesting(
       const std::string& user_name);
 
   explicit EnterpriseInstallAttributes(
       chromeos::CryptohomeClient* cryptohome_client);
   ~EnterpriseInstallAttributes();
 
-  // Reads data from the cache file which is created early during the boot
-  // process.  The cache file is used to work around slow cryptohome startup,
-  // which takes a while to register its DBus interface.  See
-  // http://crosbug.com/37367 for background on this.
-  void ReadCacheFile(const base::FilePath& cache_file);
+  // Tries to read install attributes from the cache file which is created early
+  // during the boot process.  The cache file is used to work around slow
+  // cryptohome startup, which takes a while to register its DBus interface.
+  // (See http://crosbug.com/37367 for background on this.)
+  void Init(const base::FilePath& cache_file);
 
   // Makes sure the local caches for enterprise-related install attributes are
   // up-to-date with what cryptohome has. This method checks the readiness of
   // attributes and read them if ready. Actual read will be performed in
   // ReadAttributesIfReady().
   void ReadImmutableAttributes(const base::Closure& callback);
 
   // Locks the device to be an enterprise device registered by the given user.
   // This can also be called after the lock has already been taken, in which
   // case it checks that the passed user agrees with the locked attribute.
-  // |callback| must not be null and is called with the result.
+  // |callback| must not be null and is called with the result.  Must not be
+  // called while a previous LockDevice() invocation is still pending.
   void LockDevice(const std::string& user,
                   DeviceMode device_mode,
                   const std::string& device_id,
                   const LockResultCallback& callback);
 
   // Checks whether this is an enterprise device.
   bool IsEnterpriseDevice();
 
   // Checks whether this is a consumer kiosk enabled device.
   bool IsConsumerKioskDeviceWithAutoLaunch();
 
   // Gets the domain this device belongs to or an empty string if the device is
   // not an enterprise device.
   std::string GetDomain();
 
   // Gets the user that registered the device. Returns an empty string if the
   // device is not an enterprise device.
   std::string GetRegistrationUser();
 
   // Gets the device id that was generated when the device was registered.
   // Returns an empty string if the device is not an enterprise device or the
   // device id was not stored in the lockbox (prior to R19).
   std::string GetDeviceId();
 
   // Gets the mode the device was enrolled to. The return value for devices that
   // are not locked yet will be DEVICE_MODE_UNKNOWN.
   DeviceMode GetMode();
 
  protected:
+  // True if install attributes have been read successfully.  False if read
+  // failed or no read attempt was made.
   bool device_locked_;
+
+  // Whether the TPM / install attributes consistency check is running.
+  bool consistency_check_running_;
+
+  // To be run after the consistency check has finished.
+  base::Closure post_check_action_;
+
+  // Wether the LockDevice() initiated TPM calls are running.
+  bool device_lock_running_;
+
   std::string registration_user_;
   std::string registration_domain_;
   std::string registration_device_id_;
   DeviceMode registration_mode_;
 
  private:
   FRIEND_TEST_ALL_PREFIXES(EnterpriseInstallAttributesTest,
                            DeviceLockedFromOlderVersion);
+  FRIEND_TEST_ALL_PREFIXES(EnterpriseInstallAttributesTest, Init);
   FRIEND_TEST_ALL_PREFIXES(EnterpriseInstallAttributesTest,
-                           ReadCacheFile);
-  FRIEND_TEST_ALL_PREFIXES(EnterpriseInstallAttributesTest,
-                           ReadCacheFileForConsumerKiosk);
+                           InitForConsumerKiosk);
   FRIEND_TEST_ALL_PREFIXES(EnterpriseInstallAttributesTest,
                            VerifyFakeInstallAttributesCache);
 
   // Constants for the possible device modes that can be stored in the lockbox.
   static const char kConsumerDeviceMode[];
   static const char kEnterpriseDeviceMode[];
   static const char kLegacyRetailDeviceMode[];
   static const char kConsumerKioskDeviceMode[];
   static const char kUnknownDeviceMode[];
 
@@ skipping 28 matching lines @@
       DeviceMode device_mode,
       const std::string& device_id,
       const LockResultCallback& callback,
       chromeos::DBusMethodCallStatus call_status,
       bool result);
 
   // Confirms the registered user and invoke the callback.
   void OnReadImmutableAttributes(const std::string& user,
                                  const LockResultCallback& callback);
 
+  // Check state of install attributes against TPM lock state and generate UMA
+  // for the result.  Asynchronously retry |dbus_retries| times in case of DBUS
+  // errors (cryptohomed startup is slow).
+  void TriggerConsistencyCheck(int dbus_retries);
+
+  // Callback for TpmIsOwned() DBUS call.  Generates UMA or schedules retry in
+  // case of DBUS error.
+  void OnTpmOwnerCheckCompleted(int dbus_retries_remaining,
+                                chromeos::DBusMethodCallStatus call_status,
+                                bool result);
+
   chromeos::CryptohomeClient* cryptohome_client_;
 
   base::WeakPtrFactory<EnterpriseInstallAttributes> weak_ptr_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(EnterpriseInstallAttributes);
 };
 
 }  // namespace policy
 
 #endif  // CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_