biod may lose access to daemon-store |
|||||
Issue descriptionbiod was not mounting daemon-store with MS_REC so if it started after a user was logged in (such as after a crash) it would lose access to the user specific data.
,
Dec 1
,
Dec 4
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/bc7301a2fdd495c9b59699f425e99655fde4c822 commit bc7301a2fdd495c9b59699f425e99655fde4c822 Author: Allen Webb <allenwebb@google.com> Date: Tue Dec 04 08:11:39 2018 biod: add MS_REC to daemon-store bind mount. This fixes a potential issue where if biod crashes after a user signs in biod will not be able to access the user specific data. BUG= chromium:910775 TEST=Restart biod after signing in and verify fingerprint auth works. Change-Id: I5a21e649529330ad6bce1306f7df6892d6a4cd4b Reviewed-on: https://chromium-review.googlesource.com/1357317 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Tested-by: Allen Webb <allenwebb@google.com> Reviewed-by: Mattias Nissler <mnissler@chromium.org> Reviewed-by: Nicolas Norvez <norvez@chromium.org> [modify] https://crrev.com/bc7301a2fdd495c9b59699f425e99655fde4c822/biod/init/biod.conf
,
Dec 7
I think this may still be broken due to biod's SetDiskAccesses() control, which prevents reading templates from storage unless set. Repro case: 1) Log in 2) Add fingerprint 3) restart biod: initctl restart biod 4) Lock device 5) Unlocking with fingerprint fails biod logs (/var/log/biod/biod.LATEST) show: [1206/153955.661999:INFO:biometrics_daemon.cc(482)] Primary user updated to 0227a7d5fb677150af3d793c079fcb8c87d2e510. [1206/153955.666021:ERROR:biod_storage.cc(114)] Access to the storage mounts not yet allowed. If I modify biod to SetDiskAccess(true) after retrieving the primary user session, the templates appear to load: [1206/153611.457061:INFO:biometrics_daemon.cc(482)] Primary user updated to 0227a7d5fb677150af3d793c079fcb8c87d2e510. [1206/153611.462325:INFO:cros_fp_biometrics_manager.cc(623)] Upload record ad022114_2efc_48a7_9745_6a8a9a1d7789
,
Dec 8
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/aba492a46e047201da225e7489cbed2450539f70 commit aba492a46e047201da225e7489cbed2450539f70 Author: Allen Webb <allenwebb@google.com> Date: Sat Dec 08 02:14:26 2018 biod: add MS_REC to daemon-store bind mount. This fixes a potential issue where if biod crashes after a user signs in biod will not be able to access the user specific data. BUG= chromium:910775 TEST=Restart biod after signing in and verify fingerprint auth works. Change-Id: I5a21e649529330ad6bce1306f7df6892d6a4cd4b Reviewed-on: https://chromium-review.googlesource.com/1357317 Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com> Tested-by: Allen Webb <allenwebb@google.com> Reviewed-by: Mattias Nissler <mnissler@chromium.org> Reviewed-by: Nicolas Norvez <norvez@chromium.org> (cherry picked from commit bc7301a2fdd495c9b59699f425e99655fde4c822) Reviewed-on: https://chromium-review.googlesource.com/c/1363539 Reviewed-by: YH Lin <yueherngl@chromium.org> Commit-Queue: YH Lin <yueherngl@chromium.org> Tested-by: YH Lin <yueherngl@chromium.org> [modify] https://crrev.com/aba492a46e047201da225e7489cbed2450539f70/biod/init/biod.conf
,
Jan 7
|
|||||
►
Sign in to add a comment |
|||||
Comment 1 by norvez@chromium.org
, Dec 1