| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/chromeos/login/encryption_migration_screen_han
dler.h" | 5 #include "chrome/browser/ui/webui/chromeos/login/encryption_migration_screen_han
dler.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "ash/system/devicetype_utils.h" | 10 #include "ash/system/devicetype_utils.h" |
| (...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 247 } | 247 } |
| 248 UpdateUIState(UIState::READY); | 248 UpdateUIState(UIState::READY); |
| 249 | 249 |
| 250 should_migrate_on_enough_battery_ = true; | 250 should_migrate_on_enough_battery_ = true; |
| 251 DBusThreadManager::Get()->GetPowerManagerClient()->RequestStatusUpdate(); | 251 DBusThreadManager::Get()->GetPowerManagerClient()->RequestStatusUpdate(); |
| 252 } | 252 } |
| 253 | 253 |
| 254 void EncryptionMigrationScreenHandler::StartMigration() { | 254 void EncryptionMigrationScreenHandler::StartMigration() { |
| 255 UpdateUIState(UIState::MIGRATING); | 255 UpdateUIState(UIState::MIGRATING); |
| 256 | 256 |
| 257 // Mount the existing eCryptfs vault to a temporary location for migration. |
| 258 cryptohome::MountParameters mount(false); |
| 259 mount.to_migrate_from_ecryptfs = true; |
| 260 cryptohome::HomedirMethods::GetInstance()->MountEx( |
| 261 cryptohome::Identification(user_context_.GetAccountId()), |
| 262 cryptohome::Authorization(GetAuthKey()), mount, |
| 263 base::Bind(&EncryptionMigrationScreenHandler::OnMountExistingVault, |
| 264 weak_ptr_factory_.GetWeakPtr())); |
| 265 } |
| 266 |
| 267 void EncryptionMigrationScreenHandler::OnMountExistingVault( |
| 268 bool success, |
| 269 cryptohome::MountError return_code, |
| 270 const std::string& mount_hash) { |
| 271 if (!success || return_code != cryptohome::MOUNT_ERROR_NONE) { |
| 272 UpdateUIState(UIState::MIGRATION_FAILED); |
| 273 return; |
| 274 } |
| 275 |
| 257 DBusThreadManager::Get() | 276 DBusThreadManager::Get() |
| 258 ->GetCryptohomeClient() | 277 ->GetCryptohomeClient() |
| 259 ->SetDircryptoMigrationProgressHandler( | 278 ->SetDircryptoMigrationProgressHandler( |
| 260 base::Bind(&EncryptionMigrationScreenHandler::OnMigrationProgress, | 279 base::Bind(&EncryptionMigrationScreenHandler::OnMigrationProgress, |
| 261 weak_ptr_factory_.GetWeakPtr())); | 280 weak_ptr_factory_.GetWeakPtr())); |
| 281 cryptohome::HomedirMethods::GetInstance()->MigrateToDircrypto( |
| 282 cryptohome::Identification(user_context_.GetAccountId()), |
| 283 base::Bind(&EncryptionMigrationScreenHandler::OnMigrationRequested, |
| 284 weak_ptr_factory_.GetWeakPtr())); |
| 285 } |
| 262 | 286 |
| 287 cryptohome::KeyDefinition EncryptionMigrationScreenHandler::GetAuthKey() { |
| 263 // |auth_key| is created in the same manner as CryptohomeAuthenticator. | 288 // |auth_key| is created in the same manner as CryptohomeAuthenticator. |
| 264 const Key* key = user_context_.GetKey(); | 289 const Key* key = user_context_.GetKey(); |
| 265 // If the |key| is a plain text password, crash rather than attempting to | 290 // If the |key| is a plain text password, crash rather than attempting to |
| 266 // mount the cryptohome with a plain text password. | 291 // mount the cryptohome with a plain text password. |
| 267 CHECK_NE(Key::KEY_TYPE_PASSWORD_PLAIN, key->GetKeyType()); | 292 CHECK_NE(Key::KEY_TYPE_PASSWORD_PLAIN, key->GetKeyType()); |
| 268 // Set the authentication's key label to an empty string, which is a wildcard | 293 // Set the authentication's key label to an empty string, which is a wildcard |
| 269 // allowing any key to match. This is necessary because cryptohomes created by | 294 // allowing any key to match. This is necessary because cryptohomes created by |
| 270 // Chrome OS M38 and older will have a legacy key with no label while those | 295 // Chrome OS M38 and older will have a legacy key with no label while those |
| 271 // created by Chrome OS M39 and newer will have a key with the label | 296 // created by Chrome OS M39 and newer will have a key with the label |
| 272 // kCryptohomeGAIAKeyLabel. | 297 // kCryptohomeGAIAKeyLabel. |
| 273 const cryptohome::KeyDefinition auth_key(key->GetSecret(), std::string(), | 298 return cryptohome::KeyDefinition(key->GetSecret(), std::string(), |
| 274 cryptohome::PRIV_DEFAULT); | 299 cryptohome::PRIV_DEFAULT); |
| 275 cryptohome::HomedirMethods::GetInstance()->MigrateToDircrypto( | |
| 276 cryptohome::Identification(user_context_.GetAccountId()), | |
| 277 cryptohome::Authorization(auth_key), | |
| 278 base::Bind(&EncryptionMigrationScreenHandler::OnMigrationRequested, | |
| 279 weak_ptr_factory_.GetWeakPtr())); | |
| 280 } | 300 } |
| 281 | 301 |
| 282 void EncryptionMigrationScreenHandler::OnMigrationProgress( | 302 void EncryptionMigrationScreenHandler::OnMigrationProgress( |
| 283 cryptohome::DircryptoMigrationStatus status, | 303 cryptohome::DircryptoMigrationStatus status, |
| 284 uint64_t current, | 304 uint64_t current, |
| 285 uint64_t total) { | 305 uint64_t total) { |
| 286 switch (status) { | 306 switch (status) { |
| 287 case cryptohome::DIRCRYPTO_MIGRATION_INITIALIZING: | 307 case cryptohome::DIRCRYPTO_MIGRATION_INITIALIZING: |
| 288 UpdateUIState(UIState::MIGRATING); | 308 UpdateUIState(UIState::MIGRATING); |
| 289 break; | 309 break; |
| (...skipping 21 matching lines...) Expand all Loading... |
| 311 void EncryptionMigrationScreenHandler::OnMigrationRequested(bool success) { | 331 void EncryptionMigrationScreenHandler::OnMigrationRequested(bool success) { |
| 312 // This function is called when MigrateToDircrypto is correctly requested. | 332 // This function is called when MigrateToDircrypto is correctly requested. |
| 313 // It does not mean that the migration is completed. We should know the | 333 // It does not mean that the migration is completed. We should know the |
| 314 // completion by DircryptoMigrationProgressHandler. success == false means a | 334 // completion by DircryptoMigrationProgressHandler. success == false means a |
| 315 // failure in DBus communication. | 335 // failure in DBus communication. |
| 316 // TODO(fukino): Handle this case. Should we retry or restart? | 336 // TODO(fukino): Handle this case. Should we retry or restart? |
| 317 DCHECK(success); | 337 DCHECK(success); |
| 318 } | 338 } |
| 319 | 339 |
| 320 } // namespace chromeos | 340 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2827203002:
cros: Mount the existing eCryptfs vault to start migration. (Closed)
