Add UMA for consistency between TPM and install attributes.

chrome/browser/chromeos/policy/enterprise_install_attributes.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_
 #define CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_
 
 #include <map>
 #include <string>
 
@@ skipping 34 matching lines @@
   typedef base::Callback<void(LockResult lock_result)> LockResultCallback;
 
   // Return serialized InstallAttributes of an enterprise-owned configuration.
   static std::string GetEnterpriseOwnedInstallAttributesBlobForTesting(
       const std::string& user_name);
 
   explicit EnterpriseInstallAttributes(
       chromeos::CryptohomeClient* cryptohome_client);
   ~EnterpriseInstallAttributes();
 
-  // Reads data from the cache file which is created early during the boot
-  // process.  The cache file is used to work around slow cryptohome startup,
-  // which takes a while to register its DBus interface.  See
-  // http://crosbug.com/37367 for background on this.
-  void ReadCacheFile(const base::FilePath& cache_file);
+  // Tries to read install attributes from the cache file which is created early
+  // during the boot process.  The cache file is used to work around slow
+  // cryptohome startup, which takes a while to register its DBus interface.
+  // (See http://crosbug.com/37367 for background on this.)
+  void Init(const base::FilePath& cache_file);
 
   // Makes sure the local caches for enterprise-related install attributes are
   // up-to-date with what cryptohome has. This method checks the readiness of
   // attributes and read them if ready. Actual read will be performed in
   // ReadAttributesIfReady().
   void ReadImmutableAttributes(const base::Closure& callback);
 
   // Locks the device to be an enterprise device registered by the given user.
   // This can also be called after the lock has already been taken, in which
   // case it checks that the passed user agrees with the locked attribute.
@@ skipping 20 matching lines @@
   // Gets the device id that was generated when the device was registered.
   // Returns an empty string if the device is not an enterprise device or the
   // device id was not stored in the lockbox (prior to R19).
   std::string GetDeviceId();
 
   // Gets the mode the device was enrolled to. The return value for devices that
   // are not locked yet will be DEVICE_MODE_UNKNOWN.
   DeviceMode GetMode();
 
  protected:
+  // True if install attributes have been read successfully.  False if read
+  // failed or no read attempt was made.
   bool device_locked_;

[Mattias Nissler (ping if slow), 2015/06/24 08:34:39]

nit: blank line before comment.

[Thiemo Nagel, 2015/06/24 10:43:36]

Done.

+  // Whether the TPM / install attributes consistency check is running.
+  bool consistency_check_running_;

[Mattias Nissler (ping if slow), 2015/06/24 08:34:39]

nit: blank line before comment.

[Thiemo Nagel, 2015/06/24 10:43:36]

Done.

+  // To be run after the consistency check has finished.
+  base::Closure post_check_action_;

[Mattias Nissler (ping if slow), 2015/06/24 08:34:39]

nit: blank line here. The members below conceptually belong together as they
reflect the current state, but the post_check_action_ closure is separate.

[Thiemo Nagel, 2015/06/24 10:43:36]

Done.

   std::string registration_user_;
   std::string registration_domain_;
   std::string registration_device_id_;
   DeviceMode registration_mode_;
 
  private:
   FRIEND_TEST_ALL_PREFIXES(EnterpriseInstallAttributesTest,
                            DeviceLockedFromOlderVersion);
   FRIEND_TEST_ALL_PREFIXES(EnterpriseInstallAttributesTest,
                            ReadCacheFile);
@@ skipping 40 matching lines @@
       DeviceMode device_mode,
       const std::string& device_id,
       const LockResultCallback& callback,
       chromeos::DBusMethodCallStatus call_status,
       bool result);
 
   // Confirms the registered user and invoke the callback.
   void OnReadImmutableAttributes(const std::string& user,
                                  const LockResultCallback& callback);
 
+  // Check state of install attributes against TPM lock state and generate UMA
+  // for the result.  Asynchronously retry |dbus_tries| times in case of DBUS
+  // errors (cryptohomed startup is slow).
+  void TriggerConsistencyCheck(int dbus_tries);
+
+  // Callback for TpmIsOwned() DBUS call.  Generates UMA or schedules retry in
+  // case of DBUS error.
+  void OnTpmIsOwned(int dbus_tries_remaining,

[Mattias Nissler (ping if slow), 2015/06/24 08:34:39]

The name of this function is misleading. Should OnTpmOwnershipCheckCompleted or
something.

[Thiemo Nagel, 2015/06/24 10:43:36]

You're right.  Done.

+                    chromeos::DBusMethodCallStatus call_status,
+                    bool result);
+
   chromeos::CryptohomeClient* cryptohome_client_;
 
   base::WeakPtrFactory<EnterpriseInstallAttributes> weak_ptr_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(EnterpriseInstallAttributes);
 };
 
 }  // namespace policy
 
 #endif  // CHROME_BROWSER_CHROMEOS_POLICY_ENTERPRISE_INSTALL_ATTRIBUTES_H_