| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/settings/install_attributes.h" | 5 #include "chrome/browser/chromeos/settings/install_attributes.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <utility> | 9 #include <utility> |
| 10 | 10 |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/files/file_util.h" | 12 #include "base/files/file_util.h" |
| 13 #include "base/location.h" | 13 #include "base/location.h" |
| 14 #include "base/logging.h" | 14 #include "base/logging.h" |
| 15 #include "base/macros.h" | 15 #include "base/macros.h" |
| 16 #include "base/metrics/histogram_base.h" | 16 #include "base/metrics/histogram_base.h" |
| 17 #include "base/metrics/histogram_macros.h" | 17 #include "base/metrics/histogram_macros.h" |
| 18 #include "base/single_thread_task_runner.h" | 18 #include "base/single_thread_task_runner.h" |
| 19 #include "base/threading/thread_task_runner_handle.h" | 19 #include "base/threading/thread_task_runner_handle.h" |
| 20 #include "base/time/time.h" | 20 #include "base/time/time.h" |
| 21 #include "chrome/browser/chromeos/policy/proto/install_attributes.pb.h" | 21 #include "chrome/browser/chromeos/policy/proto/install_attributes.pb.h" |
| 22 #include "chromeos/cryptohome/cryptohome_util.h" | 22 #include "chromeos/cryptohome/cryptohome_util.h" |
| 23 #include "chromeos/dbus/cryptohome/rpc.pb.h" |
| 23 #include "chromeos/dbus/dbus_thread_manager.h" | 24 #include "chromeos/dbus/dbus_thread_manager.h" |
| 24 #include "google_apis/gaia/gaia_auth_util.h" | 25 #include "google_apis/gaia/gaia_auth_util.h" |
| 26 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 25 | 27 |
| 26 namespace chromeos { | 28 namespace chromeos { |
| 27 | 29 |
| 28 namespace cu = cryptohome_util; | 30 namespace cu = cryptohome_util; |
| 29 | 31 |
| 30 namespace { | 32 namespace { |
| 31 | 33 |
| 32 // Number of TPM lock state query retries during consistency check. | 34 // Number of TPM lock state query retries during consistency check. |
| 33 int kDbusRetryCount = 12; | 35 int kDbusRetryCount = 12; |
| 34 | 36 |
| (...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 179 if (cu::InstallAttributesGet(kEnterpriseAttributes[i], &value)) | 181 if (cu::InstallAttributesGet(kEnterpriseAttributes[i], &value)) |
| 180 attr_map[kEnterpriseAttributes[i]] = value; | 182 attr_map[kEnterpriseAttributes[i]] = value; |
| 181 } | 183 } |
| 182 | 184 |
| 183 DecodeInstallAttributes(attr_map); | 185 DecodeInstallAttributes(attr_map); |
| 184 } | 186 } |
| 185 } | 187 } |
| 186 callback.Run(); | 188 callback.Run(); |
| 187 } | 189 } |
| 188 | 190 |
| 191 void InstallAttributes::SetBlockDevmodeInTpm( |
| 192 bool block_devmode, |
| 193 const CryptohomeClient::ProtobufMethodCallback& callback) { |
| 194 DCHECK(!callback.is_null()); |
| 195 DCHECK(!device_locked_); |
| 196 |
| 197 cryptohome::SetFirmwareManagementParametersRequest request; |
| 198 // Set the flags, according to enum FirmwareManagementParametersFlags from |
| 199 // rpc.proto if devmode is blocked. |
| 200 if (block_devmode) { |
| 201 request.set_flags( |
| 202 cryptohome::DEVELOPER_DISABLE_BOOT | |
| 203 cryptohome::DEVELOPER_DISABLE_CASE_CLOSED_DEBUGGING_UNLOCK); |
| 204 } |
| 205 |
| 206 cryptohome_client_->AsyncTpmUpdateFirmwareManagementParameters( |
| 207 cryptohome::kCryptohomeSetFirmwareManagementParameters, request, |
| 208 callback); |
| 209 } |
| 210 |
| 211 void InstallAttributes::RemoveFwmpInTpm( |
| 212 const CryptohomeClient::ProtobufMethodCallback& callback) { |
| 213 DCHECK(!callback.is_null()); |
| 214 DCHECK(!device_locked_); |
| 215 |
| 216 cryptohome::RemoveFirmwareManagementParametersRequest request; |
| 217 cryptohome_client_->AsyncTpmUpdateFirmwareManagementParameters( |
| 218 cryptohome::kCryptohomeRemoveFirmwareManagementParameters, request, |
| 219 callback); |
| 220 } |
| 221 |
| 189 void InstallAttributes::LockDevice(policy::DeviceMode device_mode, | 222 void InstallAttributes::LockDevice(policy::DeviceMode device_mode, |
| 190 const std::string& domain, | 223 const std::string& domain, |
| 191 const std::string& realm, | 224 const std::string& realm, |
| 192 const std::string& device_id, | 225 const std::string& device_id, |
| 193 const LockResultCallback& callback) { | 226 const LockResultCallback& callback) { |
| 194 CHECK((device_mode == policy::DEVICE_MODE_ENTERPRISE && | 227 CHECK((device_mode == policy::DEVICE_MODE_ENTERPRISE && |
| 195 !domain.empty() && realm.empty() && !device_id.empty()) || | 228 !domain.empty() && realm.empty() && !device_id.empty()) || |
| 196 (device_mode == policy::DEVICE_MODE_ENTERPRISE_AD && | 229 (device_mode == policy::DEVICE_MODE_ENTERPRISE_AD && |
| 197 domain.empty() && !realm.empty() && !device_id.empty()) || | 230 domain.empty() && !realm.empty() && !device_id.empty()) || |
| 198 (device_mode == policy::DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH && | 231 (device_mode == policy::DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH && |
| (...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 535 return; | 568 return; |
| 536 } | 569 } |
| 537 | 570 |
| 538 WarnIfNonempty(attr_map, kAttrConsumerKioskEnabled); | 571 WarnIfNonempty(attr_map, kAttrConsumerKioskEnabled); |
| 539 if (user_deprecated.empty()) { | 572 if (user_deprecated.empty()) { |
| 540 registration_mode_ = policy::DEVICE_MODE_CONSUMER; | 573 registration_mode_ = policy::DEVICE_MODE_CONSUMER; |
| 541 } | 574 } |
| 542 } | 575 } |
| 543 | 576 |
| 544 } // namespace chromeos | 577 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2727713003:
Update FWMP in TPM (Closed)
