OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "base/files/file_util.h" | 9 #include "base/files/file_util.h" |
10 #include "base/json/json_file_value_serializer.h" | 10 #include "base/json/json_file_value_serializer.h" |
(...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
140 PROTECTION_ENABLED_EXTENSIONS, | 140 PROTECTION_ENABLED_EXTENSIONS, |
141 // Represents the strongest level (i.e. always equivalent to the last one in | 141 // Represents the strongest level (i.e. always equivalent to the last one in |
142 // terms of protection), leave this one last when adding new levels. | 142 // terms of protection), leave this one last when adding new levels. |
143 PROTECTION_ENABLED_ALL | 143 PROTECTION_ENABLED_ALL |
144 }; | 144 }; |
145 | 145 |
146 PrefHashBrowserTestBase() | 146 PrefHashBrowserTestBase() |
147 : protection_level_(GetProtectionLevelFromTrialGroup(GetParam())) { | 147 : protection_level_(GetProtectionLevelFromTrialGroup(GetParam())) { |
148 } | 148 } |
149 | 149 |
150 virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE { | 150 virtual void SetUpCommandLine(CommandLine* command_line) override { |
151 ExtensionBrowserTest::SetUpCommandLine(command_line); | 151 ExtensionBrowserTest::SetUpCommandLine(command_line); |
152 EXPECT_FALSE(command_line->HasSwitch(switches::kForceFieldTrials)); | 152 EXPECT_FALSE(command_line->HasSwitch(switches::kForceFieldTrials)); |
153 command_line->AppendSwitchASCII( | 153 command_line->AppendSwitchASCII( |
154 switches::kForceFieldTrials, | 154 switches::kForceFieldTrials, |
155 std::string(chrome_prefs::internals::kSettingsEnforcementTrialName) + | 155 std::string(chrome_prefs::internals::kSettingsEnforcementTrialName) + |
156 "/" + GetParam() + "/"); | 156 "/" + GetParam() + "/"); |
157 #if defined(OS_CHROMEOS) | 157 #if defined(OS_CHROMEOS) |
158 command_line->AppendSwitch( | 158 command_line->AppendSwitch( |
159 chromeos::switches::kIgnoreUserProfileMappingForTests); | 159 chromeos::switches::kIgnoreUserProfileMappingForTests); |
160 #endif | 160 #endif |
161 } | 161 } |
162 | 162 |
163 virtual bool SetUpUserDataDirectory() OVERRIDE { | 163 virtual bool SetUpUserDataDirectory() override { |
164 // Do the normal setup in the PRE test and attack preferences in the main | 164 // Do the normal setup in the PRE test and attack preferences in the main |
165 // test. | 165 // test. |
166 if (IsPRETest()) | 166 if (IsPRETest()) |
167 return ExtensionBrowserTest::SetUpUserDataDirectory(); | 167 return ExtensionBrowserTest::SetUpUserDataDirectory(); |
168 | 168 |
169 #if defined(OS_CHROMEOS) | 169 #if defined(OS_CHROMEOS) |
170 // For some reason, the Preferences file does not exist in the location | 170 // For some reason, the Preferences file does not exist in the location |
171 // below on Chrome OS. Since protection is disabled on Chrome OS, it's okay | 171 // below on Chrome OS. Since protection is disabled on Chrome OS, it's okay |
172 // to simply not attack preferences at all (and still assert that no | 172 // to simply not attack preferences at all (and still assert that no |
173 // hardening related histogram kicked in in VerifyReactionToPrefAttack()). | 173 // hardening related histogram kicked in in VerifyReactionToPrefAttack()). |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
224 JSONFileValueSerializer protected_prefs_serializer(protected_pref_file); | 224 JSONFileValueSerializer protected_prefs_serializer(protected_pref_file); |
225 EXPECT_TRUE(protected_prefs_serializer.Serialize(*protected_preferences)); | 225 EXPECT_TRUE(protected_prefs_serializer.Serialize(*protected_preferences)); |
226 } | 226 } |
227 | 227 |
228 return true; | 228 return true; |
229 } | 229 } |
230 | 230 |
231 // In the PRE_ test, find the number of tracked preferences that were | 231 // In the PRE_ test, find the number of tracked preferences that were |
232 // initialized and save it to a file to be read back in the main test and used | 232 // initialized and save it to a file to be read back in the main test and used |
233 // as the total number of tracked preferences. | 233 // as the total number of tracked preferences. |
234 virtual void SetUpOnMainThread() OVERRIDE { | 234 virtual void SetUpOnMainThread() override { |
235 ExtensionBrowserTest::SetUpOnMainThread(); | 235 ExtensionBrowserTest::SetUpOnMainThread(); |
236 | 236 |
237 // File in which the PRE_ test will save the number of tracked preferences | 237 // File in which the PRE_ test will save the number of tracked preferences |
238 // on this platform. | 238 // on this platform. |
239 const char kNumTrackedPrefFilename[] = "NumTrackedPrefs"; | 239 const char kNumTrackedPrefFilename[] = "NumTrackedPrefs"; |
240 | 240 |
241 base::FilePath num_tracked_prefs_file; | 241 base::FilePath num_tracked_prefs_file; |
242 ASSERT_TRUE( | 242 ASSERT_TRUE( |
243 PathService::Get(chrome::DIR_USER_DATA, &num_tracked_prefs_file)); | 243 PathService::Get(chrome::DIR_USER_DATA, &num_tracked_prefs_file)); |
244 num_tracked_prefs_file = | 244 num_tracked_prefs_file = |
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
347 | 347 |
348 int num_tracked_prefs_; | 348 int num_tracked_prefs_; |
349 }; | 349 }; |
350 | 350 |
351 } // namespace | 351 } // namespace |
352 | 352 |
353 // Verifies that nothing is reset when nothing is tampered with. | 353 // Verifies that nothing is reset when nothing is tampered with. |
354 // Also sanity checks that the expected preferences files are in place. | 354 // Also sanity checks that the expected preferences files are in place. |
355 class PrefHashBrowserTestUnchangedDefault : public PrefHashBrowserTestBase { | 355 class PrefHashBrowserTestUnchangedDefault : public PrefHashBrowserTestBase { |
356 public: | 356 public: |
357 virtual void SetupPreferences() OVERRIDE { | 357 virtual void SetupPreferences() override { |
358 // Default Chrome setup. | 358 // Default Chrome setup. |
359 } | 359 } |
360 | 360 |
361 virtual void AttackPreferencesOnDisk( | 361 virtual void AttackPreferencesOnDisk( |
362 base::DictionaryValue* unprotected_preferences, | 362 base::DictionaryValue* unprotected_preferences, |
363 base::DictionaryValue* protected_preferences) OVERRIDE { | 363 base::DictionaryValue* protected_preferences) override { |
364 // No attack. | 364 // No attack. |
365 } | 365 } |
366 | 366 |
367 virtual void VerifyReactionToPrefAttack() OVERRIDE { | 367 virtual void VerifyReactionToPrefAttack() override { |
368 // Expect all prefs to be reported as Unchanged with no resets. | 368 // Expect all prefs to be reported as Unchanged with no resets. |
369 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM | 369 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM |
370 ? num_tracked_prefs() : 0, | 370 ? num_tracked_prefs() : 0, |
371 GetTrackedPrefHistogramCount( | 371 GetTrackedPrefHistogramCount( |
372 "Settings.TrackedPreferenceUnchanged", ALLOW_ANY)); | 372 "Settings.TrackedPreferenceUnchanged", ALLOW_ANY)); |
373 EXPECT_EQ(0, | 373 EXPECT_EQ(0, |
374 GetTrackedPrefHistogramCount( | 374 GetTrackedPrefHistogramCount( |
375 "Settings.TrackedPreferenceWantedReset", ALLOW_NONE)); | 375 "Settings.TrackedPreferenceWantedReset", ALLOW_NONE)); |
376 EXPECT_EQ(0, | 376 EXPECT_EQ(0, |
377 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceReset", | 377 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceReset", |
(...skipping 23 matching lines...) Expand all Loading... |
401 }; | 401 }; |
402 | 402 |
403 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUnchangedDefault, UnchangedDefault); | 403 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUnchangedDefault, UnchangedDefault); |
404 | 404 |
405 // Augments PrefHashBrowserTestUnchangedDefault to confirm that nothing is reset | 405 // Augments PrefHashBrowserTestUnchangedDefault to confirm that nothing is reset |
406 // when nothing is tampered with, even if Chrome itself wrote custom prefs in | 406 // when nothing is tampered with, even if Chrome itself wrote custom prefs in |
407 // its last run. | 407 // its last run. |
408 class PrefHashBrowserTestUnchangedCustom | 408 class PrefHashBrowserTestUnchangedCustom |
409 : public PrefHashBrowserTestUnchangedDefault { | 409 : public PrefHashBrowserTestUnchangedDefault { |
410 public: | 410 public: |
411 virtual void SetupPreferences() OVERRIDE { | 411 virtual void SetupPreferences() override { |
412 profile()->GetPrefs()->SetString(prefs::kHomePage, "http://example.com"); | 412 profile()->GetPrefs()->SetString(prefs::kHomePage, "http://example.com"); |
413 | 413 |
414 InstallExtensionWithUIAutoConfirm( | 414 InstallExtensionWithUIAutoConfirm( |
415 test_data_dir_.AppendASCII("good.crx"), 1, browser()); | 415 test_data_dir_.AppendASCII("good.crx"), 1, browser()); |
416 } | 416 } |
417 | 417 |
418 virtual void VerifyReactionToPrefAttack() OVERRIDE { | 418 virtual void VerifyReactionToPrefAttack() override { |
419 // Make sure the settings written in the last run stuck. | 419 // Make sure the settings written in the last run stuck. |
420 EXPECT_EQ("http://example.com", | 420 EXPECT_EQ("http://example.com", |
421 profile()->GetPrefs()->GetString(prefs::kHomePage)); | 421 profile()->GetPrefs()->GetString(prefs::kHomePage)); |
422 | 422 |
423 EXPECT_TRUE(extension_service()->GetExtensionById(kGoodCrxId, false)); | 423 EXPECT_TRUE(extension_service()->GetExtensionById(kGoodCrxId, false)); |
424 | 424 |
425 // Reaction should be identical to unattacked default prefs. | 425 // Reaction should be identical to unattacked default prefs. |
426 PrefHashBrowserTestUnchangedDefault::VerifyReactionToPrefAttack(); | 426 PrefHashBrowserTestUnchangedDefault::VerifyReactionToPrefAttack(); |
427 } | 427 } |
428 }; | 428 }; |
429 | 429 |
430 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUnchangedCustom, UnchangedCustom); | 430 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUnchangedCustom, UnchangedCustom); |
431 | 431 |
432 // Verifies that cleared prefs are reported. | 432 // Verifies that cleared prefs are reported. |
433 class PrefHashBrowserTestClearedAtomic : public PrefHashBrowserTestBase { | 433 class PrefHashBrowserTestClearedAtomic : public PrefHashBrowserTestBase { |
434 public: | 434 public: |
435 virtual void SetupPreferences() OVERRIDE { | 435 virtual void SetupPreferences() override { |
436 profile()->GetPrefs()->SetString(prefs::kHomePage, "http://example.com"); | 436 profile()->GetPrefs()->SetString(prefs::kHomePage, "http://example.com"); |
437 } | 437 } |
438 | 438 |
439 virtual void AttackPreferencesOnDisk( | 439 virtual void AttackPreferencesOnDisk( |
440 base::DictionaryValue* unprotected_preferences, | 440 base::DictionaryValue* unprotected_preferences, |
441 base::DictionaryValue* protected_preferences) OVERRIDE { | 441 base::DictionaryValue* protected_preferences) override { |
442 base::DictionaryValue* selected_prefs = | 442 base::DictionaryValue* selected_prefs = |
443 protection_level_ >= PROTECTION_ENABLED_BASIC ? protected_preferences | 443 protection_level_ >= PROTECTION_ENABLED_BASIC ? protected_preferences |
444 : unprotected_preferences; | 444 : unprotected_preferences; |
445 // |selected_prefs| should never be NULL under the protection level picking | 445 // |selected_prefs| should never be NULL under the protection level picking |
446 // it. | 446 // it. |
447 EXPECT_TRUE(selected_prefs); | 447 EXPECT_TRUE(selected_prefs); |
448 EXPECT_TRUE(selected_prefs->Remove(prefs::kHomePage, NULL)); | 448 EXPECT_TRUE(selected_prefs->Remove(prefs::kHomePage, NULL)); |
449 } | 449 } |
450 | 450 |
451 virtual void VerifyReactionToPrefAttack() OVERRIDE { | 451 virtual void VerifyReactionToPrefAttack() override { |
452 // The clearance of homepage should have been noticed (as pref #2 being | 452 // The clearance of homepage should have been noticed (as pref #2 being |
453 // cleared), but shouldn't have triggered a reset (as there is nothing we | 453 // cleared), but shouldn't have triggered a reset (as there is nothing we |
454 // can do when the pref is already gone). | 454 // can do when the pref is already gone). |
455 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM ? 1 : 0, | 455 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM ? 1 : 0, |
456 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceCleared", | 456 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceCleared", |
457 BEGIN_ALLOW_SINGLE_BUCKET + 2)); | 457 BEGIN_ALLOW_SINGLE_BUCKET + 2)); |
458 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM | 458 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM |
459 ? num_tracked_prefs() - 1 : 0, | 459 ? num_tracked_prefs() - 1 : 0, |
460 GetTrackedPrefHistogramCount( | 460 GetTrackedPrefHistogramCount( |
461 "Settings.TrackedPreferenceUnchanged", ALLOW_ANY)); | 461 "Settings.TrackedPreferenceUnchanged", ALLOW_ANY)); |
(...skipping 23 matching lines...) Expand all Loading... |
485 "Settings.TrackedPreferenceMigratedLegacyDeviceId", ALLOW_NONE)); | 485 "Settings.TrackedPreferenceMigratedLegacyDeviceId", ALLOW_NONE)); |
486 } | 486 } |
487 }; | 487 }; |
488 | 488 |
489 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestClearedAtomic, ClearedAtomic); | 489 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestClearedAtomic, ClearedAtomic); |
490 | 490 |
491 // Verifies that clearing the MACs results in untrusted Initialized pings for | 491 // Verifies that clearing the MACs results in untrusted Initialized pings for |
492 // non-null protected prefs. | 492 // non-null protected prefs. |
493 class PrefHashBrowserTestUntrustedInitialized : public PrefHashBrowserTestBase { | 493 class PrefHashBrowserTestUntrustedInitialized : public PrefHashBrowserTestBase { |
494 public: | 494 public: |
495 virtual void SetupPreferences() OVERRIDE { | 495 virtual void SetupPreferences() override { |
496 // Explicitly set the DSE (it's otherwise NULL by default, preventing | 496 // Explicitly set the DSE (it's otherwise NULL by default, preventing |
497 // thorough testing of the PROTECTION_ENABLED_DSE level). | 497 // thorough testing of the PROTECTION_ENABLED_DSE level). |
498 DefaultSearchManager default_search_manager( | 498 DefaultSearchManager default_search_manager( |
499 profile()->GetPrefs(), DefaultSearchManager::ObserverCallback()); | 499 profile()->GetPrefs(), DefaultSearchManager::ObserverCallback()); |
500 DefaultSearchManager::Source dse_source = | 500 DefaultSearchManager::Source dse_source = |
501 static_cast<DefaultSearchManager::Source>(-1); | 501 static_cast<DefaultSearchManager::Source>(-1); |
502 | 502 |
503 const TemplateURLData* default_template_url_data = | 503 const TemplateURLData* default_template_url_data = |
504 default_search_manager.GetDefaultSearchEngine(&dse_source); | 504 default_search_manager.GetDefaultSearchEngine(&dse_source); |
505 EXPECT_EQ(DefaultSearchManager::FROM_FALLBACK, dse_source); | 505 EXPECT_EQ(DefaultSearchManager::FROM_FALLBACK, dse_source); |
506 | 506 |
507 default_search_manager.SetUserSelectedDefaultSearchEngine( | 507 default_search_manager.SetUserSelectedDefaultSearchEngine( |
508 *default_template_url_data); | 508 *default_template_url_data); |
509 | 509 |
510 default_search_manager.GetDefaultSearchEngine(&dse_source); | 510 default_search_manager.GetDefaultSearchEngine(&dse_source); |
511 EXPECT_EQ(DefaultSearchManager::FROM_USER, dse_source); | 511 EXPECT_EQ(DefaultSearchManager::FROM_USER, dse_source); |
512 | 512 |
513 // Also explicitly set an atomic pref that falls under | 513 // Also explicitly set an atomic pref that falls under |
514 // PROTECTION_ENABLED_BASIC. | 514 // PROTECTION_ENABLED_BASIC. |
515 profile()->GetPrefs()->SetInteger(prefs::kRestoreOnStartup, | 515 profile()->GetPrefs()->SetInteger(prefs::kRestoreOnStartup, |
516 SessionStartupPref::URLS); | 516 SessionStartupPref::URLS); |
517 } | 517 } |
518 | 518 |
519 virtual void AttackPreferencesOnDisk( | 519 virtual void AttackPreferencesOnDisk( |
520 base::DictionaryValue* unprotected_preferences, | 520 base::DictionaryValue* unprotected_preferences, |
521 base::DictionaryValue* protected_preferences) OVERRIDE { | 521 base::DictionaryValue* protected_preferences) override { |
522 EXPECT_TRUE(unprotected_preferences->Remove("protection.macs", NULL)); | 522 EXPECT_TRUE(unprotected_preferences->Remove("protection.macs", NULL)); |
523 if (protected_preferences) | 523 if (protected_preferences) |
524 EXPECT_TRUE(protected_preferences->Remove("protection.macs", NULL)); | 524 EXPECT_TRUE(protected_preferences->Remove("protection.macs", NULL)); |
525 } | 525 } |
526 | 526 |
527 virtual void VerifyReactionToPrefAttack() OVERRIDE { | 527 virtual void VerifyReactionToPrefAttack() override { |
528 // Preferences that are NULL by default will be NullInitialized. | 528 // Preferences that are NULL by default will be NullInitialized. |
529 int num_null_values = GetTrackedPrefHistogramCount( | 529 int num_null_values = GetTrackedPrefHistogramCount( |
530 "Settings.TrackedPreferenceNullInitialized", ALLOW_ANY); | 530 "Settings.TrackedPreferenceNullInitialized", ALLOW_ANY); |
531 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM, | 531 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM, |
532 num_null_values > 0); | 532 num_null_values > 0); |
533 if (num_null_values > 0) { | 533 if (num_null_values > 0) { |
534 // This test requires that at least 3 prefs be non-null (extensions, DSE, | 534 // This test requires that at least 3 prefs be non-null (extensions, DSE, |
535 // and 1 atomic pref explictly set for this test above). | 535 // and 1 atomic pref explictly set for this test above). |
536 EXPECT_GE(num_tracked_prefs() - num_null_values, 3); | 536 EXPECT_GE(num_tracked_prefs() - num_null_values, 3); |
537 } | 537 } |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
606 } | 606 } |
607 }; | 607 }; |
608 | 608 |
609 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUntrustedInitialized, | 609 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUntrustedInitialized, |
610 UntrustedInitialized); | 610 UntrustedInitialized); |
611 | 611 |
612 // Verifies that changing an atomic pref results in it being reported (and reset | 612 // Verifies that changing an atomic pref results in it being reported (and reset |
613 // if the protection level allows it). | 613 // if the protection level allows it). |
614 class PrefHashBrowserTestChangedAtomic : public PrefHashBrowserTestBase { | 614 class PrefHashBrowserTestChangedAtomic : public PrefHashBrowserTestBase { |
615 public: | 615 public: |
616 virtual void SetupPreferences() OVERRIDE { | 616 virtual void SetupPreferences() override { |
617 profile()->GetPrefs()->SetInteger(prefs::kRestoreOnStartup, | 617 profile()->GetPrefs()->SetInteger(prefs::kRestoreOnStartup, |
618 SessionStartupPref::URLS); | 618 SessionStartupPref::URLS); |
619 | 619 |
620 ListPrefUpdate update(profile()->GetPrefs(), | 620 ListPrefUpdate update(profile()->GetPrefs(), |
621 prefs::kURLsToRestoreOnStartup); | 621 prefs::kURLsToRestoreOnStartup); |
622 update->AppendString("http://example.com"); | 622 update->AppendString("http://example.com"); |
623 } | 623 } |
624 | 624 |
625 virtual void AttackPreferencesOnDisk( | 625 virtual void AttackPreferencesOnDisk( |
626 base::DictionaryValue* unprotected_preferences, | 626 base::DictionaryValue* unprotected_preferences, |
627 base::DictionaryValue* protected_preferences) OVERRIDE { | 627 base::DictionaryValue* protected_preferences) override { |
628 base::DictionaryValue* selected_prefs = | 628 base::DictionaryValue* selected_prefs = |
629 protection_level_ >= PROTECTION_ENABLED_BASIC ? protected_preferences | 629 protection_level_ >= PROTECTION_ENABLED_BASIC ? protected_preferences |
630 : unprotected_preferences; | 630 : unprotected_preferences; |
631 // |selected_prefs| should never be NULL under the protection level picking | 631 // |selected_prefs| should never be NULL under the protection level picking |
632 // it. | 632 // it. |
633 EXPECT_TRUE(selected_prefs); | 633 EXPECT_TRUE(selected_prefs); |
634 base::ListValue* startup_urls; | 634 base::ListValue* startup_urls; |
635 EXPECT_TRUE( | 635 EXPECT_TRUE( |
636 selected_prefs->GetList(prefs::kURLsToRestoreOnStartup, &startup_urls)); | 636 selected_prefs->GetList(prefs::kURLsToRestoreOnStartup, &startup_urls)); |
637 EXPECT_TRUE(startup_urls); | 637 EXPECT_TRUE(startup_urls); |
638 EXPECT_EQ(1U, startup_urls->GetSize()); | 638 EXPECT_EQ(1U, startup_urls->GetSize()); |
639 startup_urls->AppendString("http://example.org"); | 639 startup_urls->AppendString("http://example.org"); |
640 } | 640 } |
641 | 641 |
642 virtual void VerifyReactionToPrefAttack() OVERRIDE { | 642 virtual void VerifyReactionToPrefAttack() override { |
643 // Expect a single Changed event for tracked pref #4 (startup URLs). | 643 // Expect a single Changed event for tracked pref #4 (startup URLs). |
644 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM ? 1 : 0, | 644 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM ? 1 : 0, |
645 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceChanged", | 645 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceChanged", |
646 BEGIN_ALLOW_SINGLE_BUCKET + 4)); | 646 BEGIN_ALLOW_SINGLE_BUCKET + 4)); |
647 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM | 647 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM |
648 ? num_tracked_prefs() - 1 : 0, | 648 ? num_tracked_prefs() - 1 : 0, |
649 GetTrackedPrefHistogramCount( | 649 GetTrackedPrefHistogramCount( |
650 "Settings.TrackedPreferenceUnchanged", ALLOW_ANY)); | 650 "Settings.TrackedPreferenceUnchanged", ALLOW_ANY)); |
651 | 651 |
652 EXPECT_EQ( | 652 EXPECT_EQ( |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
688 "Settings.TrackedPreferenceMigratedLegacyDeviceId", ALLOW_NONE)); | 688 "Settings.TrackedPreferenceMigratedLegacyDeviceId", ALLOW_NONE)); |
689 } | 689 } |
690 }; | 690 }; |
691 | 691 |
692 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestChangedAtomic, ChangedAtomic); | 692 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestChangedAtomic, ChangedAtomic); |
693 | 693 |
694 // Verifies that changing or adding an entry in a split pref results in both | 694 // Verifies that changing or adding an entry in a split pref results in both |
695 // items being reported (and remove if the protection level allows it). | 695 // items being reported (and remove if the protection level allows it). |
696 class PrefHashBrowserTestChangedSplitPref : public PrefHashBrowserTestBase { | 696 class PrefHashBrowserTestChangedSplitPref : public PrefHashBrowserTestBase { |
697 public: | 697 public: |
698 virtual void SetupPreferences() OVERRIDE { | 698 virtual void SetupPreferences() override { |
699 InstallExtensionWithUIAutoConfirm( | 699 InstallExtensionWithUIAutoConfirm( |
700 test_data_dir_.AppendASCII("good.crx"), 1, browser()); | 700 test_data_dir_.AppendASCII("good.crx"), 1, browser()); |
701 } | 701 } |
702 | 702 |
703 virtual void AttackPreferencesOnDisk( | 703 virtual void AttackPreferencesOnDisk( |
704 base::DictionaryValue* unprotected_preferences, | 704 base::DictionaryValue* unprotected_preferences, |
705 base::DictionaryValue* protected_preferences) OVERRIDE { | 705 base::DictionaryValue* protected_preferences) override { |
706 base::DictionaryValue* selected_prefs = | 706 base::DictionaryValue* selected_prefs = |
707 protection_level_ >= PROTECTION_ENABLED_EXTENSIONS | 707 protection_level_ >= PROTECTION_ENABLED_EXTENSIONS |
708 ? protected_preferences | 708 ? protected_preferences |
709 : unprotected_preferences; | 709 : unprotected_preferences; |
710 // |selected_prefs| should never be NULL under the protection level picking | 710 // |selected_prefs| should never be NULL under the protection level picking |
711 // it. | 711 // it. |
712 EXPECT_TRUE(selected_prefs); | 712 EXPECT_TRUE(selected_prefs); |
713 base::DictionaryValue* extensions_dict; | 713 base::DictionaryValue* extensions_dict; |
714 EXPECT_TRUE(selected_prefs->GetDictionary( | 714 EXPECT_TRUE(selected_prefs->GetDictionary( |
715 extensions::pref_names::kExtensions, &extensions_dict)); | 715 extensions::pref_names::kExtensions, &extensions_dict)); |
716 EXPECT_TRUE(extensions_dict); | 716 EXPECT_TRUE(extensions_dict); |
717 | 717 |
718 // Tamper with any installed setting for good.crx | 718 // Tamper with any installed setting for good.crx |
719 base::DictionaryValue* good_crx_dict; | 719 base::DictionaryValue* good_crx_dict; |
720 EXPECT_TRUE(extensions_dict->GetDictionary(kGoodCrxId, &good_crx_dict)); | 720 EXPECT_TRUE(extensions_dict->GetDictionary(kGoodCrxId, &good_crx_dict)); |
721 int good_crx_state; | 721 int good_crx_state; |
722 EXPECT_TRUE(good_crx_dict->GetInteger("state", &good_crx_state)); | 722 EXPECT_TRUE(good_crx_dict->GetInteger("state", &good_crx_state)); |
723 EXPECT_EQ(extensions::Extension::ENABLED, good_crx_state); | 723 EXPECT_EQ(extensions::Extension::ENABLED, good_crx_state); |
724 good_crx_dict->SetInteger("state", extensions::Extension::DISABLED); | 724 good_crx_dict->SetInteger("state", extensions::Extension::DISABLED); |
725 | 725 |
726 // Drop a fake extension (for the purpose of this test, dropped settings | 726 // Drop a fake extension (for the purpose of this test, dropped settings |
727 // don't need to be valid extension settings). | 727 // don't need to be valid extension settings). |
728 base::DictionaryValue* fake_extension = new base::DictionaryValue; | 728 base::DictionaryValue* fake_extension = new base::DictionaryValue; |
729 fake_extension->SetString("name", "foo"); | 729 fake_extension->SetString("name", "foo"); |
730 extensions_dict->Set(std::string(32, 'a'), fake_extension); | 730 extensions_dict->Set(std::string(32, 'a'), fake_extension); |
731 } | 731 } |
732 | 732 |
733 virtual void VerifyReactionToPrefAttack() OVERRIDE { | 733 virtual void VerifyReactionToPrefAttack() override { |
734 // Expect a single split pref changed report with a count of 2 for tracked | 734 // Expect a single split pref changed report with a count of 2 for tracked |
735 // pref #5 (extensions). | 735 // pref #5 (extensions). |
736 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM ? 1 : 0, | 736 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM ? 1 : 0, |
737 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceChanged", | 737 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceChanged", |
738 BEGIN_ALLOW_SINGLE_BUCKET + 5)); | 738 BEGIN_ALLOW_SINGLE_BUCKET + 5)); |
739 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM ? 1 : 0, | 739 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM ? 1 : 0, |
740 GetTrackedPrefHistogramCount( | 740 GetTrackedPrefHistogramCount( |
741 "Settings.TrackedSplitPreferenceChanged.extensions.settings", | 741 "Settings.TrackedSplitPreferenceChanged.extensions.settings", |
742 BEGIN_ALLOW_SINGLE_BUCKET + 2)); | 742 BEGIN_ALLOW_SINGLE_BUCKET + 2)); |
743 | 743 |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
781 | 781 |
782 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestChangedSplitPref, ChangedSplitPref); | 782 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestChangedSplitPref, ChangedSplitPref); |
783 | 783 |
784 // Verifies that adding a value to unprotected preferences for a key which is | 784 // Verifies that adding a value to unprotected preferences for a key which is |
785 // still using the default (i.e. has no value stored in protected preferences) | 785 // still using the default (i.e. has no value stored in protected preferences) |
786 // doesn't allow that value to slip in with no valid MAC (regression test for | 786 // doesn't allow that value to slip in with no valid MAC (regression test for |
787 // http://crbug.com/414554) | 787 // http://crbug.com/414554) |
788 class PrefHashBrowserTestUntrustedAdditionToPrefs | 788 class PrefHashBrowserTestUntrustedAdditionToPrefs |
789 : public PrefHashBrowserTestBase { | 789 : public PrefHashBrowserTestBase { |
790 public: | 790 public: |
791 virtual void SetupPreferences() OVERRIDE { | 791 virtual void SetupPreferences() override { |
792 // Ensure there is no user-selected value for kRestoreOnStartup. | 792 // Ensure there is no user-selected value for kRestoreOnStartup. |
793 EXPECT_FALSE( | 793 EXPECT_FALSE( |
794 profile()->GetPrefs()->GetUserPrefValue(prefs::kRestoreOnStartup)); | 794 profile()->GetPrefs()->GetUserPrefValue(prefs::kRestoreOnStartup)); |
795 } | 795 } |
796 | 796 |
797 virtual void AttackPreferencesOnDisk( | 797 virtual void AttackPreferencesOnDisk( |
798 base::DictionaryValue* unprotected_preferences, | 798 base::DictionaryValue* unprotected_preferences, |
799 base::DictionaryValue* protected_preferences) OVERRIDE { | 799 base::DictionaryValue* protected_preferences) override { |
800 unprotected_preferences->SetInteger(prefs::kRestoreOnStartup, | 800 unprotected_preferences->SetInteger(prefs::kRestoreOnStartup, |
801 SessionStartupPref::LAST); | 801 SessionStartupPref::LAST); |
802 } | 802 } |
803 | 803 |
804 virtual void VerifyReactionToPrefAttack() OVERRIDE { | 804 virtual void VerifyReactionToPrefAttack() override { |
805 // Expect a single Changed event for tracked pref #3 (kRestoreOnStartup) if | 805 // Expect a single Changed event for tracked pref #3 (kRestoreOnStartup) if |
806 // not protecting; if protection is enabled the change should be a no-op. | 806 // not protecting; if protection is enabled the change should be a no-op. |
807 int changed_expected = | 807 int changed_expected = |
808 protection_level_ == PROTECTION_DISABLED_FOR_GROUP ? 1 : 0; | 808 protection_level_ == PROTECTION_DISABLED_FOR_GROUP ? 1 : 0; |
809 EXPECT_EQ( | 809 EXPECT_EQ( |
810 (protection_level_ > PROTECTION_DISABLED_ON_PLATFORM && | 810 (protection_level_ > PROTECTION_DISABLED_ON_PLATFORM && |
811 protection_level_ < PROTECTION_ENABLED_BASIC) ? changed_expected : 0, | 811 protection_level_ < PROTECTION_ENABLED_BASIC) ? changed_expected : 0, |
812 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceChanged", | 812 GetTrackedPrefHistogramCount("Settings.TrackedPreferenceChanged", |
813 BEGIN_ALLOW_SINGLE_BUCKET + 3)); | 813 BEGIN_ALLOW_SINGLE_BUCKET + 3)); |
814 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM | 814 EXPECT_EQ(protection_level_ > PROTECTION_DISABLED_ON_PLATFORM |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
847 | 847 |
848 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUntrustedAdditionToPrefs, | 848 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUntrustedAdditionToPrefs, |
849 UntrustedAdditionToPrefs); | 849 UntrustedAdditionToPrefs); |
850 | 850 |
851 // Verifies that adding a value to unprotected preferences while wiping a | 851 // Verifies that adding a value to unprotected preferences while wiping a |
852 // user-selected value from protected preferences doesn't allow that value to | 852 // user-selected value from protected preferences doesn't allow that value to |
853 // slip in with no valid MAC (regression test for http://crbug.com/414554). | 853 // slip in with no valid MAC (regression test for http://crbug.com/414554). |
854 class PrefHashBrowserTestUntrustedAdditionToPrefsAfterWipe | 854 class PrefHashBrowserTestUntrustedAdditionToPrefsAfterWipe |
855 : public PrefHashBrowserTestBase { | 855 : public PrefHashBrowserTestBase { |
856 public: | 856 public: |
857 virtual void SetupPreferences() OVERRIDE { | 857 virtual void SetupPreferences() override { |
858 profile()->GetPrefs()->SetString(prefs::kHomePage, "http://example.com"); | 858 profile()->GetPrefs()->SetString(prefs::kHomePage, "http://example.com"); |
859 } | 859 } |
860 | 860 |
861 virtual void AttackPreferencesOnDisk( | 861 virtual void AttackPreferencesOnDisk( |
862 base::DictionaryValue* unprotected_preferences, | 862 base::DictionaryValue* unprotected_preferences, |
863 base::DictionaryValue* protected_preferences) OVERRIDE { | 863 base::DictionaryValue* protected_preferences) override { |
864 // Set or change the value in Preferences to the attacker's choice. | 864 // Set or change the value in Preferences to the attacker's choice. |
865 unprotected_preferences->SetString(prefs::kHomePage, "http://example.net"); | 865 unprotected_preferences->SetString(prefs::kHomePage, "http://example.net"); |
866 // Clear the value in Secure Preferences, if any. | 866 // Clear the value in Secure Preferences, if any. |
867 if (protected_preferences) | 867 if (protected_preferences) |
868 protected_preferences->Remove(prefs::kHomePage, NULL); | 868 protected_preferences->Remove(prefs::kHomePage, NULL); |
869 } | 869 } |
870 | 870 |
871 virtual void VerifyReactionToPrefAttack() OVERRIDE { | 871 virtual void VerifyReactionToPrefAttack() override { |
872 // Expect a single Changed event for tracked pref #2 (kHomePage) if | 872 // Expect a single Changed event for tracked pref #2 (kHomePage) if |
873 // not protecting; if protection is enabled the change should be a Cleared. | 873 // not protecting; if protection is enabled the change should be a Cleared. |
874 int changed_expected = | 874 int changed_expected = |
875 protection_level_ > PROTECTION_DISABLED_ON_PLATFORM && | 875 protection_level_ > PROTECTION_DISABLED_ON_PLATFORM && |
876 protection_level_ < PROTECTION_ENABLED_BASIC | 876 protection_level_ < PROTECTION_ENABLED_BASIC |
877 ? 1 : 0; | 877 ? 1 : 0; |
878 int cleared_expected = | 878 int cleared_expected = |
879 protection_level_ >= PROTECTION_ENABLED_BASIC | 879 protection_level_ >= PROTECTION_ENABLED_BASIC |
880 ? 1 : 0; | 880 ? 1 : 0; |
881 EXPECT_EQ(changed_expected, | 881 EXPECT_EQ(changed_expected, |
(...skipping 28 matching lines...) Expand all Loading... |
910 "Settings.TrackedPreferenceNullInitialized", ALLOW_NONE)); | 910 "Settings.TrackedPreferenceNullInitialized", ALLOW_NONE)); |
911 EXPECT_EQ( | 911 EXPECT_EQ( |
912 0, | 912 0, |
913 GetTrackedPrefHistogramCount( | 913 GetTrackedPrefHistogramCount( |
914 "Settings.TrackedPreferenceMigratedLegacyDeviceId", ALLOW_NONE)); | 914 "Settings.TrackedPreferenceMigratedLegacyDeviceId", ALLOW_NONE)); |
915 } | 915 } |
916 }; | 916 }; |
917 | 917 |
918 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUntrustedAdditionToPrefsAfterWipe, | 918 PREF_HASH_BROWSER_TEST(PrefHashBrowserTestUntrustedAdditionToPrefsAfterWipe, |
919 UntrustedAdditionToPrefsAfterWipe); | 919 UntrustedAdditionToPrefsAfterWipe); |
OLD | NEW |