Update FWMP in TPM

chrome/browser/chromeos/settings/install_attributes.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHROMEOS_SETTINGS_INSTALL_ATTRIBUTES_H_
 #define CHROME_BROWSER_CHROMEOS_SETTINGS_INSTALL_ATTRIBUTES_H_
 
 #include <map>
 #include <string>
 
@@ skipping 52 matching lines @@
   // kInstallAttributesFileName (created early during the boot process by
   // lockbox-cache) the install attributes are fully trusted.
   void Init(const base::FilePath& cache_file);
 
   // Makes sure the local caches for enterprise-related install attributes are
   // up to date with what cryptohome has. This method checks the readiness of
   // attributes and read them if ready. Actual read will be performed in
   // ReadAttributesIfReady().
   void ReadImmutableAttributes(const base::Closure& callback);
 
+  // Updates the firmware management parameters from TPM, storing the devmode
+  // flag according to |block_devmode|. Invokes |callback| when done. Must be
+  // called before LockDevice is done. Used to update TPM on enrollment.
+  void SetBlockDevmodeInTpm(
+      bool block_devmode,
+      const CryptohomeClient::ProtobufMethodCallback& callback);
+
   // Locks the device into |device_mode|.  Depending on |device_mode|, a
   // specific subset of |domain|, |realm| and |device_id| must be set.  Can also
   // be called after the lock has already been taken, in which case it checks
   // that the passed parameters fully agree with the locked attributes.
   // |callback| must not be null and is called with the result.  Must not be
   // called while a previous LockDevice() invocation is still pending.
   void LockDevice(policy::DeviceMode device_mode,
                   const std::string& domain,
                   const std::string& realm,
                   const std::string& device_id,
@@ skipping 21 matching lines @@
 
   // Return the realm this device belongs to or an empty string if the device is
   // not an AD enterprise device.
   std::string GetRealm() const { return registration_realm_; }
 
   // Return the device id that was generated when the device was registered.
   // Returns an empty string if the device is not an enterprise device or the
   // device id was not stored in the lockbox (prior to R19).
   std::string GetDeviceId() const { return registration_device_id_; }
 
+  // Return whether TPM is locked.
+  bool IsDeviceLocked() const { return device_locked_; }
+
  protected:
   // True if install attributes have been read successfully.  False if read
   // failed or no read attempt was made.
   bool device_locked_ = false;
 
   // Whether the TPM / install attributes consistency check is running.
   bool consistency_check_running_ = false;
 
   // To be run after the consistency check has finished.
   base::Closure post_check_action_;
@@ skipping 84 matching lines @@
   CryptohomeClient* cryptohome_client_;
 
   base::WeakPtrFactory<InstallAttributes> weak_ptr_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(InstallAttributes);
 };
 
 }  // namespace chromeos
 
 #endif  // CHROME_BROWSER_CHROMEOS_SETTINGS_INSTALL_ATTRIBUTES_H_