diff options
author | Utkarsh Sanghi <usanghi@google.com> | 2015-10-27 21:42:48 -0700 |
---|---|---|
committer | Utkarsh Sanghi <usanghi@google.com> | 2015-11-02 13:06:33 -0800 |
commit | 3d4bda022ae92db15a5b28ad9b22b8cede3fa7ea (patch) | |
tree | f78439af539e946cc8fca3e1cd0b2c75bca624b0 | |
parent | cabb381ef2970e1be85b1678381f8cac1b731401 (diff) | |
download | tpm_manager-brillo-m7-mr-dev.tar.gz |
tpm_manager: Add implementation for RemoveOwnerDependencybrillo-m7-releasebrillo-m7-mr-devbrillo-m7-dev
This CL adds the backend implementation to remove tpm owner
dependencies in TpmManager
Bug: 24059577
TEST=remove owner dependency on DUT and observe local data proto
Change-Id: I6bb008e28788c22a0a8f659c1335226c17468b7c
-rw-r--r-- | server/tpm_manager_service.cc | 30 | ||||
-rw-r--r-- | server/tpm_manager_service.h | 6 | ||||
-rw-r--r-- | server/tpm_manager_service_test.cc | 110 |
3 files changed, 143 insertions, 3 deletions
diff --git a/server/tpm_manager_service.cc b/server/tpm_manager_service.cc index fe56127..522792b 100644 --- a/server/tpm_manager_service.cc +++ b/server/tpm_manager_service.cc @@ -122,7 +122,35 @@ void TpmManagerService::RemoveOwnerDependencyTask( const RemoveOwnerDependencyRequest& request, const std::shared_ptr<RemoveOwnerDependencyReply>& result) { VLOG(1) << __func__; - result->set_status(STATUS_NOT_AVAILABLE); + LocalData local_data; + if (!local_data_store_->Read(&local_data)) { + result->set_status(STATUS_UNEXPECTED_DEVICE_ERROR); + return; + } + RemoveOwnerDependency(request.owner_dependency(), &local_data); + if (!local_data_store_->Write(local_data)) { + result->set_status(STATUS_UNEXPECTED_DEVICE_ERROR); + return; + } + result->set_status(STATUS_SUCCESS); +} + +void TpmManagerService::RemoveOwnerDependency( + const std::string& owner_dependency, LocalData* local_data) { + google::protobuf::RepeatedPtrField<std::string>* dependencies = + local_data->mutable_owner_dependency(); + for (int i = 0; i < dependencies->size(); i++) { + if (dependencies->Get(i) == owner_dependency) { + dependencies->SwapElements(i, (dependencies->size() - 1)); + dependencies->RemoveLast(); + break; + } + } + if (dependencies->empty()) { + local_data->clear_owner_password(); + local_data->clear_endorsement_password(); + local_data->clear_lockout_password(); + } } void TpmManagerService::DefineNvram(const DefineNvramRequest& request, diff --git a/server/tpm_manager_service.h b/server/tpm_manager_service.h index 9bf6c6d..b644a14 100644 --- a/server/tpm_manager_service.h +++ b/server/tpm_manager_service.h @@ -135,6 +135,12 @@ class TpmManagerService : public TpmNvramInterface, const RemoveOwnerDependencyRequest& request, const std::shared_ptr<RemoveOwnerDependencyReply>& result); + // Removes a |owner_dependency| from the list of owner dependencies in + // |local_data|. If |owner_dependency| is not present in |local_data|, + // this method does nothing. + static void RemoveOwnerDependency(const std::string& owner_dependency, + LocalData* local_data); + // Blocking implementation of DefineNvram that can be executed on the // background worker thread. void DefineNvramTask(const DefineNvramRequest& request, diff --git a/server/tpm_manager_service_test.cc b/server/tpm_manager_service_test.cc index 0ef9887..63e4c70 100644 --- a/server/tpm_manager_service_test.cc +++ b/server/tpm_manager_service_test.cc @@ -29,8 +29,17 @@ using testing::AtLeast; using testing::Invoke; using testing::NiceMock; using testing::Return; +using testing::SaveArg; using testing::SetArgPointee; +namespace { + +const char kOwnerPassword[] = "owner"; +const char kOwnerDependency[] = "owner_dependency"; +const char kOtherDependency[] = "other_dependency"; + +} + namespace tpm_manager { // A test fixture that takes care of message loop management and configuring a @@ -145,7 +154,7 @@ TEST_F(TpmManagerServiceTest, GetTpmStatusSuccess) { return true; })); LocalData local_data; - local_data.set_owner_password("test"); + local_data.set_owner_password(kOwnerPassword); EXPECT_CALL(mock_local_data_store_, Read(_)) .WillRepeatedly(DoAll(SetArgPointee<0>(local_data), Return(true))); @@ -153,7 +162,7 @@ TEST_F(TpmManagerServiceTest, GetTpmStatusSuccess) { EXPECT_EQ(STATUS_SUCCESS, reply.status()); EXPECT_TRUE(reply.enabled()); EXPECT_TRUE(reply.owned()); - EXPECT_EQ("test", reply.local_data().owner_password()); + EXPECT_EQ(kOwnerPassword, reply.local_data().owner_password()); EXPECT_EQ(5, reply.dictionary_attack_counter()); EXPECT_EQ(6, reply.dictionary_attack_threshold()); EXPECT_TRUE(reply.dictionary_attack_lockout_in_effect()); @@ -239,6 +248,103 @@ TEST_F(TpmManagerServiceTest, TakeOwnershipNoTpm) { Run(); } +TEST_F(TpmManagerServiceTest, RemoveOwnerDependencyReadFailure) { + EXPECT_CALL(mock_local_data_store_, Read(_)) + .WillRepeatedly(Return(false)); + auto callback = [this](const RemoveOwnerDependencyReply& reply) { + EXPECT_EQ(STATUS_UNEXPECTED_DEVICE_ERROR, reply.status()); + Quit(); + }; + RemoveOwnerDependencyRequest request; + request.set_owner_dependency(kOwnerDependency); + service_->RemoveOwnerDependency(request, base::Bind(callback)); + Run(); +} + +TEST_F(TpmManagerServiceTest, RemoveOwnerDependencyWriteFailure) { + EXPECT_CALL(mock_local_data_store_, Write(_)) + .WillRepeatedly(Return(false)); + auto callback = [this](const RemoveOwnerDependencyReply& reply) { + EXPECT_EQ(STATUS_UNEXPECTED_DEVICE_ERROR, reply.status()); + Quit(); + }; + RemoveOwnerDependencyRequest request; + request.set_owner_dependency(kOwnerDependency); + service_->RemoveOwnerDependency(request, base::Bind(callback)); + Run(); +} + +TEST_F(TpmManagerServiceTest, RemoveOwnerDependencyNotCleared) { + LocalData local_data; + local_data.set_owner_password(kOwnerPassword); + local_data.add_owner_dependency(kOwnerDependency); + local_data.add_owner_dependency(kOtherDependency); + EXPECT_CALL(mock_local_data_store_, Read(_)) + .WillOnce(DoAll(SetArgPointee<0>(local_data), + Return(true))); + EXPECT_CALL(mock_local_data_store_, Write(_)) + .WillOnce(DoAll(SaveArg<0>(&local_data), + Return(true))); + auto callback = [this, &local_data](const RemoveOwnerDependencyReply& reply) { + EXPECT_EQ(STATUS_SUCCESS, reply.status()); + EXPECT_EQ(1, local_data.owner_dependency_size()); + EXPECT_EQ(kOtherDependency, local_data.owner_dependency(0)); + EXPECT_TRUE(local_data.has_owner_password()); + EXPECT_EQ(kOwnerPassword, local_data.owner_password()); + Quit(); + }; + RemoveOwnerDependencyRequest request; + request.set_owner_dependency(kOwnerDependency); + service_->RemoveOwnerDependency(request, base::Bind(callback)); + Run(); +} + +TEST_F(TpmManagerServiceTest, RemoveOwnerDependencyCleared) { + LocalData local_data; + local_data.set_owner_password(kOwnerPassword); + local_data.add_owner_dependency(kOwnerDependency); + EXPECT_CALL(mock_local_data_store_, Read(_)) + .WillOnce(DoAll(SetArgPointee<0>(local_data), + Return(true))); + EXPECT_CALL(mock_local_data_store_, Write(_)) + .WillOnce(DoAll(SaveArg<0>(&local_data), + Return(true))); + auto callback = [this, &local_data](const RemoveOwnerDependencyReply& reply) { + EXPECT_EQ(STATUS_SUCCESS, reply.status()); + EXPECT_EQ(0, local_data.owner_dependency_size()); + EXPECT_FALSE(local_data.has_owner_password()); + Quit(); + }; + RemoveOwnerDependencyRequest request; + request.set_owner_dependency(kOwnerDependency); + service_->RemoveOwnerDependency(request, base::Bind(callback)); + Run(); +} + +TEST_F(TpmManagerServiceTest, RemoveOwnerDependencyNotPresent) { + LocalData local_data; + local_data.set_owner_password(kOwnerPassword); + local_data.add_owner_dependency(kOwnerDependency); + EXPECT_CALL(mock_local_data_store_, Read(_)) + .WillOnce(DoAll(SetArgPointee<0>(local_data), + Return(true))); + EXPECT_CALL(mock_local_data_store_, Write(_)) + .WillOnce(DoAll(SaveArg<0>(&local_data), + Return(true))); + auto callback = [this, &local_data](const RemoveOwnerDependencyReply& reply) { + EXPECT_EQ(STATUS_SUCCESS, reply.status()); + EXPECT_EQ(1, local_data.owner_dependency_size()); + EXPECT_EQ(kOwnerDependency, local_data.owner_dependency(0)); + EXPECT_TRUE(local_data.has_owner_password()); + EXPECT_EQ(kOwnerPassword, local_data.owner_password()); + Quit(); + }; + RemoveOwnerDependencyRequest request; + request.set_owner_dependency(kOtherDependency); + service_->RemoveOwnerDependency(request, base::Bind(callback)); + Run(); +} + TEST_F(TpmManagerServiceTest, DefineNvramFailure) { uint32_t nvram_index = 5; size_t nvram_length = 32; |