tpm_manager_service.h revision a94133441da308b30c6fe18cc4e2b866498ee401 
1//
2// Copyright (C) 2015 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17#ifndef TPM_MANAGER_SERVER_TPM_MANAGER_SERVICE_H_
18#define TPM_MANAGER_SERVER_TPM_MANAGER_SERVICE_H_
19
20#include <memory>
21
22#include <base/callback.h>
23#include <base/macros.h>
24#include <base/memory/weak_ptr.h>
25#include <base/threading/thread.h>
26#include <brillo/bind_lambda.h>
27
28#include "tpm_manager/common/tpm_nvram_interface.h"
29#include "tpm_manager/common/tpm_ownership_interface.h"
30#include "tpm_manager/server/local_data_store.h"
31#include "tpm_manager/server/tpm_initializer.h"
32#include "tpm_manager/server/tpm_nvram.h"
33#include "tpm_manager/server/tpm_status.h"
34#include "trunks/trunks_factory.h"
35
36namespace tpm_manager {
37
38// This class implements the core tpm_manager service. All Tpm access is
39// asynchronous, except for the initial setup in Initialize().
40// Usage:
41//   std::unique_ptr<TpmManagerService> tpm_manager = new TpmManagerService();
42//   CHECK(tpm_manager->Initialize());
43//   tpm_manager->GetTpmStatus(...);
44//
45// THREADING NOTES:
46// This class runs a worker thread and delegates all calls to it. This keeps the
47// public methods non-blocking while allowing complex implementation details
48// with dependencies on the TPM, network, and filesystem to be coded in a more
49// readable way. It also serves to serialize method execution which reduces
50// complexity with TPM state.
51//
52// Tasks that run on the worker thread are bound with base::Unretained which is
53// safe because the thread is owned by this class (so it is guaranteed not to
54// process a task after destruction). Weak pointers are used to post replies
55// back to the main thread.
56class TpmManagerService : public TpmNvramInterface,
57                          public TpmOwnershipInterface {
58 public:
59  // If |wait_for_ownership| is set, TPM initialization will be postponed until
60  // an explicit TakeOwnership request is received. Does not take ownership of
61  // |local_data_store|, |tpm_status| or |tpm_initializer|.
62  explicit TpmManagerService(bool wait_for_ownership,
63                             LocalDataStore* local_data_store,
64                             TpmStatus* tpm_status,
65                             TpmInitializer* tpm_initializer,
66                             TpmNvram* tpm_nvram);
67  ~TpmManagerService() override = default;
68
69  // Performs initialization tasks. This method must be called before calling
70  // any other method in this class. Returns true on success.
71  bool Initialize();
72
73  // TpmOwnershipInterface methods.
74  void GetTpmStatus(const GetTpmStatusRequest& request,
75                    const GetTpmStatusCallback& callback) override;
76  void TakeOwnership(const TakeOwnershipRequest& request,
77                     const TakeOwnershipCallback& callback) override;
78  void RemoveOwnerDependency(
79      const RemoveOwnerDependencyRequest& request,
80      const RemoveOwnerDependencyCallback& callback) override;
81
82  // TpmNvramInterface methods.
83  void DefineSpace(const DefineSpaceRequest& request,
84                   const DefineSpaceCallback& callback) override;
85  void DestroySpace(const DestroySpaceRequest& request,
86                    const DestroySpaceCallback& callback) override;
87  void WriteSpace(const WriteSpaceRequest& request,
88                  const WriteSpaceCallback& callback) override;
89  void ReadSpace(const ReadSpaceRequest& request,
90                 const ReadSpaceCallback& callback) override;
91  void LockSpace(const LockSpaceRequest& request,
92                 const LockSpaceCallback& callback) override;
93  void ListSpaces(const ListSpacesRequest& request,
94                  const ListSpacesCallback& callback) override;
95  void GetSpaceInfo(const GetSpaceInfoRequest& request,
96                    const GetSpaceInfoCallback& callback) override;
97
98 private:
99  // A relay callback which allows the use of weak pointer semantics for a reply
100  // to TaskRunner::PostTaskAndReply.
101  template <typename ReplyProtobufType>
102  void TaskRelayCallback(
103      const base::Callback<void(const ReplyProtobufType&)> callback,
104      const std::shared_ptr<ReplyProtobufType>& reply);
105
106  // This templated method posts the provided |TaskType| to the background
107  // thread with the provided |RequestProtobufType|. When |TaskType| finishes
108  // executing, the |ReplyCallbackType| is called with the |ReplyProtobufType|.
109  template <typename ReplyProtobufType,
110            typename RequestProtobufType,
111            typename ReplyCallbackType,
112            typename TaskType>
113  void PostTaskToWorkerThread(RequestProtobufType& request,
114                              ReplyCallbackType& callback,
115                              TaskType task);
116
117  // Synchronously initializes the TPM according to the current configuration.
118  // If an initialization process was interrupted it will be continued. If the
119  // TPM is already initialized or cannot yet be initialized, this method has no
120  // effect.
121  void InitializeTask();
122
123  // Blocking implementation of GetTpmStatus that can be executed on the
124  // background worker thread.
125  void GetTpmStatusTask(const GetTpmStatusRequest& request,
126                        const std::shared_ptr<GetTpmStatusReply>& result);
127
128  // Blocking implementation of TakeOwnership that can be executed on the
129  // background worker thread.
130  void TakeOwnershipTask(const TakeOwnershipRequest& request,
131                         const std::shared_ptr<TakeOwnershipReply>& result);
132
133  // Blocking implementation of RemoveOwnerDependency that can be executed on
134  // the background worker thread.
135  void RemoveOwnerDependencyTask(
136      const RemoveOwnerDependencyRequest& request,
137      const std::shared_ptr<RemoveOwnerDependencyReply>& result);
138
139  // Removes a |owner_dependency| from the list of owner dependencies in
140  // |local_data|. If |owner_dependency| is not present in |local_data|,
141  // this method does nothing.
142  static void RemoveOwnerDependency(const std::string& owner_dependency,
143                                    LocalData* local_data);
144
145  // Blocking implementation of DefineSpace that can be executed on the
146  // background worker thread.
147  void DefineSpaceTask(const DefineSpaceRequest& request,
148                       const std::shared_ptr<DefineSpaceReply>& result);
149
150  // Blocking implementation of DestroySpace that can be executed on the
151  // background worker thread.
152  void DestroySpaceTask(const DestroySpaceRequest& request,
153                        const std::shared_ptr<DestroySpaceReply>& result);
154
155  // Blocking implementation of WriteSpace that can be executed on the
156  // background worker thread.
157  void WriteSpaceTask(const WriteSpaceRequest& request,
158                      const std::shared_ptr<WriteSpaceReply>& result);
159
160  // Blocking implementation of ReadSpace that can be executed on the
161  // background worker thread.
162  void ReadSpaceTask(const ReadSpaceRequest& request,
163                     const std::shared_ptr<ReadSpaceReply>& result);
164
165  // Blocking implementation of LockSpace that can be executed on the
166  // background worker thread.
167  void LockSpaceTask(const LockSpaceRequest& request,
168                     const std::shared_ptr<LockSpaceReply>& result);
169
170  // Blocking implementation of ListSpaces that can be executed on the
171  // background worker thread.
172  void ListSpacesTask(const ListSpacesRequest& request,
173                      const std::shared_ptr<ListSpacesReply>& result);
174
175  // Blocking implementation of GetSpaceInfo that can be executed on the
176  // background worker thread.
177  void GetSpaceInfoTask(const GetSpaceInfoRequest& request,
178                        const std::shared_ptr<GetSpaceInfoReply>& result);
179
180  // Gets the owner password from local storage. Returns an empty string if the
181  // owner password is not available.
182  std::string GetOwnerPassword();
183
184  LocalDataStore* local_data_store_;
185  TpmStatus* tpm_status_;
186  TpmInitializer* tpm_initializer_;
187  TpmNvram* tpm_nvram_;
188  // Whether to wait for an explicit call to 'TakeOwnership' before initializing
189  // the TPM. Normally tracks the --wait_for_ownership command line option.
190  bool wait_for_ownership_;
191  // Background thread to allow processing of potentially lengthy TPM requests
192  // in the background.
193  std::unique_ptr<base::Thread> worker_thread_;
194  // Declared last so any weak pointers are destroyed first.
195  base::WeakPtrFactory<TpmManagerService> weak_factory_;
196
197  DISALLOW_COPY_AND_ASSIGN(TpmManagerService);
198};
199
200}  // namespace tpm_manager
201
202#endif  // TPM_MANAGER_SERVER_TPM_MANAGER_SERVICE_H_
203