Read CrOS install attributes cache on startup.

chrome/browser/policy/enterprise_install_attributes.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/policy/enterprise_install_attributes.h"
 
+#include "base/file_util.h"
 #include "base/logging.h"
 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
+#include "chrome/browser/policy/proto/install_attributes.pb.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 
 namespace policy {
 
 namespace {
 // Constants for the possible device modes that can be stored in the lockbox.
 const char kConsumerDeviceMode[] = "consumer";
 const char kEnterpiseDeviceMode[] = "enterprise";
 const char kKioskDeviceMode[] = "kiosk";
 const char kUnknownDeviceMode[] = "unknown";
@@ skipping 28 matching lines @@
   if (mode == kConsumerDeviceMode)
     return DEVICE_MODE_CONSUMER;
   else if (mode == kEnterpiseDeviceMode)
     return DEVICE_MODE_ENTERPRISE;
   else if (mode == kKioskDeviceMode)
     return DEVICE_MODE_KIOSK;
   NOTREACHED() << "Unknown device mode string: " << mode;
   return DEVICE_MODE_NOT_SET;
 }
 
+bool ReadMapKey(const std::map<std::string, std::string>& map,
+                const std::string& key,
+                std::string* value) {
+  std::map<std::string, std::string>::const_iterator entry = map.find(key);
+  if (entry == map.end())
+    return false;
+
+  *value = entry->second;
+  return true;
+}
+
 }  // namespace
 
+// Cache file name.
+const FilePath::CharType EnterpriseInstallAttributes::kCacheFilePath[] =
+    FILE_PATH_LITERAL("/var/run/lockbox/install_attributes.pb");
+
 EnterpriseInstallAttributes::EnterpriseInstallAttributes(
     chromeos::CryptohomeLibrary* cryptohome)
     : cryptohome_(cryptohome),
+      attrs_read_(false),
       device_locked_(false),
       registration_mode_(DEVICE_MODE_PENDING) {}
 
+void EnterpriseInstallAttributes::ReadCacheFile(const FilePath& cache_file) {
+  attrs_read_ = true;
+  if (!file_util::PathExists(cache_file))
+    return;
+
+  device_locked_ = true;
+
+  char buf[16384];
+  int len = file_util::ReadFile(cache_file, buf, sizeof(buf));
+  if (len == -1 || len >= static_cast<int>(sizeof(buf))) {
+    PLOG(ERROR) << "Failed to read " << cache_file.value();
+    return;
+  }
+
+  cryptohome::SerializedInstallAttributes install_attrs_proto;
+  if (!install_attrs_proto.ParseFromArray(buf, len)) {
+    LOG(ERROR) << "Failed to parse install attributes cache";
+    return;
+  }
+
+  google::protobuf::RepeatedPtrField<
+      const cryptohome::SerializedInstallAttributes::Attribute>::iterator entry;
+  std::map<std::string, std::string> attr_map;
+  for (entry = install_attrs_proto.attributes().begin();
+       entry != install_attrs_proto.attributes().end();
+       ++entry) {
+    // The protobuf values unfortunately contain terminating null characters, so
+    // we have to sanitize the value here.
+    attr_map.insert(std::make_pair(entry->name(),

[Joao da Silva, 2013/01/17 19:53:25]

#include <utility>

[Mattias Nissler (ping if slow), 2013/01/17 20:34:43]

Done.

+                                   std::string(entry->value().c_str())));
+  }
+
+  DecodeInstallAttributes(attr_map);
+}
+
 EnterpriseInstallAttributes::LockResult EnterpriseInstallAttributes::LockDevice(
     const std::string& user,
     DeviceMode device_mode,
     const std::string& device_id) {
   CHECK_NE(device_mode, DEVICE_MODE_PENDING);
   CHECK_NE(device_mode, DEVICE_MODE_NOT_SET);
 
   std::string domain = gaia::ExtractDomainName(user);
 
   // Check for existing lock first.
@@ skipping 27 matching lines @@
   if (!cryptohome_->InstallAttributesSet(kAttrEnterpriseOwned, "true") ||
       !cryptohome_->InstallAttributesSet(kAttrEnterpriseUser, user) ||
       !cryptohome_->InstallAttributesSet(kAttrEnterpriseDomain, domain) ||
       !cryptohome_->InstallAttributesSet(kAttrEnterpriseMode, mode) ||
       !cryptohome_->InstallAttributesSet(kAttrEnterpriseDeviceId, device_id)) {
     LOG(ERROR) << "Failed writing attributes";
     return LOCK_BACKEND_ERROR;
   }
 
   if (!cryptohome_->InstallAttributesFinalize() ||
-      cryptohome_->InstallAttributesIsFirstInstall() ||
-      GetRegistrationUser() != user) {
+      cryptohome_->InstallAttributesIsFirstInstall()) {
     LOG(ERROR) << "Failed locking.";
     return LOCK_BACKEND_ERROR;
   }
 
+  ReadImmutableAttributes();
+  if (GetRegistrationUser() != user) {
+    LOG(ERROR) << "Locked data doesn't match";
+    return LOCK_BACKEND_ERROR;
+  }
+
   return LOCK_SUCCESS;
 }
 
 bool EnterpriseInstallAttributes::IsEnterpriseDevice() {
-  ReadImmutableAttributes();
   return device_locked_ && !registration_user_.empty();

[Joao da Silva, 2013/01/17 19:53:25]

CHECK(attrs_read_)?

[Mattias Nissler (ping if slow), 2013/01/17 20:34:43]

I removed the entire attrs_read_ stuff, wasn't much useful.

 }
 
 std::string EnterpriseInstallAttributes::GetRegistrationUser() {
-  ReadImmutableAttributes();
-
+  CHECK(attrs_read_);
   if (!device_locked_)
     return std::string();
 
   return registration_user_;
 }
 
 std::string EnterpriseInstallAttributes::GetDomain() {
+  CHECK(attrs_read_);
   if (!IsEnterpriseDevice())
     return std::string();
 
   return registration_domain_;
 }
 
 std::string EnterpriseInstallAttributes::GetDeviceId() {
+  CHECK(attrs_read_);
   if (!IsEnterpriseDevice())
     return std::string();
 
   return registration_device_id_;
 }
 
 DeviceMode EnterpriseInstallAttributes::GetMode() {
-  ReadImmutableAttributes();
+  CHECK(attrs_read_);
   return registration_mode_;
 }
 
 void EnterpriseInstallAttributes::ReadImmutableAttributes() {
   if (device_locked_)
     return;
 
   if (cryptohome_ && cryptohome_->InstallAttributesIsReady()) {
     registration_mode_ = DEVICE_MODE_NOT_SET;
     if (!cryptohome_->InstallAttributesIsInvalid() &&
         !cryptohome_->InstallAttributesIsFirstInstall()) {
+      attrs_read_ = true;

[Joao da Silva, 2013/01/17 19:53:25]

It's possible that locking the device fails and this flag is never set; the
getters will then CHECK.

Then again, ReadCacheFile is always called after creation; is the flag meant to
enforce that ReadCacheFile() is called before other operations?

[Mattias Nissler (ping if slow), 2013/01/17 20:34:43]

The flag was meant to catch reads before ReadCacheFile(), but now that I'm
calling this immediately after construction, there's really no point in
attrs_read_, so I removed it.

       device_locked_ = true;
-      std::string enterprise_owned;
-      std::string enterprise_user;
-      if (cryptohome_->InstallAttributesGet(kAttrEnterpriseOwned,
-                                            &enterprise_owned) &&
-          cryptohome_->InstallAttributesGet(kAttrEnterpriseUser,
-                                            &enterprise_user) &&
-          enterprise_owned == "true" &&
-          !enterprise_user.empty()) {
-        registration_user_ = gaia::CanonicalizeEmail(enterprise_user);
 
-        // Initialize the mode to the legacy enterprise mode here and update
-        // below if more information is present.
-        registration_mode_ = DEVICE_MODE_ENTERPRISE;
+      static const char* kEnterpriseAttributes[] = {
+        kAttrEnterpriseDeviceId,
+        kAttrEnterpriseDomain,
+        kAttrEnterpriseMode,
+        kAttrEnterpriseOwned,
+        kAttrEnterpriseUser,
+      };
+      std::map<std::string, std::string> attr_map;
+      for (size_t i = 0; i < arraysize(kEnterpriseAttributes); ++i) {
+        std::string value;
+        if (cryptohome_->InstallAttributesGet(kEnterpriseAttributes[i], &value))
+          attr_map[kEnterpriseAttributes[i]] = value;
+      }
 
-        // If we could extract basic setting we should try to extract the
-        // extended ones too. We try to set these to defaults as good as
-        // as possible if present, which could happen for device enrolled in
-        // pre 19 revisions of the code, before these new attributes were added.
-        if (cryptohome_->InstallAttributesGet(kAttrEnterpriseDomain,
-                                              &registration_domain_)) {
-          registration_domain_ = gaia::CanonicalizeDomain(registration_domain_);
-        } else {
-          registration_domain_ = gaia::ExtractDomainName(registration_user_);
-        }
-        if (!cryptohome_->InstallAttributesGet(kAttrEnterpriseDeviceId,
-                                               &registration_device_id_)) {
-          registration_device_id_.clear();
-        }
-        std::string mode;
-        if (cryptohome_->InstallAttributesGet(kAttrEnterpriseMode, &mode))
-          registration_mode_ = GetDeviceModeFromString(mode);
-      } else if (enterprise_user.empty() && enterprise_owned != "true") {
-        // |registration_user_| is empty on consumer devices.
-        registration_mode_ = DEVICE_MODE_CONSUMER;
-      }
+      DecodeInstallAttributes(attr_map);
     }
   }
 }
 
+void EnterpriseInstallAttributes::DecodeInstallAttributes(
+    const std::map<std::string, std::string>& attr_map) {
+  std::string enterprise_owned;
+  std::string enterprise_user;
+  if (ReadMapKey(attr_map, kAttrEnterpriseOwned, &enterprise_owned) &&
+      ReadMapKey(attr_map, kAttrEnterpriseUser, &enterprise_user) &&
+      enterprise_owned == "true" &&
+      !enterprise_user.empty()) {
+    registration_user_ = gaia::CanonicalizeEmail(enterprise_user);
+
+    // Initialize the mode to the legacy enterprise mode here and update
+    // below if more information is present.
+    registration_mode_ = DEVICE_MODE_ENTERPRISE;
+
+    // If we could extract basic setting we should try to extract the
+    // extended ones too. We try to set these to defaults as good as
+    // as possible if present, which could happen for device enrolled in
+    // pre 19 revisions of the code, before these new attributes were added.
+    if (ReadMapKey(attr_map, kAttrEnterpriseDomain, &registration_domain_))
+      registration_domain_ = gaia::CanonicalizeDomain(registration_domain_);
+    else
+      registration_domain_ = gaia::ExtractDomainName(registration_user_);
+
+    ReadMapKey(attr_map, kAttrEnterpriseDeviceId, &registration_device_id_);
+
+    std::string mode;
+    if (ReadMapKey(attr_map, kAttrEnterpriseMode, &mode))
+      registration_mode_ = GetDeviceModeFromString(mode);
+  } else if (enterprise_user.empty() && enterprise_owned != "true") {
+    // |registration_user_| is empty on consumer devices.
+    registration_mode_ = DEVICE_MODE_CONSUMER;
+  }
+}
+
 }  // namespace policy