User policy for ecryptfs migration

Desktop / Chromium - Pavol Marko [chromium.org] - 20 July 2017 08:53 EDT

- Add user policy EcryptfsMigrationStrategy which controls ecryptfs to dircrypto cryptohome migration.- Implement a pre-signin policy fetch mechanism which tries to fetch cached policy first, and if there is valid cached policy, also tries to fetch fresh policy.- Wire up the pre-signin policy fetch into existing_user_controller.cc to decide what to do when a ecryptfs user home is detected.

Fetching cached policy is done by mounting cryptohome to a temporary location, reading policy from there, and then unmounting.

Fetching fresh policy is done using the dm_token/client_id from the cached policy with a fixed timeout.

TEST=unit_tests --gtest_filter=PreSigninPolicyFetcherTest* TEST=Manual test with ecryptfs cryptohome and YAPS BUG=722371

Change-Id: I040cf3626257447e4e0dd2c70cf2d10604cb1977 Reviewed-on: https://chromium-review.googlesource.com/564609 Commit-Queue: Pavol Marko

a02f6216 User policy for ecryptfs migration
chrome/browser/chromeos/BUILD.gn | 6 +
.../chromeos/login/existing_user_controller.cc | 183 ++++++++-
.../chromeos/login/existing_user_controller.h | 27 ++
.../policy/cached_policy_key_loader_chromeos.cc | 217 +++++++++++
.../policy/cached_policy_key_loader_chromeos.h | 106 +++++
.../cached_policy_key_loader_chromeos_unittest.cc | 207 ++++++++++
.../chromeos/policy/pre_signin_policy_fetcher.cc | 322 ++++++++++++++++
.../chromeos/policy/pre_signin_policy_fetcher.h | 164 ++++++++
.../policy/pre_signin_policy_fetcher_unittest.cc | 427 +++++++++++++++++++++
chrome/test/data/policy/policy_test_cases.json | 5 +
chromeos/dbus/fake_session_manager_client.cc | 9 +
chromeos/dbus/fake_session_manager_client.h | 3 +
chromeos/dbus/mock_session_manager_client.h | 3 +
chromeos/dbus/session_manager_client.cc | 28 ++
chromeos/dbus/session_manager_client.h | 6 +
components/policy/resources/policy_templates.json | 55 ++-
components/user_manager/user_manager_base.cc | 4 +
tools/metrics/histograms/enums.xml | 1 +
18 files changed, 1770 insertions(+), 3 deletions(-)

Upstream: git.chromium.org


  • Share