Add UMA for consistency between TPM and install attributes.

chrome/browser/chromeos/policy/enterprise_install_attributes.h

Index: chrome/browser/chromeos/policy/enterprise_install_attributes.h
diff --git a/chrome/browser/chromeos/policy/enterprise_install_attributes.h b/chrome/browser/chromeos/policy/enterprise_install_attributes.h
index bb9a681c721e037fa0a6f657d8de611f46748e2a..cbc89efa6db888dd424f33e9d960e5d2808ae383 100644
--- a/chrome/browser/chromeos/policy/enterprise_install_attributes.h
+++ b/chrome/browser/chromeos/policy/enterprise_install_attributes.h
@@ -52,11 +52,11 @@ class EnterpriseInstallAttributes {
       chromeos::CryptohomeClient* cryptohome_client);
   ~EnterpriseInstallAttributes();
 
-  // Reads data from the cache file which is created early during the boot
-  // process.  The cache file is used to work around slow cryptohome startup,
-  // which takes a while to register its DBus interface.  See
-  // http://crosbug.com/37367 for background on this.
-  void ReadCacheFile(const base::FilePath& cache_file);
+  // Tries to read install attributes from the cache file which is created early
+  // during the boot process.  The cache file is used to work around slow
+  // cryptohome startup, which takes a while to register its DBus interface.
+  // (See http://crosbug.com/37367 for background on this.)
+  void Init(const base::FilePath& cache_file);
 
   // Makes sure the local caches for enterprise-related install attributes are
   // up-to-date with what cryptohome has. This method checks the readiness of
@@ -67,7 +67,8 @@ class EnterpriseInstallAttributes {
   // Locks the device to be an enterprise device registered by the given user.
   // This can also be called after the lock has already been taken, in which
   // case it checks that the passed user agrees with the locked attribute.
-  // |callback| must not be null and is called with the result.
+  // |callback| must not be null and is called with the result.  Must not be
+  // called concurrently.

[Mattias Nissler (ping if slow), 2015/06/24 11:55:03]

nit: "Concurrently" isn't very specific, let's say "Must not be called while a
previous LockDevice invocation is still pending".

[Thiemo Nagel, 2015/06/24 12:49:52]

Done.

   void LockDevice(const std::string& user,
                   DeviceMode device_mode,
                   const std::string& device_id,
@@ -97,7 +98,18 @@ class EnterpriseInstallAttributes {
   DeviceMode GetMode();
 
  protected:
+  // True if install attributes have been read successfully.  False if read
+  // failed or no read attempt was made.
   bool device_locked_;
+
+  // Whether the TPM / install attributes consistency check is running.
+  bool consistency_check_running_;
+
+  // To be run after the consistency check has finished.
+  base::Closure post_check_action_;
+
+  // Wether the LockDevice() initiated TPM calls are running.
+  bool registration_running_;

[Mattias Nissler (ping if slow), 2015/06/24 11:55:03]

nit: Blank line here to separate bookkeeping information from attributes state.

[Thiemo Nagel, 2015/06/24 12:49:52]

Done.

   std::string registration_user_;
   std::string registration_domain_;
   std::string registration_device_id_;
@@ -158,6 +170,17 @@ class EnterpriseInstallAttributes {
   void OnReadImmutableAttributes(const std::string& user,
                                  const LockResultCallback& callback);
 
+  // Check state of install attributes against TPM lock state and generate UMA
+  // for the result.  Asynchronously retry |dbus_tries| times in case of DBUS
+  // errors (cryptohomed startup is slow).
+  void TriggerConsistencyCheck(int dbus_tries);
+
+  // Callback for TpmIsOwned() DBUS call.  Generates UMA or schedules retry in
+  // case of DBUS error.
+  void OnTpmOwnerCheckCompleted(int dbus_tries_remaining,
+                                chromeos::DBusMethodCallStatus call_status,
+                                bool result);
+
   chromeos::CryptohomeClient* cryptohome_client_;
 
   base::WeakPtrFactory<EnterpriseInstallAttributes> weak_ptr_factory_;