Remove usage of singleton software_slot_ in nss on ChromeOS

crypto/nss_util.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "crypto/nss_util.h"
 #include "crypto/nss_util_internal.h"
 
 #include <nss.h>
 #include <pk11pub.h>
 #include <plarena.h>
@@ skipping 63 matching lines @@
     scoped_ptr<char[]> error_text(new char[PR_GetErrorTextLength() + 1]);
     PRInt32 copied = PR_GetErrorText(error_text.get());
     result = std::string(error_text.get(), copied);
   } else {
     result = base::StringPrintf("NSS error code: %d", PR_GetError());
   }
   return result;
 }
 
 #if defined(USE_NSS)
+#if !defined(OS_CHROMEOS)
 base::FilePath GetDefaultConfigDirectory() {
   base::FilePath dir;
   PathService::Get(base::DIR_HOME, &dir);
   if (dir.empty()) {
     LOG(ERROR) << "Failed to get home directory.";
     return dir;
   }
   dir = dir.AppendASCII(".pki").AppendASCII("nssdb");
   if (!base::CreateDirectory(dir)) {
     LOG(ERROR) << "Failed to create " << dir.value() << " directory.";
     dir.clear();
   }
   DVLOG(2) << "DefaultConfigDirectory: " << dir.value();
   return dir;
 }
+#endif  // !defined(IS_CHROMEOS)
 
 // On non-Chrome OS platforms, return the default config directory. On Chrome OS
 // test images, return a read-only directory with fake root CA certs (which are
 // used by the local Google Accounts server mock we use when testing our login
 // code). On Chrome OS non-test images (where the read-only directory doesn't
 // exist), return an empty path.
 base::FilePath GetInitialConfigDirectory() {
 #if defined(OS_CHROMEOS)
   base::FilePath database_dir = base::FilePath(kReadOnlyCertDB);
   if (!base::PathExists(database_dir))
@@ skipping 100 matching lines @@
   base::debug::Alias(&nss_error);
   base::debug::Alias(&os_error);
   LOG(ERROR) << "Error initializing NSS without a persistent database: "
              << GetNSSErrorMessage();
   LOG(FATAL) << "nss_error=" << nss_error << ", os_error=" << os_error;
 }
 
 #if defined(OS_CHROMEOS)
 class ChromeOSUserData {
  public:
-  ChromeOSUserData(ScopedPK11Slot public_slot, bool is_primary_user)
+  ChromeOSUserData(ScopedPK11Slot public_slot, bool provisional)
       : public_slot_(public_slot.Pass()),
-        is_primary_user_(is_primary_user) {}
+        provisional_(provisional) {}
   ~ChromeOSUserData() {
-    if (public_slot_ && !is_primary_user_) {
+    if (public_slot_) {
       SECStatus status = SECMOD_CloseUserDB(public_slot_.get());
       if (status != SECSuccess)
         PLOG(ERROR) << "SECMOD_CloseUserDB failed: " << PORT_GetError();
     }
   }
 
   ScopedPK11Slot GetPublicSlot() {
     return ScopedPK11Slot(
-        public_slot_ ? PK11_ReferenceSlot(public_slot_.get()) : NULL);
+        !provisional_ && public_slot_ ?
+            PK11_ReferenceSlot(public_slot_.get()) :
+            NULL);
   }
 
   ScopedPK11Slot GetPrivateSlot(
       const base::Callback<void(ScopedPK11Slot)>& callback) {
-    if (private_slot_)
+    if (private_slot_ && !provisional_)
       return ScopedPK11Slot(PK11_ReferenceSlot(private_slot_.get()));
     if (!callback.is_null())
       tpm_ready_callback_list_.push_back(callback);
     return ScopedPK11Slot();
   }
 
   void SetPrivateSlot(ScopedPK11Slot private_slot) {
     DCHECK(!private_slot_);
+    DCHECK(!provisional_);
     private_slot_ = private_slot.Pass();
 
     SlotReadyCallbackList callback_list;
     callback_list.swap(tpm_ready_callback_list_);
     for (SlotReadyCallbackList::iterator i = callback_list.begin();
          i != callback_list.end();
          ++i) {
       (*i).Run(ScopedPK11Slot(PK11_ReferenceSlot(private_slot_.get())));
     }
   }
 
+  bool provisional() { return provisional_; }
+
+  void set_provisional(bool value) { provisional_ = value; }
+
  private:
   ScopedPK11Slot public_slot_;
   ScopedPK11Slot private_slot_;
-  bool is_primary_user_;
+
+  bool provisional_;
 
   typedef std::vector<base::Callback<void(ScopedPK11Slot)> >
       SlotReadyCallbackList;
   SlotReadyCallbackList tpm_ready_callback_list_;
 };
 #endif  // defined(OS_CHROMEOS)
 
 class NSSInitSingleton {
  public:
 #if defined(OS_CHROMEOS)
   // Used with PostTaskAndReply to pass handles to worker thread and back.
   struct TPMModuleAndSlot {
     explicit TPMModuleAndSlot(SECMODModule* init_chaps_module)
         : chaps_module(init_chaps_module), tpm_slot(NULL) {}
     SECMODModule* chaps_module;
     PK11SlotInfo* tpm_slot;
   };
 
-  void OpenPersistentNSSDB() {
-    DCHECK(thread_checker_.CalledOnValidThread());
-
-    if (!chromeos_user_logged_in_) {
-      // GetDefaultConfigDirectory causes us to do blocking IO on UI thread.
-      // Temporarily allow it until we fix http://crbug.com/70119
-      base::ThreadRestrictions::ScopedAllowIO allow_io;
-      chromeos_user_logged_in_ = true;
-
-      // This creates another DB slot in NSS that is read/write, unlike
-      // the fake root CA cert DB and the "default" crypto key
-      // provider, which are still read-only (because we initialized
-      // NSS before we had a cryptohome mounted).
-      software_slot_ = OpenUserDB(GetDefaultConfigDirectory(),
-                                  kNSSDatabaseName);
-    }
-  }
-
   PK11SlotInfo* OpenPersistentNSSDBForPath(const base::FilePath& path) {
     DCHECK(thread_checker_.CalledOnValidThread());
     // NSS is allowed to do IO on the current thread since dispatching
     // to a dedicated thread would still have the affect of blocking
     // the current thread, due to NSS's internal locking requirements
     base::ThreadRestrictions::ScopedAllowIO allow_io;
 
     base::FilePath nssdb_path = path.AppendASCII(".pki").AppendASCII("nssdb");
     if (!base::CreateDirectory(nssdb_path)) {
       LOG(ERROR) << "Failed to create " << nssdb_path.value() << " directory.";
@@ skipping 145 matching lines @@
 
     PK11SlotInfo* slot = SECMOD_LookupSlot(chaps_module->moduleID, slot_id);
     if (!slot)
       LOG(ERROR) << "TPM slot " << slot_id << " not found.";
     return slot;
   }
 
   bool InitializeNSSForChromeOSUser(
       const std::string& email,
       const std::string& username_hash,
-      bool is_primary_user,
-      const base::FilePath& path) {
+      const base::FilePath& path,
+      bool provisional) {
     DCHECK(thread_checker_.CalledOnValidThread());
     if (chromeos_user_map_.find(username_hash) != chromeos_user_map_.end()) {
       // This user already exists in our mapping.
       DVLOG(2) << username_hash << " already initialized.";
+      if (!chromeos_user_map_[username_hash]->provisional())
+        return false;
+
+      chromeos_user_map_[username_hash]->set_provisional(provisional);
+      return true;
+    }

[Ryan Sleevi, 2014/07/01 18:51:33]

This logic strikes me as a little weird, as the comment doesn't fully explain
the possible conditions.

If I set provisional to false, and load, it will return true. If I then attempt
to load again, this time with provisional=true, it will return false (even
though it's loaded and usable)

If I set provisional to true, and load, it will return true. If I then attempt
to load again, this time with provisional=false, it will true, but not actually
do any work (it just does set_provisional)

Regardless of the provisional flag, these methods all have side-effects on the
overall NSS state.

[tbarzic, 2014/07/01 19:25:39]

Yeah, I'm not to content with semantics here.. I need to come up with better
naming, and improve the comment (I've planned to do that today).
Stay tuned.

(Basically, the purpose for this is to let profile_io_data.cc know whether it
should continue with initializing private slot for the user or not)

+
+    // If test slot is set, slot getter methods will short circuit
+    // checking |chromeos_user_map_|, so there is nothing left to be
+    // initialized.
+    if (test_slot_)
       return false;
-    }
-    ScopedPK11Slot public_slot;
-    if (is_primary_user) {
-      DVLOG(2) << "Primary user, using GetPublicNSSKeySlot()";
-      public_slot.reset(GetPublicNSSKeySlot());
-    } else {
-      DVLOG(2) << "Opening NSS DB " << path.value();
-      public_slot.reset(OpenPersistentNSSDBForPath(path));
-    }
+
+    DVLOG(2) << "Opening NSS DB " << path.value();
+    ScopedPK11Slot public_slot(OpenPersistentNSSDBForPath(path));
     chromeos_user_map_[username_hash] =
-        new ChromeOSUserData(public_slot.Pass(), is_primary_user);
+        new ChromeOSUserData(public_slot.Pass(), provisional);
     return true;
   }
 
   void InitializeTPMForChromeOSUser(const std::string& username_hash,
                                     CK_SLOT_ID slot_id) {
     DCHECK(thread_checker_.CalledOnValidThread());
     DCHECK(chromeos_user_map_.find(username_hash) != chromeos_user_map_.end());
+    DCHECK(!chromeos_user_map_[username_hash]->provisional());
 
     if (!chaps_module_)
       return;
 
     // Note that a reference is not taken to chaps_module_. This is safe since
     // NSSInitSingleton is Leaky, so the reference it holds is never released.
     scoped_ptr<TPMModuleAndSlot> tpm_args(new TPMModuleAndSlot(chaps_module_));
     TPMModuleAndSlot* tpm_args_ptr = tpm_args.get();
     base::WorkerPool::PostTaskAndReply(
         FROM_HERE,
@@ skipping 15 matching lines @@
              << !!tpm_args->tpm_slot;
     chromeos_user_map_[username_hash]->SetPrivateSlot(
         ScopedPK11Slot(tpm_args->tpm_slot));
   }
 
   void InitializePrivateSoftwareSlotForChromeOSUser(
       const std::string& username_hash) {
     DCHECK(thread_checker_.CalledOnValidThread());
     VLOG(1) << "using software private slot for " << username_hash;
     DCHECK(chromeos_user_map_.find(username_hash) != chromeos_user_map_.end());
+    DCHECK(!chromeos_user_map_[username_hash]->provisional());
     chromeos_user_map_[username_hash]->SetPrivateSlot(
         chromeos_user_map_[username_hash]->GetPublicSlot());
   }
 
   ScopedPK11Slot GetPublicSlotForChromeOSUser(
       const std::string& username_hash) {
     DCHECK(thread_checker_.CalledOnValidThread());
 
     if (username_hash.empty()) {
       DVLOG(2) << "empty username_hash";
@@ skipping 80 matching lines @@
 
   PK11SlotInfo* GetPublicNSSKeySlot() {
     // TODO(mattm): Change to DCHECK when callers have been fixed.
     if (!thread_checker_.CalledOnValidThread()) {
       DVLOG(1) << "Called on wrong thread.\n"
                << base::debug::StackTrace().ToString();
     }
 
     if (test_slot_)
       return PK11_ReferenceSlot(test_slot_);
-    if (software_slot_)
-      return PK11_ReferenceSlot(software_slot_);
     return PK11_GetInternalKeySlot();
   }
 
   PK11SlotInfo* GetPrivateNSSKeySlot() {
     // TODO(mattm): Change to DCHECK when callers have been fixed.
     if (!thread_checker_.CalledOnValidThread()) {
       DVLOG(1) << "Called on wrong thread.\n"
                << base::debug::StackTrace().ToString();
     }
 
     if (test_slot_)
       return PK11_ReferenceSlot(test_slot_);
 
 #if defined(OS_CHROMEOS)
     if (tpm_token_enabled_for_nss_) {
       if (IsTPMTokenReady(base::Closure())) {
         return PK11_ReferenceSlot(tpm_slot_);
       } else {
         // If we were supposed to get the hardware token, but were
         // unable to, return NULL rather than fall back to sofware.
         return NULL;
       }
     }
 #endif
-    // If we weren't supposed to enable the TPM for NSS, then return
-    // the software slot.
-    if (software_slot_)
-      return PK11_ReferenceSlot(software_slot_);
     return PK11_GetInternalKeySlot();
   }
 
 #if defined(USE_NSS)
   base::Lock* write_lock() {
     return &write_lock_;
   }
 #endif  // defined(USE_NSS)
 
   // This method is used to force NSS to be initialized without a DB.
   // Call this method before NSSInitSingleton() is constructed.
   static void ForceNoDBInit() {
     force_nodb_init_ = true;
   }
 
  private:
   friend struct base::DefaultLazyInstanceTraits<NSSInitSingleton>;
 
   NSSInitSingleton()
       : tpm_token_enabled_for_nss_(false),
         initializing_tpm_token_(false),
         chaps_module_(NULL),
-        software_slot_(NULL),
         test_slot_(NULL),
         tpm_slot_(NULL),
-        root_(NULL),
-        chromeos_user_logged_in_(false) {
+        root_(NULL) {
     base::TimeTicks start_time = base::TimeTicks::Now();
 
     // It's safe to construct on any thread, since LazyInstance will prevent any
     // other threads from accessing until the constructor is done.
     thread_checker_.DetachFromThread();
 
     DisableAESNIIfNeeded();
 
     EnsureNSPRInit();
 
@@ skipping 99 matching lines @@
   // prevent non-joinable threads from using NSS after it's already been shut
   // down.
   ~NSSInitSingleton() {
 #if defined(OS_CHROMEOS)
     STLDeleteValues(&chromeos_user_map_);
 #endif
     if (tpm_slot_) {
       PK11_FreeSlot(tpm_slot_);
       tpm_slot_ = NULL;
     }
-    if (software_slot_) {
-      SECMOD_CloseUserDB(software_slot_);
-      PK11_FreeSlot(software_slot_);
-      software_slot_ = NULL;
-    }
     CloseTestNSSDB();
     if (root_) {
       SECMOD_UnloadUserModule(root_);
       SECMOD_DestroyModule(root_);
       root_ = NULL;
     }
     if (chaps_module_) {
       SECMOD_UnloadUserModule(chaps_module_);
       SECMOD_DestroyModule(chaps_module_);
       chaps_module_ = NULL;
@@ skipping 82 matching lines @@
   }
 
   // If this is set to true NSS is forced to be initialized without a DB.
   static bool force_nodb_init_;
 
   bool tpm_token_enabled_for_nss_;
   bool initializing_tpm_token_;
   typedef std::vector<base::Closure> TPMReadyCallbackList;
   TPMReadyCallbackList tpm_ready_callback_list_;
   SECMODModule* chaps_module_;
-  PK11SlotInfo* software_slot_;
   PK11SlotInfo* test_slot_;
   PK11SlotInfo* tpm_slot_;
   SECMODModule* root_;
-  bool chromeos_user_logged_in_;
 #if defined(OS_CHROMEOS)
   typedef std::map<std::string, ChromeOSUserData*> ChromeOSUserMap;
   ChromeOSUserMap chromeos_user_map_;
 #endif
 #if defined(USE_NSS)
   // TODO(davidben): When https://bugzilla.mozilla.org/show_bug.cgi?id=564011
   // is fixed, we will no longer need the lock.
   base::Lock write_lock_;
 #endif  // defined(USE_NSS)
 
@@ skipping 143 matching lines @@
     SECMOD_GetReadLock(lock_);
   }
 
 AutoSECMODListReadLock::~AutoSECMODListReadLock() {
   SECMOD_ReleaseReadLock(lock_);
 }
 
 #endif  // defined(USE_NSS)
 
 #if defined(OS_CHROMEOS)
-void OpenPersistentNSSDB() {
-  g_nss_singleton.Get().OpenPersistentNSSDB();
-}
-
 void EnableTPMTokenForNSS() {
   g_nss_singleton.Get().EnableTPMTokenForNSS();
 }
 
 bool IsTPMTokenEnabledForNSS() {
   return g_nss_singleton.Get().IsTPMTokenEnabledForNSS();
 }
 
 bool IsTPMTokenReady(const base::Closure& callback) {
   return g_nss_singleton.Get().IsTPMTokenReady(callback);
 }
 
 void InitializeTPMToken(int token_slot_id,
                         const base::Callback<void(bool)>& callback) {
   g_nss_singleton.Get().InitializeTPMToken(token_slot_id, callback);
 }
 
 ScopedTestNSSChromeOSUser::ScopedTestNSSChromeOSUser(
     const std::string& username_hash)
     : username_hash_(username_hash), constructed_successfully_(false) {
   if (!temp_dir_.CreateUniqueTempDir())
     return;
   constructed_successfully_ =
       InitializeNSSForChromeOSUser(username_hash,
                                    username_hash,
-                                   false /* is_primary_user */,
-                                   temp_dir_.path());
+                                   temp_dir_.path(),
+                                   false /* not provisional */);
 }
 
 ScopedTestNSSChromeOSUser::~ScopedTestNSSChromeOSUser() {
   if (constructed_successfully_)
     g_nss_singleton.Get().CloseTestChromeOSUser(username_hash_);
 }
 
 void ScopedTestNSSChromeOSUser::FinishInit() {
   InitializePrivateSoftwareSlotForChromeOSUser(username_hash_);
 }
 
 bool InitializeNSSForChromeOSUser(
     const std::string& email,
     const std::string& username_hash,
-    bool is_primary_user,
-    const base::FilePath& path) {
+    const base::FilePath& path,
+    bool provisional) {
   return g_nss_singleton.Get().InitializeNSSForChromeOSUser(
-      email, username_hash, is_primary_user, path);
+      email, username_hash, path, provisional);
 }
 void InitializeTPMForChromeOSUser(
     const std::string& username_hash,
     CK_SLOT_ID slot_id) {
   g_nss_singleton.Get().InitializeTPMForChromeOSUser(username_hash, slot_id);
 }
 void InitializePrivateSoftwareSlotForChromeOSUser(
     const std::string& username_hash) {
   g_nss_singleton.Get().InitializePrivateSoftwareSlotForChromeOSUser(
       username_hash);
@@ skipping 20 matching lines @@
 
 PK11SlotInfo* GetPublicNSSKeySlot() {
   return g_nss_singleton.Get().GetPublicNSSKeySlot();
 }
 
 PK11SlotInfo* GetPrivateNSSKeySlot() {
   return g_nss_singleton.Get().GetPrivateNSSKeySlot();
 }
 
 }  // namespace crypto