New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 689340 link

Starred by 1 user
Status: Verified
Owner:
kinaba@chromium.org
Closed: Feb 2017
Cc:
kinaba@chromium.org
gwendal@chromium.org
uekawa@chromium.org
hashimoto@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug

Blocking:
issue 682951



Sign in to add a comment

ext4crypto: security_ProfilePermissions (will probably) fails.

Project Member Reported by kinaba@chromium.org, Feb 7 2017 
The test is doubly broken as of now so we won't see the failure,
but we will, after  Bug 688258  is fixed and ext4 encryption is enabled.

The point of failure is this if-block:

https://chromium.git.corp.google.com/chromiumos/third_party/autotest/+/0f5a281b5a0af4dbff6da2ba7b4630b689e2d300/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py#115

The test currently passes because is "cryptohome.is_vault_mounted" is broken now under ext4crypto and always returns false.
Once it started working correctly, what it will do inside the block is

* vaultpath =  `/proc/$(pgrep cryptohomed)/mount | grep /home/user/u-hash`[0]
* check the ownership around that path.

The vaultpath is expected to be /home/.shadow/hash/vault on ecryptfs, but is /dev/sda etc on ext4crypto.
The test doesn't work as expected.

Comment 1 by kinaba@chromium.org, Feb 7 2017

Owner: kinaba@chromium.org
Status: Assigned (was: Available)

Comment 2 by kinaba@chromium.org, Feb 8 2017

Status: Started (was: Assigned)
Project Member

Comment 4 by bugdroid1@chromium.org, Feb 15 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/autotest/+/a3bf6450658769b06a732df315fb9c6bcd68033a

commit a3bf6450658769b06a732df315fb9c6bcd68033a
Author: Kazuhiro Inaba <kinaba@chromium.org>
Date: Wed Feb 15 18:47:29 2017

ext4crypto: Update security_ProfilePermissions test to support ext4 crypto.

The test assumed that the 'device' field of mount info of user directory is
/home/.shadow/hash/vault, but that's not the case (actually the directory
does not even exist) on cryptohome implementation using ext4 encryption as
the backend.

This patch changes the test to obtain the shadow path by a simple calculation.

BUG= chromium:689340 
TEST=Run the test both on ecryptfs and ext4crypto devices.

Change-Id: Ia4fc6273881d5794a3945a970b678032eceecfaa
Reviewed-on: https://chromium-review.googlesource.com/439206
Commit-Ready: Kazuhiro Inaba <kinaba@chromium.org>
Tested-by: Kazuhiro Inaba <kinaba@chromium.org>
Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org>

[modify] https://crrev.com/a3bf6450658769b06a732df315fb9c6bcd68033a/client/cros/cryptohome.py
[modify] https://crrev.com/a3bf6450658769b06a732df315fb9c6bcd68033a/client/site_tests/security_ProfilePermissions/security_ProfilePermissions.py

Comment 5 by kinaba@chromium.org, Feb 15 2017

Status: (was: Started)

Comment 6 by kinaba@chromium.org, Feb 15 2017

Status: Fixed

Comment 7 by dhadd...@chromium.org, Apr 11 2017

Status: Verified (was: Fixed)
Test is passing on M58 caroline

Sign in to add a comment