Remove DeviceEcryptfsMigrationStrategy policy code after the devices have migrated |
|||||||||||||||||||
Issue descriptionThe code to migrate the devices to ext4 encryption based on DeviceEcryptfsMigrationStrategy policy that is added to fix crbug.com/722371 will become obsolete after the devices have been migrated. This issue is to keep track of that and remove the code when it becomes obsolete.
,
May 25 2017
Thinking is that this will be when we no longer care about supporting managing the transition from ecryptfs to ext4. Not sure when this is, but probably earlier than EOL.
,
Jun 2 2017
Drew is correct. We are adding these policies so that schools can prevent migration from happening during the school year. We will require them to migrate or wipe during the next summer break (August 2018) and can remove the policies then. Anyone who misses that window will simply get the migration behavior at the start of the 2018/2019 school year.
,
Jul 21 2017
,
Jul 21 2017
Since the functionality for migration has been implemented as user policy, I will start creating CLs to remove the code related to device policy.
,
Jul 28 2017
Cryptohome.HomedirEncryptionType should tell us when we no longer need any migration.
,
Aug 3 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/board-overlays/+/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091 commit 3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091 Author: Igor <igorcov@chromium.org> Date: Thu Aug 03 22:13:57 2017 chromeos-overlay: Remove need-arc-migration-policy-check USE flags. This reverts commit 3aceabc2628edabf2e8c0442137060a327e1d108. Reason for revert: These overlays are using device policy in M-60 to decide if ecryptfs to ext4 migration option is given to the user. Starting from M-61 that functionality is covered by an user policy. To avoid possible conflicts, the functionality that uses the device policy has to be rolled back starting from M-61. BUG= chromium:725493 TEST=None Change-Id: Id88dca04ebe8a1de41c6dd215022e94ace7b8151 Reviewed-on: https://chromium-review.googlesource.com/596287 Commit-Ready: Igor <igorcov@chromium.org> Tested-by: Igor <igorcov@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-lars/profiles/base/make.defaults [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-relm/make.conf [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-kevin/profiles/base/make.defaults [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-celes/make.conf [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-kefka/make.conf [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-cave/profiles/base/make.defaults [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-banon/make.conf [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-elm/profiles/base/make.defaults [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-terra/make.conf [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-asuka/profiles/base/make.defaults [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-reks/make.conf [modify] https://crrev.com/3f427ad56e22d4b5c87b5b2b3f3582e6f74e3091/overlay-hana/profiles/base/make.defaults
,
Aug 4 2017
Requesting to merge back this to 61. In 61 this functionality is covered by an user policy, so the device policy implementation needs to be removed.
,
Aug 4 2017
The bug is marked as P3 or Feature. It should not be merged as M61 is in beta. Please contact the approriate milestone owner if you have questions. Owners: amineer@(Android), cmasso@(iOS), ketakid@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Aug 7 2017
,
Aug 7 2017
This is needed in 61 because there are two implementation of the same functionality, one provided by user policy and other provided by device policy. They might and will end up conflicting for EDU where admins allowed ARC migration.
,
Aug 7 2017
This bug requires manual review: M61 has already been promoted to the beta branch, so this requires manual review Please contact the milestone owner if you have questions. Owners: amineer@(Android), cmasso@(iOS), ketakid@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Aug 7 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/4016485c26034ae9726d408f0c242abb87896faa commit 4016485c26034ae9726d408f0c242abb87896faa Author: Igor <igorcov@chromium.org> Date: Mon Aug 07 20:50:47 2017 Revert "login: need-arc-migration-policy-check flag" This reverts commit 69a3ec7f36f11a0fddc6e6b3083ebc1276358753. Reason for revert: This functionality was needed for device policy implemented in M-60. Starting from M-61 it is covered by an user policy and the flag is not needed. Original change's description: > login: need-arc-migration-policy-check flag > > If arc_policy_migration_check USE flag is enabled, set > need-arc-migration-policy-check. > > BUG= chromium:722371 > TEST=none > > Change-Id: I8741984abc35669edbe8d443d4334d98005a7d8b > Reviewed-on: https://chromium-review.googlesource.com/533236 > Commit-Ready: Igor <igorcov@chromium.org> > Tested-by: Igor <igorcov@chromium.org> > Reviewed-by: Dan Erat <derat@chromium.org> Bug: chromium:725493 Change-Id: I1fa76bb683c6019ebff9ae47472a44d4a21182ad Reviewed-on: https://chromium-review.googlesource.com/602150 Commit-Ready: Igor <igorcov@chromium.org> Tested-by: Igor <igorcov@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> [modify] https://crrev.com/4016485c26034ae9726d408f0c242abb87896faa/login_manager/chrome_setup.cc
,
Aug 8 2017
ketakid@ Could you please take a look? We need a merge approval for this.
,
Aug 23 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/eccf1725cf9f5ce958b2ba8eb8d846128b0dd140 commit eccf1725cf9f5ce958b2ba8eb8d846128b0dd140 Author: Igor <igorcov@chromium.org> Date: Wed Aug 23 06:45:13 2017 Revert "login: need-arc-migration-policy-check flag" This reverts commit 69a3ec7f36f11a0fddc6e6b3083ebc1276358753. Reason for revert: This functionality was needed for device policy implemented in M-60. Starting from M-61 it is covered by an user policy and the flag is not needed. Original change's description: > login: need-arc-migration-policy-check flag > > If arc_policy_migration_check USE flag is enabled, set > need-arc-migration-policy-check. > > BUG= chromium:722371 > TEST=none > > Change-Id: I8741984abc35669edbe8d443d4334d98005a7d8b > Reviewed-on: https://chromium-review.googlesource.com/533236 > Commit-Ready: Igor <igorcov@chromium.org> > Tested-by: Igor <igorcov@chromium.org> > Reviewed-by: Dan Erat <derat@chromium.org> Bug: chromium:725493 Change-Id: I1fa76bb683c6019ebff9ae47472a44d4a21182ad Reviewed-on: https://chromium-review.googlesource.com/602150 Commit-Ready: Igor <igorcov@chromium.org> Tested-by: Igor <igorcov@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> (cherry picked from commit 4016485c26034ae9726d408f0c242abb87896faa) Reviewed-on: https://chromium-review.googlesource.com/626125 Commit-Queue: Igor <igorcov@chromium.org> [modify] https://crrev.com/eccf1725cf9f5ce958b2ba8eb8d846128b0dd140/login_manager/chrome_setup.cc
,
Aug 29 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3188095d10caf5a6572548cedd60baecc3c28685 commit 3188095d10caf5a6572548cedd60baecc3c28685 Author: Igor <igorcov@chromium.org> Date: Tue Aug 29 18:44:26 2017 Removed DeviceEcryptfsMigrationStrategy policy from Chrome settings Starting from version 61, the user policy controls if the migration from ecryptfs to ext4 is allowed. The device policy that was managing this functionality in version 60 now has to be removed. Bug: chromium:725493 Test: Manual test. Change-Id: Ic0fcce42b5638a0009c26b96990fccd1c2af529c Reviewed-on: https://chromium-review.googlesource.com/618874 Reviewed-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Igor <igorcov@chromium.org> Commit-Queue: Igor <igorcov@chromium.org> Cr-Commit-Position: refs/heads/master@{#498181} [modify] https://crrev.com/3188095d10caf5a6572548cedd60baecc3c28685/components/policy/resources/policy_templates.json
,
Aug 30 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe commit 1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe Author: Igor <igorcov@chromium.org> Date: Wed Aug 30 14:00:45 2017 The device policy functionality for ecryptfs to ext4 migration removed Starting from version 61, the user policy controls if the migration from ecryptfs to ext4 is allowed. The device policy that was managing this functionality in version 60 now has to be removed. The ARC icon is displayed based on IsArcAllowedForProfile function. It was updated to return false if the encryption is ecryptfs and the migration is forbidden for the user. The code for removing ARC data, which was forbidden in previous version if the device policy was disallowing the migration is removed now. In case we decide to make another exception there, it will be implemented in a separate CL. Also the banner stating that the migration is required now will be displayed if the partition is ecryptfs. The logic related to the banner is to be decided and implemented in a separate CL. Bug: chromium:725493 Test: Unit tests and manual test. Change-Id: Id5a10c875d2c1728169df01fd0fca095595fce6e Reviewed-on: https://chromium-review.googlesource.com/582951 Commit-Queue: Igor <igorcov@chromium.org> Reviewed-by: Paweł Hajdan Jr. <phajdan.jr@chromium.org> Reviewed-by: Igor <igorcov@chromium.org> Reviewed-by: Hidehiko Abe <hidehiko@chromium.org> Reviewed-by: Achuith Bhandarkar <achuith@chromium.org> Reviewed-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Kazuhiro Inaba <kinaba@chromium.org> Cr-Commit-Position: refs/heads/master@{#498448} [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/chromeos/arc/arc_session_manager.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/chromeos/arc/arc_util.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/chromeos/arc/arc_util.h [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/chromeos/arc/arc_util_unittest.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/chromeos/arc/policy/arc_policy_util.h [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/chromeos/login/existing_user_controller.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/chromeos/login/screens/user_selection_screen.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/chromeos/policy/device_policy_decoder_chromeos.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/browser/policy/configuration_policy_handler_list_factory.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/common/pref_names.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/common/pref_names.h [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/test/base/testing_profile.cc [modify] https://crrev.com/1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe/chrome/test/data/policy/policy_test_cases.json
,
Sep 1 2017
@Ketaki: Requesting merge of CL https://chromium-review.googlesource.com/582951 from Comment #17 to M-61 (pre-requisite for the merges mentioned in bug 747907 ).
,
Sep 1 2017
This bug requires manual review: We are only 3 days from stable. Please contact the milestone owner if you have questions. Owners: amineer@(Android), cmasso@(iOS), ketakid@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 5 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/86ea32bd3e120afb5ad9bd911750542cf3b36ef5 commit 86ea32bd3e120afb5ad9bd911750542cf3b36ef5 Author: Igor <igorcov@chromium.org> Date: Tue Sep 05 09:02:24 2017 The device policy functionality for ecryptfs to ext4 migration removed Starting from version 61, the user policy controls if the migration from ecryptfs to ext4 is allowed. The device policy that was managing this functionality in version 60 now has to be removed. The ARC icon is displayed based on IsArcAllowedForProfile function. It was updated to return false if the encryption is ecryptfs and the migration is forbidden for the user. The code for removing ARC data, which was forbidden in previous version if the device policy was disallowing the migration is removed now. In case we decide to make another exception there, it will be implemented in a separate CL. Also the banner stating that the migration is required now will be displayed if the partition is ecryptfs. The logic related to the banner is to be decided and implemented in a separate CL. TBR=igorcov@chromium.org (cherry picked from commit 1d6a3bf3e05ee228fb27ae0f1d91edd91f24cabe) Bug: chromium:725493 Test: Unit tests and manual test. Change-Id: Id5a10c875d2c1728169df01fd0fca095595fce6e Reviewed-on: https://chromium-review.googlesource.com/582951 Commit-Queue: Igor <igorcov@chromium.org> Reviewed-by: Paweł Hajdan Jr. <phajdan.jr@chromium.org> Reviewed-by: Igor <igorcov@chromium.org> Reviewed-by: Hidehiko Abe <hidehiko@chromium.org> Reviewed-by: Achuith Bhandarkar <achuith@chromium.org> Reviewed-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Kazuhiro Inaba <kinaba@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#498448} Reviewed-on: https://chromium-review.googlesource.com/650249 Cr-Commit-Position: refs/branch-heads/3163@{#1097} Cr-Branched-From: ff259bab28b35d242e10186cd63af7ed404fae0d-refs/heads/master@{#488528} [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/chromeos/arc/arc_session_manager.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/chromeos/arc/arc_util.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/chromeos/arc/arc_util.h [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/chromeos/arc/arc_util_unittest.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/chromeos/arc/policy/arc_policy_util.h [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/chromeos/login/existing_user_controller.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/chromeos/login/screens/user_selection_screen.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/chromeos/policy/device_policy_decoder_chromeos.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/browser/policy/configuration_policy_handler_list_factory.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/common/pref_names.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/common/pref_names.h [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/test/base/testing_profile.cc [modify] https://crrev.com/86ea32bd3e120afb5ad9bd911750542cf3b36ef5/chrome/test/data/policy/policy_test_cases.json
,
Sep 5 2017
Approving merge to M61 and M62.
,
Sep 11 2017
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible! If all merges have been completed, please remove any remaining Merge-Approved labels from this issue. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 15 2017
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible! If all merges have been completed, please remove any remaining Merge-Approved labels from this issue. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2017
,
Jan 22 2018
,
Jan 23 2018
,
Apr 9 2018
,
May 7 2018
|
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by uekawa@google.com
, May 24 2017