| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/arc/arc_util.h" | 5 #include "chrome/browser/chromeos/arc/arc_util.h" |
| 6 | 6 |
| 7 #include <linux/magic.h> | 7 #include <linux/magic.h> |
| 8 #include <sys/statfs.h> | 8 #include <sys/statfs.h> |
| 9 | 9 |
| 10 #include "base/callback.h" |
| 10 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
| 11 #include "base/logging.h" | 12 #include "base/logging.h" |
| 12 #include "base/sys_info.h" | 13 #include "base/sys_info.h" |
| 14 #include "base/task_scheduler/post_task.h" |
| 13 #include "base/threading/thread_restrictions.h" | 15 #include "base/threading/thread_restrictions.h" |
| 14 #include "chrome/browser/chromeos/arc/arc_session_manager.h" | 16 #include "chrome/browser/chromeos/arc/arc_session_manager.h" |
| 15 #include "chrome/browser/chromeos/login/user_flow.h" | 17 #include "chrome/browser/chromeos/login/user_flow.h" |
| 16 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h" | 18 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h" |
| 17 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 19 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 18 #include "chrome/browser/profiles/profile.h" | 20 #include "chrome/browser/profiles/profile.h" |
| 19 #include "chrome/common/pref_names.h" | 21 #include "chrome/common/pref_names.h" |
| 20 #include "components/arc/arc_util.h" | 22 #include "components/arc/arc_util.h" |
| 21 #include "components/prefs/pref_service.h" | 23 #include "components/prefs/pref_service.h" |
| 24 #include "components/user_manager/known_user.h" |
| 22 #include "components/user_manager/user.h" | 25 #include "components/user_manager/user.h" |
| 23 #include "components/user_manager/user_manager.h" | 26 #include "components/user_manager/user_manager.h" |
| 24 | 27 |
| 25 namespace arc { | 28 namespace arc { |
| 26 | 29 |
| 27 namespace { | 30 namespace { |
| 28 | 31 |
| 29 constexpr char kLsbReleaseArcVersionKey[] = "CHROMEOS_ARC_ANDROID_SDK_VERSION"; | 32 constexpr char kLsbReleaseArcVersionKey[] = "CHROMEOS_ARC_ANDROID_SDK_VERSION"; |
| 30 constexpr char kAndroidMSdkVersion[] = "23"; | 33 constexpr char kAndroidMSdkVersion[] = "23"; |
| 31 | 34 |
| 32 // Let IsAllowedForProfile() return "false" for any profile. | 35 // Let IsAllowedForProfile() return "false" for any profile. |
| 33 bool g_disallow_for_testing = false; | 36 bool g_disallow_for_testing = false; |
| 34 | 37 |
| 38 // Returns whether ARC can run on the filesystem mounted at |path|. |
| 39 // This function should run only on threads where IO operations are allowed. |
| 40 bool IsArcCompatibleFilesystem(const base::FilePath& path) { |
| 41 base::ThreadRestrictions::AssertIOAllowed(); |
| 42 |
| 43 // If it can be verified it is not on ecryptfs, then it is ok. |
| 44 struct statfs statfs_buf; |
| 45 if (statfs(path.value().c_str(), &statfs_buf) < 0) |
| 46 return false; |
| 47 return statfs_buf.f_type != ECRYPTFS_SUPER_MAGIC; |
| 48 } |
| 49 |
| 50 // Stores the result of IsArcCompatibleFilesystem posted back from the blocking |
| 51 // task runner. |
| 52 void StoreCompatibilityCheckResult(const AccountId& account_id, |
| 53 const base::Closure& callback, |
| 54 bool is_compatible) { |
| 55 if (is_compatible) { |
| 56 user_manager::known_user::SetIntegerPref( |
| 57 account_id, prefs::kArcCompatibleFilesystemChosen, |
| 58 arc::kFileSystemCompatible); |
| 59 } |
| 60 callback.Run(); |
| 61 } |
| 62 |
| 63 FileSystemCompatibilityState GetFileSystemCompatibilityPref( |
| 64 const AccountId& account_id) { |
| 65 int pref_value = kFileSystemIncompatible; |
| 66 user_manager::known_user::GetIntegerPref( |
| 67 account_id, prefs::kArcCompatibleFilesystemChosen, &pref_value); |
| 68 return static_cast<FileSystemCompatibilityState>(pref_value); |
| 69 } |
| 70 |
| 35 } // namespace | 71 } // namespace |
| 36 | 72 |
| 37 bool IsArcAllowedForProfile(const Profile* profile) { | 73 bool IsArcAllowedForProfile(const Profile* profile) { |
| 38 if (!IsArcAllowedInAppListForProfile(profile)) | 74 if (!IsArcAllowedInAppListForProfile(profile)) |
| 39 return false; | 75 return false; |
| 40 | 76 |
| 41 if (base::SysInfo::IsRunningOnChromeOS()) { | 77 if (base::SysInfo::IsRunningOnChromeOS()) { |
| 42 // Do not allow newer version of ARC on old filesystem. | 78 // Do not allow newer version of ARC on old filesystem. |
| 43 // Check this condition only on real Chrome OS devices. Test runs on Linux | 79 // Check this condition only on real Chrome OS devices. Test runs on Linux |
| 44 // workstation does not have expected /etc/lsb-release field nor profile | 80 // workstation does not have expected /etc/lsb-release field nor profile |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 114 if (user_manager::UserManager::Get() | 150 if (user_manager::UserManager::Get() |
| 115 ->IsCurrentUserCryptohomeDataEphemeral()) { | 151 ->IsCurrentUserCryptohomeDataEphemeral()) { |
| 116 VLOG(1) << "Users with ephemeral data are not supported in ARC."; | 152 VLOG(1) << "Users with ephemeral data are not supported in ARC."; |
| 117 return false; | 153 return false; |
| 118 } | 154 } |
| 119 | 155 |
| 120 return true; | 156 return true; |
| 121 } | 157 } |
| 122 | 158 |
| 123 bool IsArcCompatibleFileSystemUsedForProfile(const Profile* profile) { | 159 bool IsArcCompatibleFileSystemUsedForProfile(const Profile* profile) { |
| 124 // chromeos::UserSessionManager::PrepareProfile does the actual file system | 160 const user_manager::User* user = |
| 125 // check and stores the result to prefs, so that it survives crash-restart. | 161 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
| 162 |
| 163 // Returns false for profiles not associated with users (like sign-in profile) |
| 164 if (!user) |
| 165 return false; |
| 166 |
| 167 // chromeos::UserSessionManager does the actual file system check and stores |
| 168 // the result to prefs, so that it survives crash-restart. |
| 169 FileSystemCompatibilityState filesystem_compatibility = |
| 170 GetFileSystemCompatibilityPref(user->GetAccountId()); |
| 126 const bool is_filesystem_compatible = | 171 const bool is_filesystem_compatible = |
| 127 profile->GetPrefs()->GetBoolean(prefs::kArcCompatibleFilesystemChosen); | 172 filesystem_compatibility != kFileSystemIncompatible; |
| 128 std::string arc_sdk_version; | 173 std::string arc_sdk_version; |
| 129 const bool is_M = base::SysInfo::GetLsbReleaseValue(kLsbReleaseArcVersionKey, | 174 const bool is_M = base::SysInfo::GetLsbReleaseValue(kLsbReleaseArcVersionKey, |
| 130 &arc_sdk_version) && | 175 &arc_sdk_version) && |
| 131 arc_sdk_version == kAndroidMSdkVersion; | 176 arc_sdk_version == kAndroidMSdkVersion; |
| 132 | 177 |
| 133 // To run ARC we want to make sure either | 178 // To run ARC we want to make sure either |
| 134 // - Underlying file system is compatible with ARC, or | 179 // - Underlying file system is compatible with ARC, or |
| 135 // - SDK version is M. | 180 // - SDK version is M. |
| 136 if (!is_filesystem_compatible && !is_M) { | 181 if (!is_filesystem_compatible && !is_M) { |
| 137 VLOG(1) | 182 VLOG(1) |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 182 profile->GetPrefs()->SetBoolean(prefs::kArcEnabled, enabled); | 227 profile->GetPrefs()->SetBoolean(prefs::kArcEnabled, enabled); |
| 183 } | 228 } |
| 184 | 229 |
| 185 bool AreArcAllOptInPreferencesManagedForProfile(const Profile* profile) { | 230 bool AreArcAllOptInPreferencesManagedForProfile(const Profile* profile) { |
| 186 return profile->GetPrefs()->IsManagedPreference( | 231 return profile->GetPrefs()->IsManagedPreference( |
| 187 prefs::kArcBackupRestoreEnabled) && | 232 prefs::kArcBackupRestoreEnabled) && |
| 188 profile->GetPrefs()->IsManagedPreference( | 233 profile->GetPrefs()->IsManagedPreference( |
| 189 prefs::kArcLocationServiceEnabled); | 234 prefs::kArcLocationServiceEnabled); |
| 190 } | 235 } |
| 191 | 236 |
| 192 bool IsArcCompatibleFilesystem(const base::FilePath& path) { | 237 void UpdateArcFileSystemCompatibilityPrefIfNeeded( |
| 193 base::ThreadRestrictions::AssertIOAllowed(); | 238 const AccountId& account_id, |
| 239 const base::FilePath& profile_path, |
| 240 const base::Closure& callback) { |
| 241 DCHECK(!callback.is_null()); |
| 194 | 242 |
| 195 // If it can be verified it is not on ecryptfs, then it is ok. | 243 // If ARC is not available, skip the check. |
| 196 struct statfs statfs_buf; | 244 if (!IsArcAvailable()) { |
| 197 if (statfs(path.value().c_str(), &statfs_buf) < 0) | 245 callback.Run(); |
| 198 return false; | 246 return; |
| 199 return statfs_buf.f_type != ECRYPTFS_SUPER_MAGIC; | 247 } |
| 248 |
| 249 // If the compatibility has been already confirmed, skip the check. |
| 250 if (GetFileSystemCompatibilityPref(account_id) != kFileSystemIncompatible) { |
| 251 callback.Run(); |
| 252 return; |
| 253 } |
| 254 |
| 255 // Otherwise, check the underlying filesystem. |
| 256 base::PostTaskWithTraitsAndReplyWithResult( |
| 257 FROM_HERE, |
| 258 base::TaskTraits() |
| 259 .WithShutdownBehavior( |
| 260 base::TaskShutdownBehavior::CONTINUE_ON_SHUTDOWN) |
| 261 .WithPriority(base::TaskPriority::USER_BLOCKING) |
| 262 .MayBlock(), |
| 263 base::Bind(&IsArcCompatibleFilesystem, profile_path), |
| 264 base::Bind(&StoreCompatibilityCheckResult, account_id, callback)); |
| 200 } | 265 } |
| 201 | 266 |
| 202 } // namespace arc | 267 } // namespace arc |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2834323002:
arc: kArcCompatibleFilesystemChosen pref to local state and integer. (Closed)
