Implemented profile-aware owner key loading.

chrome/browser/chromeos/settings/device_settings_service.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/settings/device_settings_service.h"
 
 #include "base/bind.h"
 #include "base/logging.h"
 #include "base/message_loop/message_loop.h"
 #include "base/stl_util.h"
@@ skipping 214 matching lines @@
   } else {
     // If the key hasn't been loaded with the known certificates, enqueue the
     // callback to be fired when the next SessionManagerOperation completes in
     // an environment where the certificates are loaded. There is no need to
     // start a new operation, as the reload operation will be started when the
     // certificates are loaded.
     pending_is_current_user_owner_callbacks_.push_back(callback);
   }
 }
 
-void DeviceSettingsService::SetUsername(const std::string& username) {
+void DeviceSettingsService::InitOwner(const std::string& username,
+                                      crypto::ScopedPK11Slot slot) {
+  if (owner_key_.get() && owner_key_->public_key() && owner_key_->private_key())

[Mattias Nissler (ping if slow), 2014/05/14 16:00:36]

Ah, here you test whether you already have a loaded the key successfully, and
IIUC that's supposed to make sure we only pick up the actual device owner?

If so, you still have a race condition here: If two Profiles call InitOwner() at
the same time, then you'll have the second one reset username_ below even if the
first one is the legit owner because the owner key reload only happens
asynchronously.

[ygorshenin1, 2014/05/15 08:39:56]

I propose to use old SetUsername() approach, but to move it to
OwnerSettingsServiceFactory.

On 2014/05/14 16:00:36, Mattias Nissler wrote:

+    return;
+
   username_ = username;
+  slot_ = slot.Pass();
 
   // The private key may have become available, so force a key reload.
   owner_key_ = NULL;
   EnsureReload(true);
 }
 
 const std::string& DeviceSettingsService::GetUsername() const {
   return username_;
 }
 
@@ skipping 38 matching lines @@
     StartNextOperation();
 }
 
 void DeviceSettingsService::EnqueueLoad(bool force_key_load) {
   SessionManagerOperation* operation =
       new LoadSettingsOperation(
           base::Bind(&DeviceSettingsService::HandleCompletedOperation,
                      weak_factory_.GetWeakPtr(),
                      base::Closure()));
   operation->set_force_key_load(force_key_load);
+  operation->set_username(username_);
+  operation->set_slot(slot_.get());
   Enqueue(operation);
 }
 
 void DeviceSettingsService::EnsureReload(bool force_key_load) {
-  if (!pending_operations_.empty())
+  if (!pending_operations_.empty()) {
+    pending_operations_.front()->set_username(username_);
+    pending_operations_.front()->set_slot(slot_.get());
     pending_operations_.front()->RestartLoad(force_key_load);
-  else
+  } else {
     EnqueueLoad(force_key_load);
+  }
 }
 
 void DeviceSettingsService::StartNextOperation() {
   if (!pending_operations_.empty() &&
       session_manager_client_ &&
       owner_key_util_.get()) {
     pending_operations_.front()->Start(session_manager_client_,
                                        owner_key_util_, owner_key_);
   }
 }
@@ skipping 161 matching lines @@
   DeviceSettingsService::Initialize();
 }
 
 ScopedTestDeviceSettingsService::~ScopedTestDeviceSettingsService() {
   // Clean pending operations.
   DeviceSettingsService::Get()->UnsetSessionManager();
   DeviceSettingsService::Shutdown();
 }
 
 }  // namespace chromeos