OLD | NEW |
1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Contains the implementation of class Mount | 5 // Contains the implementation of class Mount |
6 | 6 |
7 #include "mount.h" | 7 #include "mount.h" |
8 | 8 |
9 #include <errno.h> | 9 #include <errno.h> |
10 | 10 |
(...skipping 217 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
228 // If the mount was successful, set the status to indicate that the | 228 // If the mount was successful, set the status to indicate that the |
229 // cryptohome was recreated. | 229 // cryptohome was recreated. |
230 if (local_result && mount_error) { | 230 if (local_result && mount_error) { |
231 *mount_error = MOUNT_ERROR_RECREATED; | 231 *mount_error = MOUNT_ERROR_RECREATED; |
232 } | 232 } |
233 return local_result; | 233 return local_result; |
234 } | 234 } |
235 return false; | 235 return false; |
236 } | 236 } |
237 | 237 |
238 // TODO(glotov): the following code is deprecated. Remove it. | |
239 if (mount_args.replace_tracked_subdirectories) { | |
240 if (ReplaceTrackedSubdirectories(mount_args.tracked_subdirectories, | |
241 &serialized)) { | |
242 // If the tracked subdirectories changed, re-save the vault keyset | |
243 StoreVaultKeyset(credentials, serialized); | |
244 } | |
245 } | |
246 | |
247 crypto_->ClearKeyset(); | 238 crypto_->ClearKeyset(); |
248 | 239 |
249 // Add the decrypted key to the keyring so that ecryptfs can use it | 240 // Add the decrypted key to the keyring so that ecryptfs can use it |
250 string key_signature, fnek_signature; | 241 string key_signature, fnek_signature; |
251 if (!crypto_->AddKeyset(vault_keyset, &key_signature, &fnek_signature)) { | 242 if (!crypto_->AddKeyset(vault_keyset, &key_signature, &fnek_signature)) { |
252 LOG(INFO) << "Cryptohome mount failed because of keyring failure."; | 243 LOG(INFO) << "Cryptohome mount failed because of keyring failure."; |
253 if (mount_error) { | 244 if (mount_error) { |
254 *mount_error = MOUNT_ERROR_FATAL; | 245 *mount_error = MOUNT_ERROR_FATAL; |
255 } | 246 } |
256 return false; | 247 return false; |
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
357 } | 348 } |
358 | 349 |
359 bool Mount::CreateCryptohome(const Credentials& credentials, | 350 bool Mount::CreateCryptohome(const Credentials& credentials, |
360 const Mount::MountArgs& mount_args) const { | 351 const Mount::MountArgs& mount_args) const { |
361 int original_mask = platform_->SetMask(kDefaultUmask); | 352 int original_mask = platform_->SetMask(kDefaultUmask); |
362 | 353 |
363 // Create the user's entry in the shadow root | 354 // Create the user's entry in the shadow root |
364 FilePath user_dir(GetUserDirectory(credentials)); | 355 FilePath user_dir(GetUserDirectory(credentials)); |
365 file_util::CreateDirectory(user_dir); | 356 file_util::CreateDirectory(user_dir); |
366 | 357 |
367 // Generat a new master key | 358 // Generate a new master key |
368 VaultKeyset vault_keyset; | 359 VaultKeyset vault_keyset; |
369 vault_keyset.CreateRandom(*this); | 360 vault_keyset.CreateRandom(*this); |
370 SerializedVaultKeyset serialized; | 361 SerializedVaultKeyset serialized; |
371 ReplaceTrackedSubdirectories(mount_args.tracked_subdirectories, &serialized); | |
372 if (!AddVaultKeyset(credentials, vault_keyset, &serialized)) { | 362 if (!AddVaultKeyset(credentials, vault_keyset, &serialized)) { |
373 platform_->SetMask(original_mask); | 363 platform_->SetMask(original_mask); |
374 return false; | 364 return false; |
375 } | 365 } |
376 if (!StoreVaultKeyset(credentials, serialized)) { | 366 if (!StoreVaultKeyset(credentials, serialized)) { |
377 platform_->SetMask(original_mask); | 367 platform_->SetMask(original_mask); |
378 return false; | 368 return false; |
379 } | 369 } |
380 | 370 |
381 // Create the user's path and set the proper ownership | 371 // Create the user's path and set the proper ownership |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
481 } | 471 } |
482 file_util::Delete(tmp_migrated_dir, true); | 472 file_util::Delete(tmp_migrated_dir, true); |
483 } | 473 } |
484 } | 474 } |
485 | 475 |
486 // Restore the umask | 476 // Restore the umask |
487 platform_->SetMask(original_mask); | 477 platform_->SetMask(original_mask); |
488 return result; | 478 return result; |
489 } | 479 } |
490 | 480 |
491 bool Mount::ReplaceTrackedSubdirectories( | |
492 const std::vector<std::string>& tracked_subdirectories, | |
493 SerializedVaultKeyset* serialized) const { | |
494 std::set<std::string> existing; | |
495 for (int index = 0; index < serialized->tracked_subdirectories_size(); | |
496 ++index) { | |
497 existing.insert(serialized->tracked_subdirectories(index)); | |
498 } | |
499 bool new_exists = false; | |
500 for (std::vector<std::string>::const_iterator itr = | |
501 tracked_subdirectories.begin(); | |
502 itr != tracked_subdirectories.end(); | |
503 ++itr) { | |
504 if (!existing.erase(*itr)) { | |
505 new_exists = true; | |
506 } | |
507 } | |
508 // If there are any subdirectories that were in one set but not the other, | |
509 // then we need to replace | |
510 if (existing.size() || new_exists) { | |
511 serialized->clear_tracked_subdirectories(); | |
512 for (std::vector<std::string>::const_iterator itr = | |
513 tracked_subdirectories.begin(); | |
514 itr != tracked_subdirectories.end(); | |
515 ++itr) { | |
516 serialized->add_tracked_subdirectories(*itr); | |
517 } | |
518 return true; | |
519 } | |
520 return false; | |
521 } | |
522 | |
523 void Mount::CleanUnmountedTrackedSubdirectories() const { | 481 void Mount::CleanUnmountedTrackedSubdirectories() const { |
524 FilePath shadow_root(shadow_root_); | 482 FilePath shadow_root(shadow_root_); |
525 file_util::FileEnumerator dir_enumerator(shadow_root, false, | 483 file_util::FileEnumerator dir_enumerator(shadow_root, false, |
526 file_util::FileEnumerator::DIRECTORIES); | 484 file_util::FileEnumerator::DIRECTORIES); |
527 for (FilePath next_path = dir_enumerator.Next(); !next_path.empty(); | 485 for (FilePath next_path = dir_enumerator.Next(); !next_path.empty(); |
528 next_path = dir_enumerator.Next()) { | 486 next_path = dir_enumerator.Next()) { |
529 FilePath dir_name = next_path.BaseName(); | 487 FilePath dir_name = next_path.BaseName(); |
530 string str_dir_name = dir_name.value(); | 488 string str_dir_name = dir_name.value(); |
531 if (str_dir_name.length() != kUserDirNameLength) { | 489 if (str_dir_name.length() != kUserDirNameLength) { |
532 continue; | 490 continue; |
(...skipping 558 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1091 if (error) { | 1049 if (error) { |
1092 *error = Mount::MOUNT_ERROR_KEY_FAILURE; | 1050 *error = Mount::MOUNT_ERROR_KEY_FAILURE; |
1093 } | 1051 } |
1094 return false; | 1052 return false; |
1095 } | 1053 } |
1096 | 1054 |
1097 return true; | 1055 return true; |
1098 } | 1056 } |
1099 | 1057 |
1100 } // namespace cryptohome | 1058 } // namespace cryptohome |
OLD | NEW |