New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 811187 link

Starred by 1 user
Status: WontFix
Owner:
pyeh@chromium.org
Last visit > 30 days ago
Closed: Feb 2018
Cc:
textor@chromium.org
abodenha@chromium.org
kingjas@google.com
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug



Sign in to add a comment

Powerwash UI is displayed for an enrolled google.com Chromebook

Project Member Reported by pyeh@chromium.org, Feb 12 2018 
Chrome Version: 64.0.3282.134 beta
OS: Chrome OS 10176.65.0 (Official Build) beta-channel caroline

What steps will reproduce the problem?
(1) chrome://settings
(2) Clicking Powerwash > Restart button 

What is the expected result?
UI aren't supposed to be able to show up powerwash function for an enrolled google.com Chromebook

What happens instead?
Powerwash > Restart button showed up but can't powerwash.

Please use labels and text to provide additional information.

See feedback report here: https://listnr.corp.google.com/report/85037214361

Comment 1 by mnissler@chromium.org, Feb 13 2018

Components: -Internals>Installer -UI>Browser UI>Shell>StartScreen Security OS>Systems
Labels: Needs-Feedback
Owner: pyeh@chromium.org
Powerwash is intentionally available on enrolled Chromebooks to allow TPM firmware updating. There are several conditions, all of which must hold for the powerwash UI (both on the login screen and in chrome://chrome) to be available:

1. The TPM must run an outdated firmware version. More information on version numbers and devices this is relevant for is here: https://www.chromium.org/chromium-os/tpm_firmware_update (check chrome://system for current TPM firmware version)

2. The admin must configure the TPMFirmwareUpdateSettings policy with allow-user-initiated-powerwash = true (check chrome://policy)

Note that once the TPM firmware update is installed, condition #1 no longer holds and the powerwash UI would become inaccessible again.

Please double-check #1 and #2 on the device you're testing with to confirm that the behavior you're seeing isn't actually WAI.

Comment 2 by pyeh@google.com, Feb 23 2018 

This instance came from one of Caroline dogfooders and the unit was returned to Chrome stop. I was unable to find out any TPM version and TPMFirmwareUpdateSettings policy from the feedback report.

In my Caroline, allow-user-initiated-powerwash is set to "true" but TPM version is up-to-date so condition #1 no longer hold to trigger a powerwash on the login screen.

Thanks for helping put details to c#1, which is very helpful.

Comment 3 by pyeh@chromium.org, Feb 23 2018

Status: WontFix (was: Untriaged)

Sign in to add a comment