Re-plumb the FirstPartySets to the NetworkService after restarts.

Change-Id: Ic19e456fa6e0c345dcaacebabd9b3f96aad33573 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2595616Reviewed-by: Eric Orth <ericorth@chromium.org> Reviewed-by: Lily Chen <chlily@chromium.org> Reviewed-by: Joshua Pawlicki <waffles@chromium.org> Commit-Queue: Chris Fredrickson <cfredric@chromium.org> Cr-Commit-Position: refs/heads/master@{#838224}

Re-plumb the FirstPartySets to the NetworkService after restarts.
Change-Id: Ic19e456fa6e0c345dcaacebabd9b3f96aad33573 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2595616Reviewed-by: Eric Orth <ericorth@chromium.org> Reviewed-by: Lily Chen <chlily@chromium.org> Reviewed-by: Joshua Pawlicki <waffles@chromium.org> Commit-Queue: Chris Fredrickson <cfredric@chromium.org> Cr-Commit-Position: refs/heads/master@{#838224}
96a190f4 · cfredric · Chromium LUCI CQ · 8047522a · 96a190f4 · 96a190f4
Commit 96a190f4 authored Dec 17, 2020 by cfredric Committed by Chromium LUCI CQ Dec 17, 2020
4 changed files
--- a/chrome/browser/component_updater/first_party_sets_component_installer.cc
+++ b/chrome/browser/component_updater/first_party_sets_component_installer.cc
@@ -9,6 +9,7 @@
 #include "base/files/file_util.h"
 #include "base/logging.h"
 #include "base/memory/ref_counted.h"
+#include "base/no_destructor.h"
 #include "base/optional.h"
 #include "base/path_service.h"
 #include "base/stl_util.h"
@@ -56,10 +57,38 @@ base::Optional<std::string> LoadSetsFromDisk(const base::FilePath& pb_path) {
  return result;
 }
+base::FilePath& GetConfigPathInstance() {
+  static base::NoDestructor<base::FilePath> instance;
+  return *instance;
+}
+void SetFirstPartySetsConfig(
+    const base::RepeatingCallback<void(const std::string&)>& on_sets_ready) {
+  if (GetConfigPathInstance().empty())
+    return;
+  base::ThreadPool::PostTaskAndReplyWithResult(
+      FROM_HERE, {base::MayBlock(), base::TaskPriority::BEST_EFFORT},
+      base::BindOnce(&LoadSetsFromDisk, GetConfigPathInstance()),
+      base::BindOnce(
+          [](base::RepeatingCallback<void(const std::string&)> on_sets_ready,
+             base::Optional<std::string> raw_sets) {
+            if (raw_sets.has_value())
+              on_sets_ready.Run(*raw_sets);
+          },
+          on_sets_ready));
+}
 }  // namespace
 namespace component_updater {
+// static
+void FirstPartySetsComponentInstallerPolicy::ReconfigureAfterNetworkRestart(
+    const base::RepeatingCallback<void(const std::string&)>& on_sets_ready) {
+  SetFirstPartySetsConfig(on_sets_ready);
+}
 FirstPartySetsComponentInstallerPolicy::FirstPartySetsComponentInstallerPolicy(
    base::RepeatingCallback<void(const std::string&)> on_sets_ready)
    : on_sets_ready_(std::move(on_sets_ready)) {}
@@ -97,19 +126,15 @@ void FirstPartySetsComponentInstallerPolicy::ComponentReady(
    const base::Version& version,
    const base::FilePath& install_dir,
    std::unique_ptr<base::DictionaryValue> manifest) {
+  if (install_dir.empty())
+    return;
  VLOG(1) << "First-Party Sets Component ready, version " << version.GetString()
          << " in " << install_dir.value();
-  base::ThreadPool::PostTaskAndReplyWithResult(
+  GetConfigPathInstance() = GetInstalledPath(install_dir);
-      FROM_HERE, {base::MayBlock(), base::TaskPriority::BEST_EFFORT},
-      base::BindOnce(&LoadSetsFromDisk, GetInstalledPath(install_dir)),
+  SetFirstPartySetsConfig(on_sets_ready_);
-      base::BindOnce(
-          [](base::RepeatingCallback<void(const std::string&)> on_sets_ready,
-             base::Optional<std::string> raw_sets) {
-            if (raw_sets.has_value())
-              on_sets_ready.Run(*raw_sets);
-          },
-          on_sets_ready_));
 }
 // Called during startup and installation before ComponentReady().

--- a/chrome/browser/component_updater/first_party_sets_component_installer.h
+++ b/chrome/browser/component_updater/first_party_sets_component_installer.h
@@ -36,8 +36,16 @@ class FirstPartySetsComponentInstallerPolicy : public ComponentInstallerPolicy {
  FirstPartySetsComponentInstallerPolicy operator=(
      const FirstPartySetsComponentInstallerPolicy&) = delete;
+  // Calls the callback with the current First-Party Sets data, if the data
+  // exists and can be read.
+  static void ReconfigureAfterNetworkRestart(
+      const base::RepeatingCallback<void(const std::string&)>&);
 private:
-  FRIEND_TEST_ALL_PREFIXES(FirstPartySetsComponentInstallerTest, LoadsSets);
+  FRIEND_TEST_ALL_PREFIXES(FirstPartySetsComponentInstallerTest,
+                           LoadsSets_OnComponentReady);
+  FRIEND_TEST_ALL_PREFIXES(FirstPartySetsComponentInstallerTest,
+                           LoadsSets_OnNetworkRestart);
  // The following methods override ComponentInstallerPolicy.
  bool SupportsGroupPolicyEnabledComponentUpdates() const override;

--- a/chrome/browser/component_updater/first_party_sets_component_installer_unittest.cc
+++ b/chrome/browser/component_updater/first_party_sets_component_installer_unittest.cc
@@ -30,17 +30,19 @@ class FirstPartySetsComponentInstallerTest : public ::testing::Test {
 public:
  FirstPartySetsComponentInstallerTest() {
    CHECK(component_install_dir_.CreateUniqueTempDir());
+    scoped_feature_list_.InitAndEnableFeature(net::features::kFirstPartySets);
  }
 protected:
  base::test::TaskEnvironment env_;
  base::ScopedTempDir component_install_dir_;
+  base::test::ScopedFeatureList scoped_feature_list_;
 };
 TEST_F(FirstPartySetsComponentInstallerTest, FeatureDisabled) {
-  base::test::ScopedFeatureList scoped_list;
+  scoped_feature_list_.Reset();
-  scoped_list.InitAndDisableFeature(net::features::kFirstPartySets);
+  scoped_feature_list_.InitAndDisableFeature(net::features::kFirstPartySets);
  auto service =
      std::make_unique<component_updater::MockComponentUpdateService>();
  EXPECT_CALL(*service, RegisterComponent(_)).Times(0);
@@ -49,10 +51,7 @@ TEST_F(FirstPartySetsComponentInstallerTest, FeatureDisabled) {
  env_.RunUntilIdle();
 }
-TEST_F(FirstPartySetsComponentInstallerTest, LoadsSets) {
+TEST_F(FirstPartySetsComponentInstallerTest, LoadsSets_OnComponentReady) {
-  base::test::ScopedFeatureList scoped_list;
-  scoped_list.InitAndEnableFeature(net::features::kFirstPartySets);
  SEQUENCE_CHECKER(sequence_checker);
  const std::string expectation = "some first party sets";
  base::RunLoop run_loop;
@@ -74,4 +73,43 @@ TEST_F(FirstPartySetsComponentInstallerTest, LoadsSets) {
  run_loop.Run();
 }
+TEST_F(FirstPartySetsComponentInstallerTest, LoadsSets_OnNetworkRestart) {
+  SEQUENCE_CHECKER(sequence_checker);
+  const std::string expectation = "some first party sets";
+  // We do this in order for the static to memoize the install path.
+  {
+    base::RunLoop run_loop;
+    FirstPartySetsComponentInstallerPolicy policy(
+        base::BindLambdaForTesting([&](const std::string& got) {
+          DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker);
+          EXPECT_EQ(got, expectation);
+          run_loop.Quit();
+        }));
+    ASSERT_TRUE(base::WriteFile(
+        FirstPartySetsComponentInstallerPolicy::GetInstalledPath(
+            component_install_dir_.GetPath()),
+        expectation));
+    policy.ComponentReady(base::Version(), component_install_dir_.GetPath(),
+                          std::make_unique<base::DictionaryValue>());
+    run_loop.Run();
+  }
+  {
+    base::RunLoop run_loop;
+    FirstPartySetsComponentInstallerPolicy::ReconfigureAfterNetworkRestart(
+        base::BindLambdaForTesting([&](const std::string& got) {
+          DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker);
+          EXPECT_EQ(got, expectation);
+          run_loop.Quit();
+        }));
+    run_loop.Run();
+  }
+}
 }  // namespace component_updater
--- a/chrome/browser/net/system_network_context_manager.cc
+++ b/chrome/browser/net/system_network_context_manager.cc
@@ -23,6 +23,7 @@
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chrome_content_browser_client.h"
 #include "chrome/browser/component_updater/crl_set_component_installer.h"
+#include "chrome/browser/component_updater/first_party_sets_component_installer.h"
 #include "chrome/browser/component_updater/tls_deprecation_config_component_installer.h"
 #include "chrome/browser/net/chrome_mojo_proxy_resolver_factory.h"
 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
@@ -58,6 +59,7 @@
 #include "mojo/public/cpp/bindings/receiver_set.h"
 #include "mojo/public/cpp/bindings/self_owned_receiver.h"
 #include "net/base/features.h"
+#include "net/cookies/cookie_util.h"
 #include "net/net_buildflags.h"
 #include "net/third_party/uri_template/uri_template.h"
 #include "services/cert_verifier/public/mojom/cert_verifier_service_factory.mojom.h"
@@ -543,6 +545,20 @@ void SystemNetworkContextManager::OnNetworkServiceCreated(
  // Configure SCT Auditing in the NetworkService.
  SCTReportingService::ReconfigureAfterNetworkRestart();
+  if (net::cookie_util::IsFirstPartySetsEnabled()) {
+    component_updater::FirstPartySetsComponentInstallerPolicy::
+        ReconfigureAfterNetworkRestart(
+            base::BindRepeating([](const std::string& raw_sets) {
+              // We use a fresh pointer here (instead of using `network_service`
+              // from the enclosing scope) to avoid use-after-free bugs, since
+              // `network_service` is not guaranteed to live until the
+              // invocation of this callback.
+              network::mojom::NetworkService* network_service =
+                  content::GetNetworkService();
+              network_service->SetPreloadedFirstPartySets(raw_sets);
+            }));
+  }
 }
 void SystemNetworkContextManager::DisableQuic() {