Smart Lock signin: Persist local/remote devices to TPM as separate items, not single list |
||||
Issue descriptionEasyUnlockServiceSignin accesses the local device and remote device (the unlock key) from the TPM. Those 2 devices are currently persisted as a list, which is awkward and hacky (it's like this for historical reasons, and to make a migration step faster). They should instead by persisted together as either a dictionary, or as separate items. See the culprit CL which added local device persistence alongside the existing remote device persistence: https://chromium-review.googlesource.com/c/chromium/src/+/1112902
,
Sep 5
The crash that this inelegant design caused has been addressed in crbug.com/866710. While it's still necessary that we improve this design, it'd not a launch blocker that absolutely needs to get into M70. Downgrading priority.
,
Sep 10
Re: comment #2: The sign-in feature might actually be broken, though. Originally, the design changed set both a local and remote device in the TPM. Then, when attempting a sign-in, it looked for those two devices and attempted to use them. Somehow, storing these remote devices failed in some cases, so my fix simply returned early if both of the remote devices were unavailable. If both devices are not available, this means that we won't be able to sign in when we actually should be able to. We should try to investigate this to ensure that sign-in behavior does not regress.
,
Sep 10
It's not that "storing these remote devices failed in some cases", rather, I failed to implement a critical migration step (failed to accomodate old devices in the TPM not having the new |unlock_key| boolean field). I explained more at https://bugs.chromium.org/p/chromium/issues/detail?id=866710#c10. AFAICT, the sign-in feature is not fundamentally broken in respect to its TPM persistence mechanism. (but is still poorly designed and should be refactored!)
,
Sep 10
Ryan, will you update the bug summary to reflect the cleanup work that needs to happen on this bug?
,
Sep 11
,
Sep 20
|
||||
►
Sign in to add a comment |
||||
Comment 1 by khorimoto@chromium.org
, Aug 27Labels: -Pri-3 M-70 Pri-1
Owner: hansberry@chromium.org
Status: Assigned (was: Available)
Summary: Smart Lock signin: Fix device storage to TPM (was: Smart Lock signin: Persist devices to TPM more elegantly)