Enable vmc for Googlers |
||||||||
Issue descriptionAs we dogfood Crostini, we want to enable vmc only for Googlers. This means we should not have an entry on chrome://flags that allows any user to enable it. If we enable a flag via Finch, note that users in dev mode will be able to manually enable the flag. This is acceptable.
,
Jan 10 2018
I've mailed out cl/181496858 to create this feature on the server side. It's easy to access this feature on the Chrome side. How should this feature be accessed by the vm_tools? What kind of interface do we need to expose this feature to other processes?
,
Jan 10 2018
Tim, My first thought would be to do it via D-Bus (standard way to talk between Chrome browser and ChromeOS daemons)...but that seems like it might be overkill. You may want to ask on the chrome-os mailing list if anybody else has used Finch to control things at the ChromeOS level and how they did it.
,
Jan 11 2018
Change 181496858 renamed cl/181552262 and submitted.
,
Jan 17 2018
Let's plan to enable this early next week (Jan 22) so it's after M65 branch.
,
Jan 19 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform/system_api/+/5c8aa4d8a30e89added6423a242360225661c554 commit 5c8aa4d8a30e89added6423a242360225661c554 Author: Tim Zheng <timzheng@google.com> Date: Fri Jan 19 08:29:46 2018 Add Chrome Features DBus interface. This CL contains the constants for the DBus interface. Actuall implementation will follow in a subsequent CL upon DEP update. BUG= chromium:800120 TEST=compile locally Change-Id: Ia225bb343ad3b034a1e23ee489080910e8303e93 Reviewed-on: https://chromium-review.googlesource.com/874610 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Tested-by: Tim Zheng <timzheng@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> Reviewed-by: Jeffrey Kardatzke <jkardatzke@google.com> [modify] https://crrev.com/5c8aa4d8a30e89added6423a242360225661c554/dbus/service_constants.h
,
Jan 20 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/765ed824aed987178f1f826712feb8cb406b12cc commit 765ed824aed987178f1f826712feb8cb406b12cc Author: Tim Zheng <timzheng@google.com> Date: Sat Jan 20 01:56:26 2018 Roll src/third_party/cros_system_api/ 15e1a4681..5c8aa4d8a (5 commits) https://chromium.googlesource.com/chromiumos/platform/system_api.git/+log/15e1a468124f..5c8aa4d8a30e $ git log 15e1a4681..5c8aa4d8a --date=short --no-merges --format='%ad %ae %s' 2018-01-18 timzheng Add Chrome Features DBus interface. 2018-01-17 allenvic smbprovider: Add CreateFileOptions and TruncateOptions protobuf 2018-01-15 hashimoto obb-mounter: Add OBB mounter constants 2018-01-10 tnagel system_api: Drop unused *EnrollmentState 2018-01-16 baileyberro smbprovider: Add DeleteEntryOptions protobuf to systemapi Created with: roll-dep src/third_party/cros_system_api TEST=roll-dep generated chang. Bug: chromium:800120 Change-Id: Iec11c430f9a608f4b9719740c7d7fcf35e5d23f4 Reviewed-on: https://chromium-review.googlesource.com/877181 Commit-Queue: Tim Zheng <timzheng@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> Cr-Commit-Position: refs/heads/master@{#530728} [modify] https://crrev.com/765ed824aed987178f1f826712feb8cb406b12cc/DEPS
,
Jan 21 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/78822b3eb0da819f3a87ec2a83177cab4e86771a commit 78822b3eb0da819f3a87ec2a83177cab4e86771a Author: Tim Zheng <timzheng@google.com> Date: Sun Jan 21 04:48:13 2018 Add a DBus interface to query Crostini enablement. This CL exposes a DBus method call IsCrostiniEnabled that returns a boolean indicating whether Crostini should be enabled on this machine. BUG= chromium:800120 TEST=dbus-send is working on chrome OS. Change-Id: I577380c396ea3d8872c3ab58c0455cdc4cc95df9 Reviewed-on: https://chromium-review.googlesource.com/874717 Commit-Queue: Tim Zheng <timzheng@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> Cr-Commit-Position: refs/heads/master@{#530767} [modify] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chrome/browser/chromeos/BUILD.gn [modify] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chrome/browser/chromeos/chrome_browser_main_chromeos.cc [add] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chrome/browser/chromeos/dbus/finch_features_service_provider_delegate.cc [add] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chrome/browser/chromeos/dbus/finch_features_service_provider_delegate.h [modify] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chrome/common/chrome_features.cc [modify] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chrome/common/chrome_features.h [modify] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chromeos/BUILD.gn [add] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chromeos/dbus/services/chrome_features_service_provider.cc [add] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chromeos/dbus/services/chrome_features_service_provider.h [add] https://crrev.com/78822b3eb0da819f3a87ec2a83177cab4e86771a/chromeos/dbus/services/org.chromium.ChromeFeaturesService.conf
,
Jan 22 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/2a067c7ef501cedf8361041387df8b80d3a3a29e commit 2a067c7ef501cedf8361041387df8b80d3a3a29e Author: Tim Zheng <timzheng@google.com> Date: Mon Jan 22 21:13:31 2018 crosh: Gate the "vmc" command by a Chrome Feature. This change makes command "vmc" available only when Chrome Feature "Crostini" is set. This is used to enable Crostini dogfood while prevent others to use it for now. BUG= chromium:800120 TEST=manually tested. Change-Id: I49320464a3531130987335793a94b87caa60456a Reviewed-on: https://chromium-review.googlesource.com/875163 Commit-Ready: Tim Zheng <timzheng@chromium.org> Tested-by: Tim Zheng <timzheng@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> [modify] https://crrev.com/2a067c7ef501cedf8361041387df8b80d3a3a29e/crosh/crosh
,
Jan 23 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/721782f940de29d7bee2d532e6628539e64242e3 commit 721782f940de29d7bee2d532e6628539e64242e3 Author: Tim Zheng <timzheng@google.com> Date: Tue Jan 23 06:21:08 2018 Add Crostini experiment to fieldtrial testing. This enables project Crostini, running Linux VM on chrome OS, for Chromium developer builds. BUG= chromium:800120 TEST=Locally tested on my developer build. Change-Id: Ibf6028cba6f140fc5730b9ea3a25e667d263ad6f Reviewed-on: https://chromium-review.googlesource.com/879173 Commit-Queue: Ilya Sherman <isherman@chromium.org> Reviewed-by: Ilya Sherman <isherman@chromium.org> Cr-Commit-Position: refs/heads/master@{#531168} [modify] https://crrev.com/721782f940de29d7bee2d532e6628539e64242e3/testing/variations/fieldtrial_testing_config.json
,
Jan 24 2018
We also have users with devices that are not Google assets. We want to keep eve-kvm board enabled always.
,
Jan 24 2018
remind me ... finch doesn't have the ability to filter based on device details ?
,
Jan 24 2018
I submitted another Finch config to enable eve-kvm. https://critique.corp.google.com/#review/183151000
,
Feb 9 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a140b7172c1bb4290f7d9c5df31a799d4b83e257 commit a140b7172c1bb4290f7d9c5df31a799d4b83e257 Author: Tim Zheng <timzheng@google.com> Date: Fri Feb 09 18:55:22 2018 New device policy to allow Linux VMs on Chrome OS. If the policy is unset or set to true, running Linux VMs on Chrome OS is allowed. The unset is allowed means non-managed devices are allowed. At this time, in order for Linux VMs to run, the Finch experiment also needs to be enabled. After this feature is fully launched, the Finch control logic will be removed. BUG= chromium:800120 TEST=manually tested on an eve device with dbus-send results verified. Change-Id: Iceec3341540edce5b815cc74aea0b56e12c35252 Reviewed-on: https://chromium-review.googlesource.com/899767 Commit-Queue: Tim Zheng <timzheng@chromium.org> Reviewed-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Pavol Marko <pmarko@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> Cr-Commit-Position: refs/heads/master@{#535769} [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chrome/browser/chromeos/BUILD.gn [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chrome/browser/chromeos/dbus/finch_features_service_provider_delegate.cc [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chrome/browser/chromeos/policy/device_policy_decoder_chromeos.cc [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chrome/browser/chromeos/settings/device_settings_provider.cc [add] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chrome/browser/chromeos/virtual_machines/virtual_machines_util.cc [add] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chrome/browser/chromeos/virtual_machines/virtual_machines_util.h [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chrome/test/data/policy/policy_test_cases.json [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chromeos/settings/cros_settings_names.cc [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/chromeos/settings/cros_settings_names.h [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/components/policy/proto/chrome_device_policy.proto [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/components/policy/resources/policy_templates.json [modify] https://crrev.com/a140b7172c1bb4290f7d9c5df31a799d4b83e257/tools/metrics/histograms/enums.xml
,
Feb 13 2018
,
Feb 13 2018
I submitted this CL to restrict dogfood to canary and dev channels only. https://critique.corp.google.com/#review/185587639
,
Feb 14 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/board-overlays/+/28aabeb973ae38fda1791613d6e435fb0ec7ce8a commit 28aabeb973ae38fda1791613d6e435fb0ec7ce8a Author: Dylan Reid <dgreid@chromium.org> Date: Wed Feb 14 01:41:31 2018 eve: Enable KVM host functionality Enabling the kvm_host use flag on eve installs the VM management tools. This does not enable using the tools, that is still behind a finch experiment. TEST=build an eve image and confirm crosvm is installed. BUG= 800120 Change-Id: I7f5cb6218e2fa1d93dbe57c351e1b404258cf458 Signed-off-by: Dylan Reid <dgreid@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/915023 Reviewed-by: Stephen Barber <smbarber@chromium.org> Reviewed-by: Chirantan Ekbote <chirantan@chromium.org> [modify] https://crrev.com/28aabeb973ae38fda1791613d6e435fb0ec7ce8a/overlay-eve/profiles/base/make.defaults
,
Feb 28 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5886332700869708024ff39b3452f4936776103c commit 5886332700869708024ff39b3452f4936776103c Author: Tim Zheng <timzheng@google.com> Date: Wed Feb 28 00:20:46 2018 Change VirtualMachinesAllowed managed default. Change the default to True for managed devices for now. This will enable dogfood while the policy is in the process of being rolled out. The feature can still be turned off by using the enterprise policy once policy is rolled out in the backend. BUG= chromium:800120 TEST=manually tested with YAPS. Change-Id: I441c77f896d185aefd7eeaf3b7ed89fd19b99a7d Reviewed-on: https://chromium-review.googlesource.com/940182 Reviewed-by: Dan Erat <derat@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> Commit-Queue: Tim Zheng <timzheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#539597} [modify] https://crrev.com/5886332700869708024ff39b3452f4936776103c/chrome/browser/chromeos/settings/device_settings_provider.cc
,
Mar 2 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/cbde4515a4e06d0ea9bf612f5fa7395984ffe094 commit cbde4515a4e06d0ea9bf612f5fa7395984ffe094 Author: Tim Zheng <timzheng@google.com> Date: Fri Mar 02 04:50:59 2018 Update a comment on VirtualMachinesAllowed policy. Update the comment to reflect a recent code change https://chromium-review.googlesource.com/c/chromium/src/+/899767. In proto ChromeDeviceSettingsProto from components/policy/proto/chrome_device_policy.proto, each device policy setting is represented as a proto buffer message which has a member field that holds the setting value. For example, for this policy, the outer message virtual_machines_allowed is type of VirtualMachinesAllowedProto which has a bool member virtual_machines_allowed. The default values for when the outer message is not set or when the outer message is set but the inner field is not set should be the same to avoid mistakes. For VirtualMachinesAllowed, both default values are consistently True. BUG= chromium:800120 TEST=Comment change only. Change-Id: I68c49b19bb5bcbf71a9d4573f6f96753e45fd290 Reviewed-on: https://chromium-review.googlesource.com/942343 Reviewed-by: Maksim Ivanov <emaxx@chromium.org> Commit-Queue: Tim Zheng <timzheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#540447} [modify] https://crrev.com/cbde4515a4e06d0ea9bf612f5fa7395984ffe094/components/policy/resources/policy_templates.json
,
Mar 15 2018
@timzheng when will you swap the default policy value back to false?
,
Mar 15 2018
,
Mar 15 2018
,
Mar 16 2018
,
Mar 28 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5a174c9b522a11d138af9c57111bc217805626be commit 5a174c9b522a11d138af9c57111bc217805626be Author: Tim Zheng <timzheng@google.com> Date: Wed Mar 28 01:29:54 2018 Disable Finch control of virtual machines. This disables controlling the running of virtual machines with Finch configs. It is intended as a temp measure before Finch fixes its bug that prevent configs from being pulled when Chrome starts. BUG= chromium:800120 TEST=manual test. Change-Id: Ic1571f034361cafdd2f7565e665b7f21dca392bf Reviewed-on: https://chromium-review.googlesource.com/982519 Reviewed-by: Dan Erat <derat@chromium.org> Commit-Queue: Tim Zheng <timzheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#546362} [modify] https://crrev.com/5a174c9b522a11d138af9c57111bc217805626be/chrome/browser/chromeos/dbus/finch_features_service_provider_delegate.cc
,
Mar 29 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9c29a858ddd6cb8341f88f29ceda15c993cebb0b commit 9c29a858ddd6cb8341f88f29ceda15c993cebb0b Author: Tim Zheng <timzheng@google.com> Date: Thu Mar 29 00:54:37 2018 Enable virtual machines by version and channel. BUG= chromium:800120 TEST=manual test. Change-Id: I1d05d5b8d75f8a4380820bcab2d09f0869adfce4 Reviewed-on: https://chromium-review.googlesource.com/985143 Commit-Queue: Tim Zheng <timzheng@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> Cr-Commit-Position: refs/heads/master@{#546680} [modify] https://crrev.com/9c29a858ddd6cb8341f88f29ceda15c993cebb0b/chrome/browser/chromeos/dbus/finch_features_service_provider_delegate.cc [modify] https://crrev.com/9c29a858ddd6cb8341f88f29ceda15c993cebb0b/chrome/browser/chromeos/virtual_machines/virtual_machines_util.cc [modify] https://crrev.com/9c29a858ddd6cb8341f88f29ceda15c993cebb0b/chrome/browser/chromeos/virtual_machines/virtual_machines_util.h
,
Apr 3 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/0f059d935b029daf3c50b130560c55dbb22e171b commit 0f059d935b029daf3c50b130560c55dbb22e171b Author: Tim Zheng <timzheng@google.com> Date: Tue Apr 03 18:52:31 2018 Update virtual machines allowed logic in app_list. This is to keep up to date with the logic change that the DBus service uses. The logic has changed to use hard coded release version and channel due to a bug in Finch. BUG= chromium:800120 TESTED=manually tested. Change-Id: Ic5c33d97c2100592732df4a0a14ab744197ec377 Reviewed-on: https://chromium-review.googlesource.com/987100 Reviewed-by: Nicholas Verne <nverne@chromium.org> Reviewed-by: calamity <calamity@chromium.org> Commit-Queue: Tim Zheng <timzheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#547777} [modify] https://crrev.com/0f059d935b029daf3c50b130560c55dbb22e171b/chrome/browser/ui/app_list/crostini/crostini_util.cc
,
Apr 6 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/852d7040bfa75c7046902eeca97ded8e0670f121 commit 852d7040bfa75c7046902eeca97ded8e0670f121 Author: Tim Zheng <timzheng@google.com> Date: Fri Apr 06 02:22:28 2018 Fix an error in a comment. BUG= chromium:800120 TEST=comment only change. Change-Id: Ie3a5d99186419c6a11d3efac4e7b50ec459cf772 Reviewed-on: https://chromium-review.googlesource.com/999118 Reviewed-by: Steven Bennetts <stevenjb@chromium.org> Commit-Queue: Tim Zheng <timzheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#548642} [modify] https://crrev.com/852d7040bfa75c7046902eeca97ded8e0670f121/chromeos/dbus/services/chrome_features_service_provider.h
,
Apr 11 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/b01f43894297a909872f1822592ac46c40b57c0c commit b01f43894297a909872f1822592ac46c40b57c0c Author: Maksim Ivanov <emaxx@chromium.org> Date: Wed Apr 11 10:33:32 2018 Fix VirtualMachinesAllowed policy parsing for UI Fix inconsistency in the code that parses this policy for the policy map (which is used for the chrome://policy page). The code shouldn't pretend to have the policy set (with the default value) when the enclosing proto message is present but with the actual policy proto field unset. Note that the fixed issue should have been a purely UI glitch - the actual policy application wasn't affected. BUG= chromium:800120 TEST=none Change-Id: I32d55dc6bfe64ec8b1cac7c090028f805c91560a Reviewed-on: https://chromium-review.googlesource.com/986096 Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Commit-Queue: Maksim Ivanov <emaxx@chromium.org> Cr-Commit-Position: refs/heads/master@{#549849} [modify] https://crrev.com/b01f43894297a909872f1822592ac46c40b57c0c/chrome/browser/chromeos/policy/device_policy_decoder_chromeos.cc
,
Apr 20 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f468cd062d5e0a170ee9d6cfc0c346fdd993b104 commit f468cd062d5e0a170ee9d6cfc0c346fdd993b104 Author: Tim Zheng <timzheng@google.com> Date: Fri Apr 20 17:53:09 2018 Flip policy VirtualMachinesAllowed default value. This change flip the default value of device policy for managed devices only. When the device policy VirtualMachinesAllowed is not set for managed devices, the default is now False. Please note that this change doesn't modify the policy value for unmanaged devices. It's always True. BUG= chromium:800120 TEST=Manual test with YAPS tool. Change-Id: Iddcfc4ad818db5be076b05c23d0f51f960fef059 Reviewed-on: https://chromium-review.googlesource.com/1017308 Reviewed-by: Maksim Ivanov <emaxx@chromium.org> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Commit-Queue: Tim Zheng <timzheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#552381} [modify] https://crrev.com/f468cd062d5e0a170ee9d6cfc0c346fdd993b104/chrome/browser/chromeos/settings/device_settings_provider.cc [modify] https://crrev.com/f468cd062d5e0a170ee9d6cfc0c346fdd993b104/components/policy/resources/policy_templates.json
,
Apr 23 2018
,
May 17 2018
,
Jun 14 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/2dd076606271402aa23c4562a721996f79b0776c commit 2dd076606271402aa23c4562a721996f79b0776c Author: Tim Zheng <timzheng@google.com> Date: Thu Jun 14 17:13:22 2018 Update Crostini release version and channel. We want to release to dev/canary for version 67 and 68 and to release to all chanels since version 69. The beta/stable release is pushed back from 68 to 69. BUG= chromium:800120 TEST=manual test. Change-Id: I02851521a0b9266157be3c4eb510546637b538a1 Reviewed-on: https://chromium-review.googlesource.com/1100539 Reviewed-by: Dan Erat <derat@chromium.org> Commit-Queue: Tim Zheng <timzheng@chromium.org> Cr-Commit-Position: refs/heads/master@{#567321} [modify] https://crrev.com/2dd076606271402aa23c4562a721996f79b0776c/chrome/browser/chromeos/virtual_machines/virtual_machines_util.cc |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by jhawkins@chromium.org
, Jan 8 2018