| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/prefs/profile_pref_store_manager.h" | 5 #include "chrome/browser/prefs/profile_pref_store_manager.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/compiler_specific.h" | 9 #include "base/compiler_specific.h" |
| 10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
| 11 #include "base/files/file_enumerator.h" | 11 #include "base/files/file_enumerator.h" |
| 12 #include "base/files/scoped_temp_dir.h" | 12 #include "base/files/scoped_temp_dir.h" |
| 13 #include "base/memory/ref_counted.h" | 13 #include "base/memory/ref_counted.h" |
| 14 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
| 15 #include "base/message_loop/message_loop.h" | 15 #include "base/message_loop/message_loop.h" |
| 16 #include "base/prefs/json_pref_store.h" | 16 #include "base/prefs/json_pref_store.h" |
| 17 #include "base/prefs/persistent_pref_store.h" | 17 #include "base/prefs/persistent_pref_store.h" |
| 18 #include "base/prefs/pref_service.h" | 18 #include "base/prefs/pref_service.h" |
| 19 #include "base/prefs/pref_service_factory.h" | 19 #include "base/prefs/pref_service_factory.h" |
| 20 #include "base/prefs/pref_store.h" | 20 #include "base/prefs/pref_store.h" |
| 21 #include "base/prefs/testing_pref_service.h" | 21 #include "base/prefs/testing_pref_service.h" |
| 22 #include "base/run_loop.h" | 22 #include "base/run_loop.h" |
| 23 #include "base/strings/string_util.h" | 23 #include "base/strings/string_util.h" |
| 24 #include "base/values.h" | 24 #include "base/values.h" |
| 25 #include "chrome/browser/prefs/mock_validation_delegate.h" | 25 #include "chrome/browser/prefs/mock_validation_delegate.h" |
| 26 #include "chrome/browser/prefs/pref_hash_filter.h" | 26 #include "chrome/browser/prefs/pref_hash_filter.h" |
| 27 #include "chrome/browser/prefs/tracked/pref_service_hash_store_contents.h" |
| 27 #include "chrome/common/pref_names.h" | 28 #include "chrome/common/pref_names.h" |
| 28 #include "components/pref_registry/pref_registry_syncable.h" | 29 #include "components/pref_registry/pref_registry_syncable.h" |
| 29 #include "testing/gtest/include/gtest/gtest.h" | 30 #include "testing/gtest/include/gtest/gtest.h" |
| 30 | 31 |
| 31 namespace { | 32 namespace { |
| 32 | 33 |
| 33 class FirstEqualsPredicate { | 34 class FirstEqualsPredicate { |
| 34 public: | 35 public: |
| 35 explicit FirstEqualsPredicate(const std::string& expected) | 36 explicit FirstEqualsPredicate(const std::string& expected) |
| 36 : expected_(expected) {} | 37 : expected_(expected) {} |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 144 bool WasResetRecorded() { | 145 bool WasResetRecorded() { |
| 145 base::PrefServiceFactory pref_service_factory; | 146 base::PrefServiceFactory pref_service_factory; |
| 146 pref_service_factory.set_user_prefs(pref_store_); | 147 pref_service_factory.set_user_prefs(pref_store_); |
| 147 | 148 |
| 148 scoped_ptr<PrefService> pref_service( | 149 scoped_ptr<PrefService> pref_service( |
| 149 pref_service_factory.Create(profile_pref_registry_)); | 150 pref_service_factory.Create(profile_pref_registry_)); |
| 150 | 151 |
| 151 return !ProfilePrefStoreManager::GetResetTime(pref_service.get()).is_null(); | 152 return !ProfilePrefStoreManager::GetResetTime(pref_service.get()).is_null(); |
| 152 } | 153 } |
| 153 | 154 |
| 155 void ClearResetRecorded() { |
| 156 base::PrefServiceFactory pref_service_factory; |
| 157 pref_service_factory.set_user_prefs(pref_store_); |
| 158 |
| 159 scoped_ptr<PrefService> pref_service( |
| 160 pref_service_factory.Create(profile_pref_registry_)); |
| 161 |
| 162 ProfilePrefStoreManager::ClearResetTime(pref_service.get()); |
| 163 } |
| 164 |
| 154 void InitializePrefs() { | 165 void InitializePrefs() { |
| 155 // According to the implementation of ProfilePrefStoreManager, this is | 166 // According to the implementation of ProfilePrefStoreManager, this is |
| 156 // actually a SegregatedPrefStore backed by two underlying pref stores. | 167 // actually a SegregatedPrefStore backed by two underlying pref stores. |
| 157 scoped_refptr<PersistentPrefStore> pref_store = | 168 scoped_refptr<PersistentPrefStore> pref_store = |
| 158 manager_->CreateProfilePrefStore( | 169 manager_->CreateProfilePrefStore( |
| 159 main_message_loop_.message_loop_proxy(), | 170 main_message_loop_.message_loop_proxy(), |
| 160 &mock_validation_delegate_); | 171 &mock_validation_delegate_); |
| 161 InitializePrefStore(pref_store); | 172 InitializePrefStore(pref_store); |
| 162 pref_store = NULL; | 173 pref_store = NULL; |
| 163 base::RunLoop().RunUntilIdle(); | 174 base::RunLoop().RunUntilIdle(); |
| 164 } | 175 } |
| 165 | 176 |
| 166 void DestroyPrefStore() { | 177 void DestroyPrefStore() { |
| 167 if (pref_store_) { | 178 if (pref_store_) { |
| 179 ClearResetRecorded(); |
| 168 // Force everything to be written to disk, triggering the PrefHashFilter | 180 // Force everything to be written to disk, triggering the PrefHashFilter |
| 169 // while our RegistryVerifier is watching. | 181 // while our RegistryVerifier is watching. |
| 170 pref_store_->CommitPendingWrite(); | 182 pref_store_->CommitPendingWrite(); |
| 171 base::RunLoop().RunUntilIdle(); | 183 base::RunLoop().RunUntilIdle(); |
| 172 | 184 |
| 173 pref_store_->RemoveObserver(®istry_verifier_); | 185 pref_store_->RemoveObserver(®istry_verifier_); |
| 174 pref_store_ = NULL; | 186 pref_store_ = NULL; |
| 175 // Nothing should have to happen on the background threads, but just in | 187 // Nothing should have to happen on the background threads, but just in |
| 176 // case... | 188 // case... |
| 177 base::RunLoop().RunUntilIdle(); | 189 base::RunLoop().RunUntilIdle(); |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 300 EXPECT_EQ(ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, | 312 EXPECT_EQ(ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 301 WasResetRecorded()); | 313 WasResetRecorded()); |
| 302 | 314 |
| 303 ExpectValidationObserved(kTrackedAtomic); | 315 ExpectValidationObserved(kTrackedAtomic); |
| 304 ExpectValidationObserved(kProtectedAtomic); | 316 ExpectValidationObserved(kProtectedAtomic); |
| 305 } | 317 } |
| 306 | 318 |
| 307 TEST_F(ProfilePrefStoreManagerTest, MigrateFromOneFile) { | 319 TEST_F(ProfilePrefStoreManagerTest, MigrateFromOneFile) { |
| 308 InitializeDeprecatedCombinedProfilePrefStore(); | 320 InitializeDeprecatedCombinedProfilePrefStore(); |
| 309 | 321 |
| 322 // The deprecated model stores hashes in local state (on supported |
| 323 // platforms).. |
| 324 ASSERT_EQ( |
| 325 ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 326 local_state_.GetUserPrefValue( |
| 327 PrefServiceHashStoreContents::kProfilePreferenceHashes) != NULL); |
| 328 |
| 310 LoadExistingPrefs(); | 329 LoadExistingPrefs(); |
| 311 | 330 |
| 331 // After a first migration, the hashes were copied to the two user preference |
| 332 // files but were not cleaned. |
| 333 ASSERT_EQ( |
| 334 ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 335 local_state_.GetUserPrefValue( |
| 336 PrefServiceHashStoreContents::kProfilePreferenceHashes) != NULL); |
| 337 |
| 338 ExpectStringValueEquals(kTrackedAtomic, kFoobar); |
| 339 ExpectStringValueEquals(kProtectedAtomic, kHelloWorld); |
| 340 EXPECT_FALSE(WasResetRecorded()); |
| 341 |
| 342 LoadExistingPrefs(); |
| 343 |
| 344 // In a subsequent launch, the local state hash store should be reset. |
| 345 ASSERT_FALSE(local_state_.GetUserPrefValue( |
| 346 PrefServiceHashStoreContents::kProfilePreferenceHashes)); |
| 347 |
| 312 ExpectStringValueEquals(kTrackedAtomic, kFoobar); | 348 ExpectStringValueEquals(kTrackedAtomic, kFoobar); |
| 313 ExpectStringValueEquals(kProtectedAtomic, kHelloWorld); | 349 ExpectStringValueEquals(kProtectedAtomic, kHelloWorld); |
| 314 EXPECT_FALSE(WasResetRecorded()); | 350 EXPECT_FALSE(WasResetRecorded()); |
| 315 } | 351 } |
| 316 | 352 |
| 353 TEST_F(ProfilePrefStoreManagerTest, MigrateWithTampering) { |
| 354 InitializeDeprecatedCombinedProfilePrefStore(); |
| 355 |
| 356 ReplaceStringInPrefs(kFoobar, kBarfoo); |
| 357 ReplaceStringInPrefs(kHelloWorld, kGoodbyeWorld); |
| 358 |
| 359 // The deprecated model stores hashes in local state (on supported |
| 360 // platforms).. |
| 361 ASSERT_EQ( |
| 362 ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 363 local_state_.GetUserPrefValue( |
| 364 PrefServiceHashStoreContents::kProfilePreferenceHashes) != NULL); |
| 365 |
| 366 LoadExistingPrefs(); |
| 367 |
| 368 // After a first migration, the hashes were copied to the two user preference |
| 369 // files but were not cleaned. |
| 370 ASSERT_EQ( |
| 371 ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 372 local_state_.GetUserPrefValue( |
| 373 PrefServiceHashStoreContents::kProfilePreferenceHashes) != NULL); |
| 374 |
| 375 // kTrackedAtomic is unprotected and thus will be loaded as it appears on |
| 376 // disk. |
| 377 ExpectStringValueEquals(kTrackedAtomic, kBarfoo); |
| 378 |
| 379 // If preference tracking is supported, the tampered value of kProtectedAtomic |
| 380 // will be discarded at load time, leaving this preference undefined. |
| 381 EXPECT_NE(ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 382 pref_store_->GetValue(kProtectedAtomic, NULL)); |
| 383 EXPECT_EQ(ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 384 WasResetRecorded()); |
| 385 |
| 386 LoadExistingPrefs(); |
| 387 |
| 388 // In a subsequent launch, the local state hash store would be reset. |
| 389 ASSERT_FALSE(local_state_.GetUserPrefValue( |
| 390 PrefServiceHashStoreContents::kProfilePreferenceHashes)); |
| 391 |
| 392 ExpectStringValueEquals(kTrackedAtomic, kBarfoo); |
| 393 EXPECT_FALSE(WasResetRecorded()); |
| 394 } |
| 395 |
| 317 TEST_F(ProfilePrefStoreManagerTest, InitializePrefsFromMasterPrefs) { | 396 TEST_F(ProfilePrefStoreManagerTest, InitializePrefsFromMasterPrefs) { |
| 318 base::DictionaryValue master_prefs; | 397 base::DictionaryValue master_prefs; |
| 319 master_prefs.Set(kTrackedAtomic, new base::StringValue(kFoobar)); | 398 master_prefs.Set(kTrackedAtomic, new base::StringValue(kFoobar)); |
| 320 master_prefs.Set(kProtectedAtomic, new base::StringValue(kHelloWorld)); | 399 master_prefs.Set(kProtectedAtomic, new base::StringValue(kHelloWorld)); |
| 321 EXPECT_TRUE(manager_->InitializePrefsFromMasterPrefs(master_prefs)); | 400 EXPECT_TRUE(manager_->InitializePrefsFromMasterPrefs(master_prefs)); |
| 322 | 401 |
| 323 LoadExistingPrefs(); | 402 LoadExistingPrefs(); |
| 324 | 403 |
| 325 // Verify that InitializePrefsFromMasterPrefs correctly applied the MACs | 404 // Verify that InitializePrefsFromMasterPrefs correctly applied the MACs |
| 326 // necessary to authenticate these values. | 405 // necessary to authenticate these values. |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 368 // It's protected now, so (if the platform supports it) any tampering should | 447 // It's protected now, so (if the platform supports it) any tampering should |
| 369 // lead to a reset. | 448 // lead to a reset. |
| 370 ReplaceStringInPrefs(kBarfoo, kFoobar); | 449 ReplaceStringInPrefs(kBarfoo, kFoobar); |
| 371 LoadExistingPrefs(); | 450 LoadExistingPrefs(); |
| 372 EXPECT_NE(ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, | 451 EXPECT_NE(ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 373 pref_store_->GetValue(kUnprotectedPref, NULL)); | 452 pref_store_->GetValue(kUnprotectedPref, NULL)); |
| 374 EXPECT_EQ(ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, | 453 EXPECT_EQ(ProfilePrefStoreManager::kPlatformSupportsPreferenceTracking, |
| 375 WasResetRecorded()); | 454 WasResetRecorded()); |
| 376 } | 455 } |
| 377 | 456 |
| 457 TEST_F(ProfilePrefStoreManagerTest, NewPrefWhenFirstProtecting) { |
| 458 std::vector<PrefHashFilter::TrackedPreferenceMetadata> |
| 459 original_configuration = configuration_; |
| 460 for (std::vector<PrefHashFilter::TrackedPreferenceMetadata>::iterator it = |
| 461 configuration_.begin(); |
| 462 it != configuration_.end(); |
| 463 ++it) { |
| 464 it->enforcement_level = PrefHashFilter::NO_ENFORCEMENT; |
| 465 } |
| 466 ReloadConfiguration(); |
| 467 |
| 468 InitializePrefs(); |
| 469 |
| 470 ExpectValidationObserved(kTrackedAtomic); |
| 471 ExpectValidationObserved(kProtectedAtomic); |
| 472 |
| 473 LoadExistingPrefs(); |
| 474 ExpectStringValueEquals(kUnprotectedPref, kFoobar); |
| 475 |
| 476 // Ensure everything is written out to disk. |
| 477 DestroyPrefStore(); |
| 478 |
| 479 // Now introduce protection, including the never-before tracked "new_pref". |
| 480 configuration_ = original_configuration; |
| 481 PrefHashFilter::TrackedPreferenceMetadata new_protected = { |
| 482 kExtraReportingId, kUnprotectedPref, PrefHashFilter::ENFORCE_ON_LOAD, |
| 483 PrefHashFilter::TRACKING_STRATEGY_ATOMIC}; |
| 484 configuration_.push_back(new_protected); |
| 485 ReloadConfiguration(); |
| 486 |
| 487 // And try loading with the new configuration. |
| 488 LoadExistingPrefs(); |
| 489 |
| 490 // Since there was a valid super MAC we were able to extend the existing trust |
| 491 // to the newly tracked & protected preference. |
| 492 ExpectStringValueEquals(kUnprotectedPref, kFoobar); |
| 493 EXPECT_FALSE(WasResetRecorded()); |
| 494 } |
| 495 |
| 378 TEST_F(ProfilePrefStoreManagerTest, UnprotectedToProtectedWithoutTrust) { | 496 TEST_F(ProfilePrefStoreManagerTest, UnprotectedToProtectedWithoutTrust) { |
| 379 InitializePrefs(); | 497 InitializePrefs(); |
| 380 | 498 |
| 381 ExpectValidationObserved(kTrackedAtomic); | 499 ExpectValidationObserved(kTrackedAtomic); |
| 382 ExpectValidationObserved(kProtectedAtomic); | 500 ExpectValidationObserved(kProtectedAtomic); |
| 383 | 501 |
| 384 // Now update the configuration to protect it. | 502 // Now update the configuration to protect it. |
| 385 PrefHashFilter::TrackedPreferenceMetadata new_protected = { | 503 PrefHashFilter::TrackedPreferenceMetadata new_protected = { |
| 386 kExtraReportingId, kUnprotectedPref, PrefHashFilter::ENFORCE_ON_LOAD, | 504 kExtraReportingId, kUnprotectedPref, PrefHashFilter::ENFORCE_ON_LOAD, |
| 387 PrefHashFilter::TRACKING_STRATEGY_ATOMIC}; | 505 PrefHashFilter::TRACKING_STRATEGY_ATOMIC}; |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 435 LoadExistingPrefs(); | 553 LoadExistingPrefs(); |
| 436 ExpectStringValueEquals(kProtectedAtomic, kHelloWorld); | 554 ExpectStringValueEquals(kProtectedAtomic, kHelloWorld); |
| 437 | 555 |
| 438 // Trigger the logic that migrates it back to the unprotected preferences | 556 // Trigger the logic that migrates it back to the unprotected preferences |
| 439 // file. | 557 // file. |
| 440 pref_store_->SetValue(kProtectedAtomic, new base::StringValue(kGoodbyeWorld)); | 558 pref_store_->SetValue(kProtectedAtomic, new base::StringValue(kGoodbyeWorld)); |
| 441 LoadExistingPrefs(); | 559 LoadExistingPrefs(); |
| 442 ExpectStringValueEquals(kProtectedAtomic, kGoodbyeWorld); | 560 ExpectStringValueEquals(kProtectedAtomic, kGoodbyeWorld); |
| 443 EXPECT_FALSE(WasResetRecorded()); | 561 EXPECT_FALSE(WasResetRecorded()); |
| 444 } | 562 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 324493002:
Move preference MACs to the protected preference stores. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src