Google Git
Sign in
cos / mirrors / cros / chromiumos / platform2 / refs/heads/stabilize-10718.69.B^! / .
commit344f10699af3f34d9494dc1892d8e5a2042b7312[log] [tgz]
authorAndrey Pronin <apronin@chromium.org>Fri Jul 20 16:56:07 2018 -0700
committerChromeOS Commit Bot <chromeos-commit-bot@chromium.org>Tue Jul 24 23:06:44 2018 +0000
tree502c0dc4eaab1cb94935340f85f405e987750380
parente52c7e941120c0914007702f17a544820c3531a8 [diff]
cryptohome: control if PinWeaver is enabled through USE flag

This CL enables using PinWeaver only if USE=pinweaver is specified
during the build.

BUG=chromium:866055
TEST=1) emerge w/o USE flag, deploy, check that PinWeaver is not called
     2) emerge with USE=pinweaver, deploy, check that PinWeaver is used

Change-Id: I91d7910261b14fdc71366b53fee23f5cd762f005
Reviewed-on: https://chromium-review.googlesource.com/1145882
Commit-Ready: Allen Webb <allenwebb@google.com>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Allen Webb <allenwebb@google.com>
(cherry picked from commit 01840b992d0867a0e28c4ad9d9fea8ed44dfddb8)
Reviewed-on: https://chromium-review.googlesource.com/1149121
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Commit-Queue: Andrey Pronin <apronin@chromium.org>

diff --git a/cryptohome/cryptohome-libs.gypi b/cryptohome/cryptohome-libs.gypi
index 25bad5f..3fd3e50 100644
--- a/cryptohome/cryptohome-libs.gypi
+++ b/cryptohome/cryptohome-libs.gypi

@@ -2,7 +2,11 @@
 # are used for the resulting executable targets.
 {
   'target_defaults': {
+    'variables': {
+      'USE_pinweaver%': 0,
+    },
     'defines': [
+      'USE_PINWEAVER=<(USE_pinweaver)',
       'USE_TPM2=<(USE_tpm2)',
     ],
   },

diff --git a/cryptohome/tpm2_impl.cc b/cryptohome/tpm2_impl.cc
index 85e95c6..4d06654 100644
--- a/cryptohome/tpm2_impl.cc
+++ b/cryptohome/tpm2_impl.cc

@@ -1484,7 +1484,11 @@
 }
 
 LECredentialBackend* Tpm2Impl::GetLECredentialBackend() {
+#if USE_PINWEAVER
   return &le_credential_backend_;
+#else
+  return nullptr;
+#endif
 }
 
 SignatureSealingBackend* Tpm2Impl::GetSignatureSealingBackend() {

diff --git a/cryptohome/tpm2_impl.h b/cryptohome/tpm2_impl.h
index 1e2495f..9deb97e 100644
--- a/cryptohome/tpm2_impl.h
+++ b/cryptohome/tpm2_impl.h

@@ -259,7 +259,9 @@
   std::unique_ptr<tpm_manager::TpmOwnershipDBusProxy> default_tpm_owner_;
   tpm_manager::TpmNvramInterface* tpm_nvram_ = nullptr;
   std::unique_ptr<tpm_manager::TpmNvramDBusProxy> default_tpm_nvram_;
+#if USE_PINWEAVER
   PinweaverLECredentialBackend le_credential_backend_{this};
+#endif
   SignatureSealingBackendTpm2Impl signature_sealing_backend_{this};
 
   DISALLOW_COPY_AND_ASSIGN(Tpm2Impl);