1# Lint as: python2, python3 2# Copyright 2014 The Chromium OS Authors. All rights reserved. 3# Use of this source code is governed by a BSD-style license that can be 4# found in the LICENSE file. 5 6import logging, os 7import time 8 9from autotest_lib.client.common_lib import error 10from autotest_lib.client.cros import constants 11 12 13_RM_FILES = ['/home/chronos/.oobe_completed', 14 '/home/chronos/Local\ State', 15 '/var/cache/shill/default.profile'] 16# TODO(b/187793661) Delete /var/lib/whitelist once migration is finished. 17_RM_DIRS = [ 18 '/home/.shadow/*', 19 os.path.join(constants.DEVICESETTINGS_DIR, '*'), 20 '/var/lib/whitelist/*', 21 '/var/cache/app_pack', 22 '/var/lib/tpm', 23] 24 25 26class NoTPMPasswordException(Exception): 27 """No TPM Password could be found.""" 28 pass 29 30 31def TPMStatus(client): 32 """Returns a dictionary with TPM status. 33 34 @param client: client object to run commands on. 35 """ 36 out = client.run('tpm_manager_client status --nonsensitive').stdout.strip() 37 lines = out.split('\n')[1:-1] 38 status = {} 39 for item in lines: 40 item = item.split(':') 41 if not item[0]: 42 continue 43 if len(item) == 1: 44 item.append('') 45 item = [x.strip() for x in item] 46 item[1] = True if item[1] == 'true' else item[1] 47 item[1] = False if item[1] == 'false' else item[1] 48 status[item[0]] = item[1] 49 return status 50 51 52def ClearTPMServer(client, out_dir): 53 """Clears the TPM and reboots from a server-side autotest. 54 55 @param client: client object to run commands on. 56 @param out_dir: temporary directory. 57 """ 58 client.run('stop ui') 59 ClearTPMOwnerRequest(client) 60 61 62def ClearTPMOwnerRequest(client, wait_for_ready=False, timeout=60): 63 """Clears the TPM using crossystem command. 64 65 @param client: client object to run commands on. 66 @param wait_for_ready: wait until the TPM status is ready 67 @param timeout: number of seconds to wait for the TPM to become ready. 68 """ 69 ownership_id = client.run('hwsec-ownership-id id') 70 if not ownership_id.exit_status == 0: 71 raise error.TestFail('Unable to get ownership ID.') 72 73 ownership_id = ownership_id.stdout.strip() 74 75 logging.info('Sending Clear TPM owner request') 76 client.run('crossystem clear_tpm_owner_request=1') 77 CleanupAndReboot(client) 78 79 if wait_for_ready: 80 status = 1 81 end_time = time.time() + timeout 82 # Wait for the ownership ID changed. 83 while status != 0 and time.time() < end_time: 84 status = client.run('hwsec-ownership-id diff id=' + ownership_id, 85 ignore_status=True).exit_status 86 time.sleep(1) 87 if status != 0: 88 raise error.TestFail('Failed to clear TPM.') 89 90 91def ClearTPMIfOwned(client): 92 """Clear the TPM only if device is already owned. 93 94 @param client: client object to run commands on.""" 95 tpm_status = TPMStatus(client) 96 logging.info('TPM status: %s', tpm_status) 97 if tpm_status['is_owned']: 98 logging.info('Clearing TPM because this device is owned.') 99 ClearTPMOwnerRequest(client) 100 101 102def CleanupAndReboot(client): 103 """Cleanup and reboot the device. 104 105 @param client: client object to run commands on. 106 """ 107 full_rm = 'sudo rm -rf ' + ' '.join(_RM_FILES + _RM_DIRS) 108 client.run(full_rm, ignore_status=True) 109 client.run('sync', ignore_status=True) 110 client.reboot() 111 112 113def FwmpIsAllZero(get_fwmp_output): 114 """Check if firmware management parameters are all zero. 115 116 @param get_fwmp_output: output from the command 117 'cryptohome --action=get_firmware_management_parameters'. 118 """ 119 return ('flags=0x00000000' in get_fwmp_output and 120 'hash=0000000000000000000000000000000000000000000000000000000000000000' 121 in get_fwmp_output) 122