tpm_manager: Add TpmNvram interface

This CL adds the TpmNvram class interface. This class will be used to perform operations on TPM NVRAM, and to expose TPM backed NVRAM to clients of TpmManager via DBus. Bug: 24059574 TEST=None Change-Id: I367fd746785fc50ba83a34d51e4be96bb700c553
author: Utkarsh Sanghi <usanghi@google.com> 2015-09-14 17:47:22 -0700
committer: Utkarsh Sanghi <usanghi@google.com> 2015-09-22 19:37:19 +0000
commit: f86a34eaa3f556456d90b94f7af4c72bbab6f08f (patch)
tree: 3d98f7c8e9194e5e91e1f065e696bf23ada4e7cb
parent: 21637105867fb6b59a0864811f40d73aff944c19 (diff)
download: tpm-f86a34eaa3f556456d90b94f7af4c72bbab6f08f.tar.gz
4 files changed, 230 insertions, 0 deletions
diff --git a/server/mock_tpm_nvram.cc b/server/mock_tpm_nvram.cc
new file mode 100644
index 0000000..3a28776
--- /dev/null
+++ b/server/mock_tpm_nvram.cc
@@ -0,0 +1,106 @@
+//
+// Copyright (C) 2015 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#include "tpm_manager/server/mock_tpm_nvram.h"
+
+namespace tpm_manager {
+
+using testing::_;
+using testing::Invoke;
+using testing::Return;
+
+MockTpmNvram::MockTpmNvram() {
+  ON_CALL(*this, DefineNvram(_, _))
+      .WillByDefault(Invoke(this, &MockTpmNvram::FakeDefineNvram));
+  ON_CALL(*this, DestroyNvram(_))
+      .WillByDefault(Invoke(this, &MockTpmNvram::FakeDestroyNvram));
+  ON_CALL(*this, WriteNvram(_, _))
+      .WillByDefault(Invoke(this, &MockTpmNvram::FakeWriteNvram));
+  ON_CALL(*this, ReadNvram(_, _))
+      .WillByDefault(Invoke(this, &MockTpmNvram::FakeReadNvram));
+  ON_CALL(*this, IsNvramDefined(_))
+      .WillByDefault(Invoke(this, &MockTpmNvram::FakeIsNvramDefined));
+  ON_CALL(*this, IsNvramLocked(_))
+      .WillByDefault(Invoke(this, &MockTpmNvram::FakeIsNvramLocked));
+  ON_CALL(*this, GetNvramSize(_))
+      .WillByDefault(Invoke(this, &MockTpmNvram::FakeGetNvramSize));
+}
+
+MockTpmNvram::~MockTpmNvram() {}
+
+bool MockTpmNvram::FakeDefineNvram(uint32_t index, size_t length) {
+  if (length == 0) {
+    return false;
+  }
+  NvSpace ns;
+  ns.data.resize(length, "\xff");
+  ns.written = false;
+  nvram_map_[index] = ns;
+  return true;
+}
+
+bool MockTpmNvram::FakeDestroyNvram(uint32_t index) {
+  auto it = nvram_map_.find(index);
+  if (it == nvram_map_.end()) {
+    return false;
+  }
+  nvram_map_.erase(it);
+  return true;
+}
+
+bool MockTpmNvram::FakeWriteNvram(uint32_t index, const std::string& data) {
+  auto it = nvram_map_.find(index);
+  if (it == nvram_map_.end()) {
+    return false;
+  }
+  NvSpace& nv = it->second;
+  if (nv.written || nv.data.size() < data.size()) {
+    return false;
+  }
+  nv.data.replace(0, data.size(), data);
+  nv.written = true;
+  return true;
+}
+
+bool MockTpmNvram::FakeReadNvram(uint32_t index, std::string* data) {
+  auto it = nvram_map_.find(index);
+  if (it == nvram_map_.end()) {
+    return false;
+  }
+  const NvSpace& nv = it->second;
+  if (!nv.written) {
+    return false;
+  }
+  data->assign(nv.data);
+  return true;
+}
+
+bool MockTpmNvram::FakeIsNvramDefined(uint32_t index) {
+  return (nvram_map_.find(index) != nvram_map_.end());
+}
+
+bool MockTpmNvram::FakeIsNvramLocked(uint32_t index) {
+  return IsNvramDefined(index) && nvram_map_[index].written;
+}
+
+size_t MockTpmNvram::FakeGetNvramSize(uint32_t index) {
+  if (!IsNvramDefined(index)) {
+    return 0;
+  }
+  return nvram_map_[index].data.size();
+}
+
+}  // namespace tpm_manager
diff --git a/server/mock_tpm_nvram.h b/server/mock_tpm_nvram.h
new file mode 100644
index 0000000..57b06e7
--- /dev/null
+++ b/server/mock_tpm_nvram.h
@@ -0,0 +1,61 @@
+//
+// Copyright (C) 2015 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#ifndef TPM_MANAGER_SERVER_MOCK_TPM_NVRAM_H_
+#define TPM_MANAGER_SERVER_MOCK_TPM_NVRAM_H_
+
+#include "tpm_manager/server/tpm_nvram.h"
+
+#include <map>
+#include <string>
+
+#include <gmock/gmock.h>
+
+namespace tpm_manager {
+
+struct NvSpace {
+  std::string data;
+  bool written;
+};
+
+class MockTpmNvram : public TpmNvram {
+ public:
+  MockTpmNvram();
+  ~MockTpmNvram() override;
+
+  MOCK_METHOD2(DefineNvram, bool(uint32_t, size_t));
+  MOCK_METHOD1(DestroyNvram, bool(uint32_t));
+  MOCK_METHOD2(WriteNvram, bool(uint32_t, const std::string&));
+  MOCK_METHOD2(ReadNvram, bool(uint32_t, std::string*));
+  MOCK_METHOD1(IsNvramDefined, bool(uint32_t));
+  MOCK_METHOD1(IsNvramLocked, bool(uint32_t));
+  MOCK_METHOD1(GetNvramSize, size_t(uint32_t));
+
+ private:
+  bool FakeDefineNvram(uint32_t index, size_t length);
+  bool FakeDestroyNvram(uint32_t index);
+  bool FakeWriteNvram(uint32_t index, const std::string& data);
+  bool FakeReadNvram(uint32_t index, std::string* data);
+  bool FakeIsNvramDefined(uint32_t index);
+  bool FakeIsNvramLocked(uint32_t index);
+  size_t FakeGetNvramSize(uint32_t index);
+
+  std::map<uint32_t, NvSpace> nvram_map_;
+};
+
+}  // namespace tpm_manager
+
+#endif  // TPM_MANAGER_SERVER_MOCK_TPM_NVRAM_H_
diff --git a/server/tpm_nvram.h b/server/tpm_nvram.h
new file mode 100644
index 0000000..4de8ce0
--- /dev/null
+++ b/server/tpm_nvram.h
@@ -0,0 +1,62 @@
+//
+// Copyright (C) 2015 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#ifndef TPM_MANAGER_SERVER_TPM_NVRAM_H_
+#define TPM_MANAGER_SERVER_TPM_NVRAM_H_
+
+#include <string>
+
+namespace tpm_manager {
+
+// TpmNvram is an interface for accessing Nvram functionality on a Tpm.
+class TpmNvram {
+ public:
+  TpmNvram() = default;
+  virtual ~TpmNvram() = default;
+
+  // This method creates a NVRAM space in the TPM. Returns true iff
+  // the space was successfully created.
+  virtual bool DefineNvram(uint32_t index, size_t length) = 0;
+
+  // This method destroys a defined NVRAM space. Returns true iff the NVRAM
+  // space was successfully destroyed.
+  virtual bool DestroyNvram(uint32_t index) = 0;
+
+  // This method writes |data| to the NVRAM space defined by |index|. The size
+  // of |data| must be equal or less than the size of the NVRAM space. Returns
+  // true on success. Once written to, the NVRAM space is locked and cannot be
+  // written to again.
+  virtual bool WriteNvram(uint32_t index, const std::string& data) = 0;
+
+  // This method reads all the contents of the NVRAM space at |index| and writes
+  // it into |data|. Returns true on success.
+  virtual bool ReadNvram(uint32_t index, std::string* data) = 0;
+
+  // This method returns true iff |index| refers to a defined NVRAM space.
+  virtual bool IsNvramDefined(uint32_t index) = 0;
+
+  // This method returns true iff |index| refers to an NVRAM space that has
+  // been locked for writing.
+  virtual bool IsNvramLocked(uint32_t index) = 0;
+
+  // This method returns the size of the NVRAM space at |index|. Returns zero
+  // if the space is not defined.
+  virtual size_t GetNvramSize(uint32_t index) = 0;
+};
+
+}  // namespace tpm_manager
+
+#endif  // TPM_MANAGER_SERVER_TPM_NVRAM_H_
diff --git a/tpm_manager.gyp b/tpm_manager.gyp
index 3cbd567..01f715f 100644
--- a/tpm_manager.gyp
+++ b/tpm_manager.gyp
@@ -149,6 +149,7 @@
             'server/mock_local_data_store.cc',
             'server/mock_openssl_crypto_util.cc',
             'server/mock_tpm_initializer.cc',
+            'server/mock_tpm_nvram.cc',
             'server/mock_tpm_status.cc',
             'server/tpm_manager_service_test.cc',
             'tpm_manager_testrunner.cc',
author	Utkarsh Sanghi <usanghi@google.com>	2015-09-14 17:47:22 -0700
committer	Utkarsh Sanghi <usanghi@google.com>	2015-09-22 19:37:19 +0000
commit	f86a34eaa3f556456d90b94f7af4c72bbab6f08f (patch)
tree	3d98f7c8e9194e5e91e1f065e696bf23ada4e7cb
parent	21637105867fb6b59a0864811f40d73aff944c19 (diff)
download	tpm-f86a34eaa3f556456d90b94f7af4c72bbab6f08f.tar.gz