| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/tpm_token_loader.h" | 5 #include "chromeos/tpm_token_loader.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/location.h" | 10 #include "base/location.h" |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 base::TimeDelta next_delay = last_delay * 2; | 31 base::TimeDelta next_delay = last_delay * 2; |
| 32 | 32 |
| 33 // Cap the delay to prevent an overflow. This threshold is arbitrarily chosen. | 33 // Cap the delay to prevent an overflow. This threshold is arbitrarily chosen. |
| 34 const base::TimeDelta max_delay = | 34 const base::TimeDelta max_delay = |
| 35 base::TimeDelta::FromMilliseconds(kMaxRequestDelayMs); | 35 base::TimeDelta::FromMilliseconds(kMaxRequestDelayMs); |
| 36 if (next_delay > max_delay) | 36 if (next_delay > max_delay) |
| 37 next_delay = max_delay; | 37 next_delay = max_delay; |
| 38 return next_delay; | 38 return next_delay; |
| 39 } | 39 } |
| 40 | 40 |
| 41 void CallOpenPersistentNSSDB() { | |
| 42 // Called from crypto_task_runner_. | |
| 43 VLOG(1) << "CallOpenPersistentNSSDB"; | |
| 44 | |
| 45 // Ensure we've opened the user's key/certificate database. | |
| 46 if (base::SysInfo::IsRunningOnChromeOS()) | |
| 47 crypto::OpenPersistentNSSDB(); | |
| 48 crypto::EnableTPMTokenForNSS(); | |
| 49 } | |
| 50 | |
| 51 void PostResultToTaskRunner(scoped_refptr<base::SequencedTaskRunner> runner, | 41 void PostResultToTaskRunner(scoped_refptr<base::SequencedTaskRunner> runner, |
| 52 const base::Callback<void(bool)>& callback, | 42 const base::Callback<void(bool)>& callback, |
| 53 bool success) { | 43 bool success) { |
| 54 runner->PostTask(FROM_HERE, base::Bind(callback, success)); | 44 runner->PostTask(FROM_HERE, base::Bind(callback, success)); |
| 55 } | 45 } |
| 56 | 46 |
| 57 } // namespace | 47 } // namespace |
| 58 | 48 |
| 59 static TPMTokenLoader* g_tpm_token_loader = NULL; | 49 static TPMTokenLoader* g_tpm_token_loader = NULL; |
| 60 | 50 |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 133 CHECK(thread_checker_.CalledOnValidThread()); | 123 CHECK(thread_checker_.CalledOnValidThread()); |
| 134 | 124 |
| 135 // This is the entry point to the TPM token initialization process, | 125 // This is the entry point to the TPM token initialization process, |
| 136 // which we should do at most once. | 126 // which we should do at most once. |
| 137 if (tpm_token_state_ != TPM_STATE_UNKNOWN || !crypto_task_runner_.get()) | 127 if (tpm_token_state_ != TPM_STATE_UNKNOWN || !crypto_task_runner_.get()) |
| 138 return; | 128 return; |
| 139 | 129 |
| 140 if (!LoginState::IsInitialized()) | 130 if (!LoginState::IsInitialized()) |
| 141 return; | 131 return; |
| 142 | 132 |
| 143 bool start_initialization = LoginState::Get()->IsUserLoggedIn() || | 133 bool start_initialization = LoginState::Get()->IsUserLoggedIn(); |
| 144 LoginState::Get()->IsInSafeMode(); | |
| 145 | 134 |
| 146 VLOG(1) << "StartTokenInitialization: " << start_initialization; | 135 VLOG(1) << "StartTokenInitialization: " << start_initialization; |
| 147 if (!start_initialization) | 136 if (!start_initialization) |
| 148 return; | 137 return; |
| 149 | 138 |
| 150 if (!base::SysInfo::IsRunningOnChromeOS()) | 139 if (!base::SysInfo::IsRunningOnChromeOS()) |
| 151 tpm_token_state_ = TPM_DISABLED; | 140 tpm_token_state_ = TPM_DISABLED; |
| 152 | 141 |
| 153 // Treat TPM as disabled for guest users since they do not store certs. | 142 // Treat TPM as disabled for guest users since they do not store certs. |
| 154 if (LoginState::Get()->IsGuestUser()) | 143 if (LoginState::Get()->IsGuestUser()) |
| 155 tpm_token_state_ = TPM_DISABLED; | 144 tpm_token_state_ = TPM_DISABLED; |
| 156 | 145 |
| 157 ContinueTokenInitialization(); | 146 ContinueTokenInitialization(); |
| 158 | 147 |
| 159 DCHECK_NE(tpm_token_state_, TPM_STATE_UNKNOWN); | 148 DCHECK_NE(tpm_token_state_, TPM_STATE_UNKNOWN); |
| 160 } | 149 } |
| 161 | 150 |
| 162 void TPMTokenLoader::ContinueTokenInitialization() { | 151 void TPMTokenLoader::ContinueTokenInitialization() { |
| 163 CHECK(thread_checker_.CalledOnValidThread()); | 152 CHECK(thread_checker_.CalledOnValidThread()); |
| 164 VLOG(1) << "ContinueTokenInitialization: " << tpm_token_state_; | 153 VLOG(1) << "ContinueTokenInitialization: " << tpm_token_state_; |
| 165 | 154 |
| 166 switch (tpm_token_state_) { | 155 switch (tpm_token_state_) { |
| 167 case TPM_STATE_UNKNOWN: { | 156 case TPM_STATE_UNKNOWN: { |
| 168 crypto_task_runner_->PostTaskAndReply( | 157 crypto_task_runner_->PostTaskAndReply( |
| 169 FROM_HERE, | 158 FROM_HERE, |
| 170 base::Bind(&CallOpenPersistentNSSDB), | 159 base::Bind(&crypto::EnableTPMTokenForNSS), |
| 171 base::Bind(&TPMTokenLoader::OnPersistentNSSDBOpened, | 160 base::Bind(&TPMTokenLoader::OnTPMTokenEnabledForNSS, |
| 172 weak_factory_.GetWeakPtr())); | 161 weak_factory_.GetWeakPtr())); |
| 173 tpm_token_state_ = TPM_INITIALIZATION_STARTED; | 162 tpm_token_state_ = TPM_INITIALIZATION_STARTED; |
| 174 return; | 163 return; |
| 175 } | 164 } |
| 176 case TPM_INITIALIZATION_STARTED: { | 165 case TPM_INITIALIZATION_STARTED: { |
| 177 NOTREACHED(); | 166 NOTREACHED(); |
| 178 return; | 167 return; |
| 179 } | 168 } |
| 180 case TPM_DB_OPENED: { | 169 case TPM_TOKEN_ENABLED_FOR_NSS: { |
| 181 DBusThreadManager::Get()->GetCryptohomeClient()->TpmIsEnabled( | 170 DBusThreadManager::Get()->GetCryptohomeClient()->TpmIsEnabled( |
| 182 base::Bind(&TPMTokenLoader::OnTpmIsEnabled, | 171 base::Bind(&TPMTokenLoader::OnTpmIsEnabled, |
| 183 weak_factory_.GetWeakPtr())); | 172 weak_factory_.GetWeakPtr())); |
| 184 return; | 173 return; |
| 185 } | 174 } |
| 186 case TPM_DISABLED: { | 175 case TPM_DISABLED: { |
| 187 // TPM is disabled, so proceed with empty tpm token name. | 176 // TPM is disabled, so proceed with empty tpm token name. |
| 188 NotifyTPMTokenReady(); | 177 NotifyTPMTokenReady(); |
| 189 return; | 178 return; |
| 190 } | 179 } |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 225 CHECK(thread_checker_.CalledOnValidThread()); | 214 CHECK(thread_checker_.CalledOnValidThread()); |
| 226 LOG(WARNING) << "Retry token initialization later."; | 215 LOG(WARNING) << "Retry token initialization later."; |
| 227 base::MessageLoopProxy::current()->PostDelayedTask( | 216 base::MessageLoopProxy::current()->PostDelayedTask( |
| 228 FROM_HERE, | 217 FROM_HERE, |
| 229 base::Bind(&TPMTokenLoader::ContinueTokenInitialization, | 218 base::Bind(&TPMTokenLoader::ContinueTokenInitialization, |
| 230 weak_factory_.GetWeakPtr()), | 219 weak_factory_.GetWeakPtr()), |
| 231 tpm_request_delay_); | 220 tpm_request_delay_); |
| 232 tpm_request_delay_ = GetNextRequestDelayMs(tpm_request_delay_); | 221 tpm_request_delay_ = GetNextRequestDelayMs(tpm_request_delay_); |
| 233 } | 222 } |
| 234 | 223 |
| 235 void TPMTokenLoader::OnPersistentNSSDBOpened() { | 224 void TPMTokenLoader::OnTPMTokenEnabledForNSS() { |
| 236 VLOG(1) << "PersistentNSSDBOpened"; | 225 VLOG(1) << "TPMTokenEnabledForNSS"; |
| 237 tpm_token_state_ = TPM_DB_OPENED; | 226 tpm_token_state_ = TPM_TOKEN_ENABLED_FOR_NSS; |
| 238 ContinueTokenInitialization(); | 227 ContinueTokenInitialization(); |
| 239 } | 228 } |
| 240 | 229 |
| 241 void TPMTokenLoader::OnTpmIsEnabled(DBusMethodCallStatus call_status, | 230 void TPMTokenLoader::OnTpmIsEnabled(DBusMethodCallStatus call_status, |
| 242 bool tpm_is_enabled) { | 231 bool tpm_is_enabled) { |
| 243 VLOG(1) << "OnTpmIsEnabled: " << tpm_is_enabled; | 232 VLOG(1) << "OnTpmIsEnabled: " << tpm_is_enabled; |
| 244 | 233 |
| 245 if (call_status == DBUS_METHOD_CALL_SUCCESS && tpm_is_enabled) | 234 if (call_status == DBUS_METHOD_CALL_SUCCESS && tpm_is_enabled) |
| 246 tpm_token_state_ = TPM_ENABLED; | 235 tpm_token_state_ = TPM_ENABLED; |
| 247 else | 236 else |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 295 void TPMTokenLoader::NotifyTPMTokenReady() { | 284 void TPMTokenLoader::NotifyTPMTokenReady() { |
| 296 FOR_EACH_OBSERVER(Observer, observers_, OnTPMTokenReady()); | 285 FOR_EACH_OBSERVER(Observer, observers_, OnTPMTokenReady()); |
| 297 } | 286 } |
| 298 | 287 |
| 299 void TPMTokenLoader::LoggedInStateChanged() { | 288 void TPMTokenLoader::LoggedInStateChanged() { |
| 300 VLOG(1) << "LoggedInStateChanged"; | 289 VLOG(1) << "LoggedInStateChanged"; |
| 301 MaybeStartTokenInitialization(); | 290 MaybeStartTokenInitialization(); |
| 302 } | 291 } |
| 303 | 292 |
| 304 } // namespace chromeos | 293 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 317613004:
Remove usage of singleton software_slot_ in nss on ChromeOS (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src