Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(231)

Side by Side Diff: mount.h

Issue 2645008: Update on feedback, update dbus API, add unit tests. TEST=manual,unit,BVT BUG=3628 323 (Closed) Base URL: ssh://git@chromiumos-git/cryptohome.git
Patch Set: Address second round of feedback. Created 10 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « mock_mount.h ('k') | mount.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved. 1 // Copyright (c) 2009-2010 The Chromium OS Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // Mount - class for managing cryptohome user keys and mounts. In Chrome OS, 5 // Mount - class for managing cryptohome user keys and mounts. In Chrome OS,
6 // users are managed on top of a shared unix user, chronos. When a user logs 6 // users are managed on top of a shared unix user, chronos. When a user logs
7 // in, cryptohome mounts their encrypted home directory to /home/chronos/user, 7 // in, cryptohome mounts their encrypted home directory to /home/chronos/user,
8 // and Chrome does a profile switch to that directory. All user data in their 8 // and Chrome does a profile switch to that directory. All user data in their
9 // home directory is transparently encrypted, providing protection against 9 // home directory is transparently encrypted, providing protection against
10 // offline theft. On logout, the mount point is removed. 10 // offline theft. On logout, the mount point is removed.
(...skipping 26 matching lines...) Expand all
37 // 37 //
38 // Offline login and screen unlock is processed through cryptohome using a test 38 // Offline login and screen unlock is processed through cryptohome using a test
39 // decryption of any of the user's master keys using the passkey provided. 39 // decryption of any of the user's master keys using the passkey provided.
40 // 40 //
41 // A user's cryptohome is automatically created when the vault directory for the 41 // A user's cryptohome is automatically created when the vault directory for the
42 // user does not exist and the cryptohome service gets a call to mount the 42 // user does not exist and the cryptohome service gets a call to mount the
43 // user's home directory. 43 // user's home directory.
44 // 44 //
45 // Passkey change: <TBD> 45 // Passkey change: <TBD>
46 46
47 #ifndef MOUNT_H_ 47 #ifndef CRYPTOHOME_MOUNT_H_
48 #define MOUNT_H_ 48 #define CRYPTOHOME_MOUNT_H_
49 49
50 #include "base/basictypes.h" 50 #include <base/basictypes.h>
51 #include "base/file_path.h" 51 #include <base/file_path.h>
52 #include "cryptohome/credentials.h" 52 #include <base/scoped_ptr.h>
53 #include "cryptohome/secure_blob.h" 53
54 #include "cryptohome/vault_keyset.h" 54 #include "credentials.h"
55 #include "crypto.h"
56 #include "platform.h"
57 #include "secure_blob.h"
58 #include "vault_keyset.h"
55 59
56 namespace cryptohome { 60 namespace cryptohome {
57 61
58 // Default entropy source is used to seed openssl's random number generator
59 extern const std::string kDefaultEntropySource;
60 // The directory to mount the user's cryptohome at 62 // The directory to mount the user's cryptohome at
61 extern const std::string kDefaultHomeDir; 63 extern const std::string kDefaultHomeDir;
62 // The directory containing the system salt and the user vaults 64 // The directory containing the system salt and the user vaults
63 extern const std::string kDefaultShadowRoot; 65 extern const std::string kDefaultShadowRoot;
64 // The default shared user (chronos) 66 // The default shared user (chronos)
65 extern const std::string kDefaultSharedUser; 67 extern const std::string kDefaultSharedUser;
66 // The default skeleton source (/etc/skel) 68 // The default skeleton source (/etc/skel)
67 extern const std::string kDefaultSkeletonSource; 69 extern const std::string kDefaultSkeletonSource;
68 // The incognito user 70 // The incognito user
69 extern const std::string kIncognitoUser; 71 extern const std::string kIncognitoUser;
70 // Where to find mtab
71 extern const std::string kMtab;
72 // Openssl-encrypted files start with "Salted__" and an 8-byte salt
73 extern const std::string kOpenSSLMagic;
74 72
75 // The Mount class handles mounting/unmounting of the user's cryptohome 73 // The Mount class handles mounting/unmounting of the user's cryptohome
76 // directory as well as offline verification of the user's credentials against 74 // directory as well as offline verification of the user's credentials against
77 // the directory's crypto key. 75 // the directory's crypto key.
78 class Mount : public EntropySource { 76 class Mount : public EntropySource {
79 public: 77 public:
80 enum MountError { 78 enum MountError {
81 MOUNT_ERROR_NONE = 0, 79 MOUNT_ERROR_NONE = 0,
82 MOUNT_ERROR_FATAL = 1 << 0, 80 MOUNT_ERROR_FATAL = 1 << 0,
83 MOUNT_ERROR_KEY_FAILURE = 1 << 1, 81 MOUNT_ERROR_KEY_FAILURE = 1 << 1,
82 MOUNT_ERROR_MOUNT_POINT_BUSY = 1 << 2,
83 MOUNT_ERROR_NO_SUCH_FILE = 1 << 3,
84 }; 84 };
85 85
86 // Sets up Mount with the default locations, username, etc., as defined above. 86 // Sets up Mount with the default locations, username, etc., as defined above.
87 Mount(); 87 Mount();
88 88
89 // Sets up Mount with non-default locations
90 explicit Mount(const std::string& username, const std::string& entropy_source,
91 const std::string& home_dir, const std::string& shadow_root,
92 const std::string& skel_source);
93
94 virtual ~Mount(); 89 virtual ~Mount();
95 90
96 // Gets the uid/gid of the default user and loads the system salt 91 // Gets the uid/gid of the default user and loads the system salt
97 virtual bool Init(); 92 virtual bool Init();
98 93
99 // Attempts to mount the cryptohome for the given credentials 94 // Attempts to mount the cryptohome for the given credentials
100 // 95 //
101 // Parameters 96 // Parameters
102 // credentials - The Credentials representing the user 97 // credentials - The Credentials representing the user
103 // index - The key index to try 98 // index - The key index to try
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
136 virtual bool TestCredentials(const Credentials& credentials); 131 virtual bool TestCredentials(const Credentials& credentials);
137 132
138 // Migrages a user's vault key from one passkey to another 133 // Migrages a user's vault key from one passkey to another
139 // 134 //
140 // Parameters 135 // Parameters
141 // credentials - The new Credentials for the user 136 // credentials - The new Credentials for the user
142 // from_key - The old Credentials 137 // from_key - The old Credentials
143 virtual bool MigratePasskey(const Credentials& credentials, 138 virtual bool MigratePasskey(const Credentials& credentials,
144 const char* old_key); 139 const char* old_key);
145 140
146 // Mounts an incognito home directory to the cryptohome mount point 141 // Mounts a guest home directory to the cryptohome mount point
147 virtual bool MountIncognitoCryptohome(); 142 virtual bool MountGuestCryptohome();
148 143
149 // Returns the system salt 144 // Returns the system salt
150 virtual SecureBlob GetSystemSalt(); 145 virtual void GetSystemSalt(chromeos::Blob* salt);
151 146
152 // Used to disable setting vault ownership 147 // Used to disable setting vault ownership
153 void set_set_vault_ownership(bool value) { 148 void set_set_vault_ownership(bool value) {
154 set_vault_ownership_ = value; 149 set_vault_ownership_ = value;
155 } 150 }
156 151
152 // Used to override the default home directory
153 void set_home_dir(const std::string& value) {
154 home_dir_ = value;
155 }
156
157 // Used to override the default shadow root
158 void set_shadow_root(const std::string& value) {
159 shadow_root_ = value;
160 }
161
162 // Used to override the default shared username
163 void set_shared_user(const std::string& value) {
164 default_username_ = value;
165 }
166
167 // Used to override the default skeleton directory
168 void set_skel_source(const std::string& value) {
169 skel_source_ = value;
170 }
171
172 // Used to override the default Crypto handler (does not take ownership)
173 void set_crypto(Crypto* value) {
174 crypto_ = value;
175 }
176
177 // Used to override the default Platform handler (does not take ownership)
178 void set_platform(Platform* value) {
179 platform_ = value;
180 }
181
157 private: 182 private:
158 // Checks if the cryptohome vault exists for the given credentials and creates 183 // Checks if the cryptohome vault exists for the given credentials and creates
159 // it if not (calls CreateCryptohome). 184 // it if not (calls CreateCryptohome).
160 // 185 //
161 // Parameters 186 // Parameters
162 // credentials - The Credentials representing the user whose cryptohome 187 // credentials - The Credentials representing the user whose cryptohome
163 // should be ensured. 188 // should be ensured.
164 // created (OUT) - Whether the cryptohome was created 189 // created (OUT) - Whether the cryptohome was created
165 virtual bool EnsureCryptohome(const Credentials& credentials, 190 virtual bool EnsureCryptohome(const Credentials& credentials,
166 bool* created); 191 bool* created);
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after
228 // length - The number of random bytes to return 253 // length - The number of random bytes to return
229 void GetSecureRandom(unsigned char *rand, int length) const; 254 void GetSecureRandom(unsigned char *rand, int length) const;
230 255
231 // Creates a new master key and stores it in the master key file for a user 256 // Creates a new master key and stores it in the master key file for a user
232 // 257 //
233 // Parameters 258 // Parameters
234 // credentials - The Credentials representing the user 259 // credentials - The Credentials representing the user
235 // index - the key index to generate 260 // index - the key index to generate
236 bool CreateMasterKey(const Credentials& credentials, int index); 261 bool CreateMasterKey(const Credentials& credentials, int index);
237 262
238 // Converts the passkey to a symmetric key used to decrypt the user's
239 // cryptohome key.
240 //
241 // Parameters
242 // passkey - The passkey (hash, currently) to create the key from
243 // salt - The salt used in creating the key
244 // iters - The hash iterations to use in generating the key
245 SecureBlob PasskeyToWrapper(const chromeos::Blob& passkey,
246 const chromeos::Blob& salt, int iters);
247
248 // Returns the user's salt at the given index 263 // Returns the user's salt at the given index
249 // 264 //
250 // Parameters 265 // Parameters
251 // credentials - The Credentials representing the user 266 // credentials - The Credentials representing the user
252 // index - The salt index to return 267 // index - The salt index to return
253 // force - Whether to force creation of a new salt 268 // force - Whether to force creation of a new salt
254 SecureBlob GetUserSalt(const Credentials& credentials, int index, 269 // salt (OUT) - The user's salt
255 bool force_new = false); 270 void GetUserSalt(const Credentials& credentials, int index,
256 271 bool force_new, SecureBlob* salt);
257 // Gets the salt in the specified file, creating it if it does not exist
258 //
259 // Parameters
260 // path - The path of the salt file
261 // length - The length of the salt to create if it doesn't exist
262 // force - Whether to force creation of a new salt
263 SecureBlob GetOrCreateSalt(const FilePath& path, int length,
264 bool force_new);
265 272
266 // Loads the contents of the specified file as a blob 273 // Loads the contents of the specified file as a blob
267 // 274 //
268 // Parameters 275 // Parameters
269 // path - The file path to read from 276 // path - The file path to read from
270 // blob (OUT) - Where to store the loaded file bytes 277 // blob (OUT) - Where to store the loaded file bytes
271 bool LoadFileBytes(const FilePath& path, SecureBlob& blob); 278 bool LoadFileBytes(const FilePath& path, SecureBlob* blob);
272 279
273 // Unmount a mount point 280 // Attempt to unwrap the keyset for the specified user
274 // 281 //
275 // Parameters 282 // Parameters
276 // path - The path to unmount 283 // credentials - The user credentials to use
277 // lazy - Whether to perform a lazy unmount 284 // index - The keyset index to unwrap
278 // was_busy (OUT) - Whether the mount point was busy 285 // vault_keyset (OUT) - The unencrypted vault keyset on success
279 bool Unmount(const std::string& path, bool lazy, bool* was_busy); 286 // error (OUT) - The specific error when unwrapping
280 287 bool UnwrapVaultKeyset(const Credentials& credentials, int index,
281 // Attempt to unwrap the key at the specified path 288 VaultKeyset* vault_keyset, MountError* error);
282 //
283 // Parameters
284 // path - The file path for the master key
285 // passkey - The passkey to use (converted to a passkey wrapper by this
286 // method)
287 // key (OUT) - Where to store the cryptohome key on success
288 bool UnwrapMasterKey(const FilePath& path,
289 const chromeos::Blob& passkey,
290 VaultKeyset* key);
291
292 // Adds the specified key to the ecryptfs keyring so that the cryptohome can
293 // be mounted. Clears the user keyring first.
294 //
295 // Parameters
296 // vault_keyset - The keyset to add
297 // key_signature (OUT) - The signature of the cryptohome key that should be
298 // used in subsequent calls to mount(2)
299 // fnek_signature (OUT) - The signature of the cryptohome filename
300 // encryption key that should be used in subsequent calls to mount(2)
301 bool AddKeyToEcryptfsKeyring(const VaultKeyset& vault_keyset,
302 std::string* key_signature,
303 std::string* fnek_signature);
304
305 // Adds the specified key to the user keyring
306 //
307 // Parameters
308 // key - The key to add
309 // key_sig - The key's (ascii) signature
310 // salt - The salt
311 bool PushVaultKey(const SecureBlob& key, const std::string& key_sig,
312 const SecureBlob& salt);
313
314 // Encodes a binary blob to hex-ascii
315 //
316 // Parameters
317 // blob - The binary blob to convert
318 // buffer (IN/OUT) - Where to store the converted blob
319 // buffer_length - The size of the buffer
320 void AsciiEncodeToBuffer(const chromeos::Blob& blob, char *buffer,
321 int buffer_length);
322
323 // Terminates or kills processes (except the current) that have files open on
324 // the specified path. Returns true if it tried to kill any processes.
325 //
326 // Parameters
327 // path - The path to check if the process has open files on
328 // hard - If true, send a SIGKILL instead of SIGTERM
329 bool TerminatePidsWithOpenFiles(const std::string& path, bool hard);
330
331 // Returns a vector of PIDs that have files open on the given path
332 //
333 // Parameters
334 // path - The path to check if the process has open files on
335 std::vector<pid_t> LookForOpenFiles(const std::string& path);
336
337 // Terminates or kills processes (except the current) that have the user ID
338 // specified. Returns true if it tried to kill any processes.
339 //
340 // Parameters
341 // path - The path to check if the process has open files on
342 // hard - If true, send a SIGKILL instead of SIGTERM
343 bool TerminatePidsForUser(const uid_t uid, bool hard);
344
345 // Returns a vector of PIDs whose Real, Effective, Saved, or File UID is equal
346 // to that requested
347 //
348 // Parameters
349 // uid - the user ID to search for
350 std::vector<pid_t> GetPidsForUser(uid_t uid);
351 289
352 // The uid of the shared user. Ownership of the user's vault is set to this 290 // The uid of the shared user. Ownership of the user's vault is set to this
353 // uid. 291 // uid.
354 uid_t default_user_; 292 uid_t default_user_;
355 293
356 // The gid of the shared user. Ownership of the user's vault is set to this 294 // The gid of the shared user. Ownership of the user's vault is set to this
357 // gid. 295 // gid.
358 gid_t default_group_; 296 gid_t default_group_;
359 297
360 // The shared user name. This user's uid/gid is used for vault ownership. 298 // The shared user name. This user's uid/gid is used for vault ownership.
361 const std::string default_username_; 299 std::string default_username_;
362
363 // The file path to load entropy from. Defaults to /dev/urandom
364 const std::string entropy_source_;
365 300
366 // The file path to mount cryptohome at. Defaults to /home/chronos/user 301 // The file path to mount cryptohome at. Defaults to /home/chronos/user
367 const std::string home_dir_; 302 std::string home_dir_;
368 303
369 // Where to store the system salt and user salt/key/vault. Defaults to 304 // Where to store the system salt and user salt/key/vault. Defaults to
370 // /home/chronos/shadow 305 // /home/chronos/shadow
371 const std::string shadow_root_; 306 std::string shadow_root_;
372 307
373 // Where the skeleton for the user's cryptohome is copied from 308 // Where the skeleton for the user's cryptohome is copied from
374 const std::string skel_source_; 309 std::string skel_source_;
375 310
376 // Stores the global system salt 311 // Stores the global system salt
377 cryptohome::SecureBlob system_salt_; 312 cryptohome::SecureBlob system_salt_;
378 313
379 // Whether to change ownership of the vault file 314 // Whether to change ownership of the vault file
380 bool set_vault_ownership_; 315 bool set_vault_ownership_;
381 316
317 // The crypto implementation
318 scoped_ptr<Crypto> default_crypto_;
319 Crypto *crypto_;
320
321 // The platform-specific calls
322 scoped_ptr<Platform> default_platform_;
323 Platform *platform_;
324
325 private:
382 DISALLOW_COPY_AND_ASSIGN(Mount); 326 DISALLOW_COPY_AND_ASSIGN(Mount);
383 }; 327 };
384 328
385 } 329 } // namespace cryptohome
386 330
387 #endif // MOUNT_H_ 331 #endif // CRYPTOHOME_MOUNT_H_
OLDNEW
« no previous file with comments | « mock_mount.h ('k') | mount.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698