Google Git
Sign in
cos / mirrors / cros / chromiumos / platform2 / refs/heads/stabilize-14532.B / . / arc / data-snapshotd
tree: 5873be982b6fcd86debdae465848cf6ee4a1c38d [path history] [tgz]
  1. dbus/
  2. dbus_bindings/
  3. init/
  4. proto/
  5. seccomp/
  6. worker/
  7. block_ui_controller.cc
  8. block_ui_controller.h
  9. block_ui_controller_test.cc
  10. BUILD.gn
  11. daemon.cc
  12. daemon.h
  13. dbus-constants.h
  14. dbus_adaptor.cc
  15. dbus_adaptor.h
  16. dbus_adaptor_test.cc
  17. esc_key_watcher.cc
  18. esc_key_watcher.h
  19. esc_key_watcher_test.cc
  20. fake_process_launcher.cc
  21. fake_process_launcher.h
  22. file_utils.cc
  23. file_utils.h
  24. main.cc
  25. mock_esc_key_watcher.h
  26. OWNERS
  27. README.md
  28. upstart_client.cc
  29. upstart_client.h
  30. upstart_client_test.cc
  31. worker_bridge.cc
  32. worker_bridge.h
  33. worker_bridge_test.cc
  34. worker_client.cc
  35. worker_client.h
  36. worker_client_test.cc
arc/data-snapshotd/README.md

Chrome OS ARC data snapshot daemons

This package implements daemons related to ARC /data directory snapshots.

arc-data-snapshotd

arc-data-snapshotd is a minijailed daemon. It executes operations with ARC data/ snapshots for Managed Guest Sessions (MGS).

The arc-data-snapshotd interface is exposed to Chrome browser through a D-Bus API.

arc-data-snapshotd daemon is responsible to execute next operations on the browser's request

  • present system UI to block the screen.
  • generate a key pair and store a public key hash in the Bootlockbox before the first user login.

arc-data-snapshotd daemon wires up actual operations with the snapshots to arc-data-snapshotd-worker.

arc-data-snapshotd-worker

This daemon processes requests from arc-data-snapshotd daemon and is responsible for actual operations with ARC data/ snapshots.

arc-data-snapshotd-worker executes actual copying of ARC data/ snapshots, signature and verification operations.

It stores ARC data/ snapshots in encrypted storage to make sure they are disposed once the device is unenrolled.

APIs between arc-data-snapshotd and browser

The browser manages a lifetime of arc-data-snapshotd and delegates to it all operations with ARC data/ snapshots via D-Bus API.

APIs between arc-data-snapshotd and arc-data-snapshotd-worker

arc-data-snapshotd daemon manages a lifetime of arc-data-snapshotd-worker daemon and delegates all actual operations with copying, signing and verifying ARC data/ snapshots via D-Bus API.