| Index: chrome/browser/chromeos/arc/arc_util.cc
|
| diff --git a/chrome/browser/chromeos/arc/arc_util.cc b/chrome/browser/chromeos/arc/arc_util.cc
|
| index 5a4e04ca956a4f2e0ac0e3ace9c4e0533d36e290..8cac4b72790c9d2d2b99f11c86a1c36f28555351 100644
|
| --- a/chrome/browser/chromeos/arc/arc_util.cc
|
| +++ b/chrome/browser/chromeos/arc/arc_util.cc
|
| @@ -9,24 +9,35 @@
|
| #include <set>
|
|
|
| #include "base/callback.h"
|
| +#include "base/command_line.h"
|
| #include "base/files/file_path.h"
|
| #include "base/lazy_instance.h"
|
| #include "base/logging.h"
|
| +#include "base/optional.h"
|
| #include "base/sys_info.h"
|
| #include "base/task_scheduler/post_task.h"
|
| #include "base/threading/thread_restrictions.h"
|
| +#include "chrome/browser/browser_process.h"
|
| +#include "chrome/browser/browser_process_platform_part.h"
|
| #include "chrome/browser/chromeos/arc/arc_session_manager.h"
|
| #include "chrome/browser/chromeos/login/user_flow.h"
|
| #include "chrome/browser/chromeos/login/users/chrome_user_manager.h"
|
| +#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"
|
| +#include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
|
| #include "chrome/browser/chromeos/profiles/profile_helper.h"
|
| +#include "chrome/browser/chromeos/settings/device_settings_service.h"
|
| #include "chrome/browser/profiles/profile.h"
|
| #include "chrome/common/pref_names.h"
|
| +#include "chromeos/chromeos_switches.h"
|
| #include "components/arc/arc_util.h"
|
| #include "components/prefs/pref_service.h"
|
| #include "components/user_manager/known_user.h"
|
| #include "components/user_manager/user.h"
|
| #include "components/user_manager/user_manager.h"
|
|
|
| +using DeviceEcryptfsMigrationStrategyProto =
|
| + enterprise_management::DeviceEcryptfsMigrationStrategyProto;
|
| +
|
| namespace arc {
|
|
|
| namespace {
|
| @@ -54,6 +65,11 @@ bool g_arc_blocked_due_to_incomaptible_filesystem_for_testing = false;
|
| base::LazyInstance<std::set<AccountId>>::DestructorAtExit
|
| g_known_compatible_users = LAZY_INSTANCE_INITIALIZER;
|
|
|
| +// This flag is set the first time the check if migration to ext4 is allowed,
|
| +// and remains unchanged after that.
|
| +// TODO(igorcov): Remove this after migration. crbug.com/725493
|
| +base::Optional<bool> g_is_arc_migration_allowed;
|
| +
|
| // Returns whether ARC can run on the filesystem mounted at |path|.
|
| // This function should run only on threads where IO operations are allowed.
|
| bool IsArcCompatibleFilesystem(const base::FilePath& path) {
|
| @@ -94,6 +110,35 @@ void StoreCompatibilityCheckResult(const AccountId& account_id,
|
| callback.Run();
|
| }
|
|
|
| +bool IsArcMigrationAllowedInternal() {
|
| + // If the device is not managed, then the migration allowed.
|
| + if (!g_browser_process->platform_part()
|
| + ->browser_policy_connector_chromeos()
|
| + ->IsEnterpriseManaged()) {
|
| + return true;
|
| + }
|
| +
|
| + const auto* const command_line = base::CommandLine::ForCurrentProcess();
|
| + // If the command line flag is missing, the migration for this type of
|
| + // device is allowed regardless of the policy data.
|
| + if (!command_line->HasSwitch(
|
| + chromeos::switches::kNeedArcMigrationPolicyCheck)) {
|
| + return true;
|
| + }
|
| +
|
| + const auto* policy =
|
| + chromeos::DeviceSettingsService::Get()->device_settings();
|
| + if (policy && policy->has_device_ecryptfs_migration_strategy()) {
|
| + const DeviceEcryptfsMigrationStrategyProto& container(
|
| + policy->device_ecryptfs_migration_strategy());
|
| + return container.has_migration_strategy() &&
|
| + container.migration_strategy() ==
|
| + DeviceEcryptfsMigrationStrategyProto::ALLOW_MIGRATION;
|
| + }
|
| +
|
| + return false;
|
| +}
|
| +
|
| } // namespace
|
|
|
| bool IsArcAllowedForProfile(const Profile* profile) {
|
| @@ -143,6 +188,22 @@ bool IsArcAllowedForProfile(const Profile* profile) {
|
| return false;
|
| }
|
|
|
| + // If migration policy check is needed (specified by commandline flag), check
|
| + // the policy, which should be already available here. If policy says
|
| + // migration is not allowed, do not run ARC, regardless whether file system
|
| + // migration is actually needed. For example, even if file system is still
|
| + // ecryptfs and ARC version is M, or file system is already migrated into ext4
|
| + // crypt and ARC version is N or later, if policy says migration is not
|
| + // allowed, ARC will never run. Practically, in the former example case,
|
| + // --need-arc-migration-policy-check is not set, so this check passes and user
|
| + // can use ARC. In latter case, policy should say migration is allowed, so
|
| + // also user can use ARC then.
|
| + // TODO(igorcov): Remove this after migration. crbug.com/725493
|
| + if (!IsArcMigrationAllowed()) {
|
| + VLOG(1) << "ARC migration is not allowed by policy.";
|
| + return false;
|
| + }
|
| +
|
| // Do not run ARC instance when supervised user is being created.
|
| // Otherwise noisy notification may be displayed.
|
| chromeos::UserFlow* user_flow =
|
| @@ -290,4 +351,14 @@ void UpdateArcFileSystemCompatibilityPrefIfNeeded(
|
| base::Bind(&StoreCompatibilityCheckResult, account_id, callback));
|
| }
|
|
|
| +bool IsArcMigrationAllowed() {
|
| + if (!g_is_arc_migration_allowed.has_value())
|
| + g_is_arc_migration_allowed = IsArcMigrationAllowedInternal();
|
| + return g_is_arc_migration_allowed.value();
|
| +}
|
| +
|
| +void ResetArcMigrationAllowedForTesting() {
|
| + g_is_arc_migration_allowed.reset();
|
| +}
|
| +
|
| } // namespace arc
|
|
|