trunks: daemon should save contexts for transient objects on suspend |
||||||||||||
Issue descriptionWhen Chrome OS goes through suspend-to-memory, TPM goes through TPM Resume. Most of the state is preserved, but transient objects are flushed. Since the daemons like cryptohomed or attestationd are not aware that suspend happened, after resume that fail to find previously loaded objects (e.g. cryptohome key) and return errors on subsequent accesses to these objects (e.g. can fail to login). Resource manager in trunksd that already loads/unloads contexts for virtual objects as needed, should save contexts right before suspend. That'd allow to lazily load them when they are requested by the callers after resume.
,
Jan 31 2017
,
Feb 2 2017
,
Feb 2 2017
,
Feb 2 2017
Re #3: not sure it deserves Blocks-FSI, though M-57 is definitely the goal. The *known* cases are covered by CL 433337 already.
,
Feb 2 2017
,
Feb 6 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/tpm/+/93835c72f04700fbbf8df3819abd93604eb6f8b9 commit 93835c72f04700fbbf8df3819abd93604eb6f8b9 Author: Andrey Pronin <apronin@chromium.org> Date: Mon Feb 06 20:47:03 2017 trunks: handle suspend-resume TPM may be reset and all transient objects flushed when the system is suspended-to-memory. Saves context for all loaded transient objects when suspending, so that they are lazily reloaded after resume, and the callers of trunksd interface don't get "invalid handle" errors. To receive suspend-resume events subscribes to powerd notifications. CQ-DEPEND=CL:434124 BUG=chrome-os-partner:62370 BUG= chromium:687022 TEST=1) Boot, login, logout. 2) Go through suspend-to-S3 and resume: powerd_dbus_suspend --wakeup_timeout=3 3) Check the log for messages that indicate that trunksd received both events, and that the resource manager saved contexts for transient objects. 4) Verify that logging in is possible and doesn't lead to "Unable to get the cryptohome public key from the TPM" errors. Change-Id: I592f85eb2b83468d44b4daa33a6b2dc6c5bd650f Reviewed-on: https://chromium-review.googlesource.com/433922 Commit-Ready: Andrey Pronin <apronin@chromium.org> Tested-by: Andrey Pronin <apronin@chromium.org> Reviewed-by: Darren Krahn <dkrahn@chromium.org> [modify] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/trunks_dbus_service.h [modify] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/trunks_dbus_service.cc [modify] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/trunks.gyp [add] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/power_manager.cc [add] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/power_manager_test.cc [modify] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/resource_manager.h [modify] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/resource_manager_test.cc [modify] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/resource_manager.cc [add] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/mock_resource_manager.h [add] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/mock_dbus_object_proxy.h [modify] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/trunksd.cc [add] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/power_manager.h [add] https://crrev.com/93835c72f04700fbbf8df3819abd93604eb6f8b9/trunks/mock_power_manager_proxy.h
,
Feb 6 2017
Requesting merging CL:433922 bundled with small prep changes in CL:435548 and CL:434124, which it depends on. Will set a Merge-Request label there as well shortly. This only affects boards that run trunks, i.e. tpm2. This is the change referred to in http://crosbug.com/p/62370#c31
,
Feb 6 2017
,
Feb 6 2017
Approving merge to M57 Chrome OS.
,
Feb 7 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/1b830c5be00a54ea1673c46f12e4e9854a8eb94b commit 1b830c5be00a54ea1673c46f12e4e9854a8eb94b Author: Andrey Pronin <apronin@chromium.org> Date: Tue Feb 07 03:00:42 2017 trunks: add dependency on power_manager-client Trunks uses power_manager-client to subscribe to powerd events. With CL:433922, on suspend, trunksd saves transient objects, so that they are lazily re-loaded after resume. BUG=chrome-os-partner:62370 BUG= chromium:687022 TEST=see CL:433922 Change-Id: Ida3c6a8c5560bf532c8a4cc7842b954a8477adcd Reviewed-on: https://chromium-review.googlesource.com/434124 Commit-Ready: Andrey Pronin <apronin@chromium.org> Tested-by: Andrey Pronin <apronin@chromium.org> Reviewed-by: Darren Krahn <dkrahn@chromium.org> (cherry picked from commit 7886399733860be1af47fd1702c7a169fcf898db) Reviewed-on: https://chromium-review.googlesource.com/438718 Reviewed-by: Andrey Pronin <apronin@chromium.org> Commit-Queue: Andrey Pronin <apronin@chromium.org> [modify] https://crrev.com/1b830c5be00a54ea1673c46f12e4e9854a8eb94b/chromeos-base/trunks/trunks-9999.ebuild
,
Feb 7 2017
The following revision refers to this bug: https://chromium.googlesource.com/aosp/platform/system/tpm/+/585d427fefd9d48071197377a4576253c8ecd6ba commit 585d427fefd9d48071197377a4576253c8ecd6ba Author: Andrey Pronin <apronin@chromium.org> Date: Tue Feb 07 03:00:50 2017 trunks: handle suspend-resume TPM may be reset and all transient objects flushed when the system is suspended-to-memory. Saves context for all loaded transient objects when suspending, so that they are lazily reloaded after resume, and the callers of trunksd interface don't get "invalid handle" errors. To receive suspend-resume events subscribes to powerd notifications. CQ-DEPEND=CL:438718 BUG=chrome-os-partner:62370 BUG= chromium:687022 TEST=1) Boot, login, logout. 2) Go through suspend-to-S3 and resume: powerd_dbus_suspend --wakeup_timeout=3 3) Check the log for messages that indicate that trunksd received both events, and that the resource manager saved contexts for transient objects. 4) Verify that logging in is possible and doesn't lead to "Unable to get the cryptohome public key from the TPM" errors. Change-Id: I592f85eb2b83468d44b4daa33a6b2dc6c5bd650f Reviewed-on: https://chromium-review.googlesource.com/433922 Commit-Ready: Andrey Pronin <apronin@chromium.org> Tested-by: Andrey Pronin <apronin@chromium.org> Reviewed-by: Darren Krahn <dkrahn@chromium.org> (cherry picked from commit 93835c72f04700fbbf8df3819abd93604eb6f8b9) [modify] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/trunks_dbus_service.h [modify] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/trunks_dbus_service.cc [modify] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/trunks.gyp [add] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/power_manager.cc [add] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/power_manager_test.cc [modify] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/resource_manager.h [modify] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/resource_manager_test.cc [modify] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/resource_manager.cc [add] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/mock_resource_manager.h [add] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/mock_dbus_object_proxy.h [modify] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/trunksd.cc [add] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/power_manager.h [add] https://crrev.com/585d427fefd9d48071197377a4576253c8ecd6ba/trunks/mock_power_manager_proxy.h
,
Feb 7 2017
,
Aug 1 2017
,
Jan 22 2018
|
||||||||||||
►
Sign in to add a comment |
||||||||||||
Comment 1 by apronin@chromium.org
, Jan 31 2017