cryptohome: Deprecate KeyPrivilege::mount due to non-usage

BUG=1140235

Change-Id: Id1bd1ac23529ebb871fa7eeeccea3bee1ab3a74f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2506369Reviewed-by: Greg Kerr <kerrnel@chromium.org>
Reviewed-by: Achuith Bhandarkar <achuith@chromium.org>
Commit-Queue: Hardik Goyal <hardikgoyal@chromium.org>
Auto-Submit: Hardik Goyal <hardikgoyal@chromium.org>
Cr-Commit-Position: refs/heads/master@{#823329}

chrome/browser/chromeos/login/easy_unlock/easy_unlock_create_keys_operation.cc

@@ -38,7 +38,7 @@ const int kSessionKeyByteSize = 16;
 
 const int kEasyUnlockKeyRevision = 1;
 const int kEasyUnlockKeyPrivileges =
-    cryptohome::PRIV_MOUNT | cryptohome::PRIV_ADD | cryptohome::PRIV_REMOVE;
+    cryptohome::PRIV_ADD | cryptohome::PRIV_REMOVE;
 
 }  // namespace
 

chrome/browser/chromeos/login/quick_unlock/pin_storage_cryptohome.cc

@@ -203,9 +203,8 @@ void PinStorageCryptohome::SetPin(const UserContext& user_context,
 
   cryptohome::AddKeyRequest request;
   const cryptohome::KeyDefinition key_def =
-      cryptohome::KeyDefinition::CreateForPassword(
-          secret, kCryptohomePinLabel,
-          cryptohome::PRIV_MOUNT | cryptohome::PRIV_MIGRATE);
+      cryptohome::KeyDefinition::CreateForPassword(secret, kCryptohomePinLabel,
+                                                   cryptohome::PRIV_MIGRATE);
   cryptohome::KeyDefinitionToKey(key_def, request.mutable_key());
   request.mutable_key()
       ->mutable_data()

chrome/browser/chromeos/login/supervised/supervised_user_constants.cc

@@ -12,8 +12,8 @@ const char kCryptohomeSupervisedUserKeyLabel[] = "managed";
 const char kLegacyCryptohomeSupervisedUserKeyLabel[] = "default-0";
 
 const int kCryptohomeSupervisedUserKeyPrivileges =
-    cryptohome::PRIV_AUTHORIZED_UPDATE | cryptohome::PRIV_MOUNT;
+    cryptohome::PRIV_AUTHORIZED_UPDATE;
 const int kCryptohomeSupervisedUserIncompleteKeyPrivileges =
-    cryptohome::PRIV_MIGRATE | cryptohome::PRIV_MOUNT;
+    cryptohome::PRIV_MIGRATE;
 
 }  // namespace chromeos

chromeos/cryptohome/cryptohome_parameters.h

@@ -20,12 +20,11 @@ class AccountId;
 namespace cryptohome {
 
 enum AuthKeyPrivileges {
-  PRIV_MOUNT = 1 << 0,              // Can mount with this key.
   PRIV_ADD = 1 << 1,                // Can add new keys.
   PRIV_REMOVE = 1 << 2,             // Can remove other keys.
   PRIV_MIGRATE = 1 << 3,            // Destroy all keys and replace with new.
   PRIV_AUTHORIZED_UPDATE = 1 << 4,  // Key can be updated in place.
-  PRIV_DEFAULT = PRIV_MOUNT | PRIV_ADD | PRIV_REMOVE | PRIV_MIGRATE
+  PRIV_DEFAULT = PRIV_ADD | PRIV_REMOVE | PRIV_MIGRATE
 };
 
 // Identification of the user calling cryptohome method.

chromeos/cryptohome/cryptohome_util.cc

@@ -62,7 +62,6 @@ void ChallengeResponseKeyToPublicKeyInfo(
 
 void KeyDefPrivilegesToKeyPrivileges(int key_def_privileges,
                                      KeyPrivileges* privileges) {
-  privileges->set_mount(key_def_privileges & PRIV_MOUNT);
   privileges->set_add(key_def_privileges & PRIV_ADD);
   privileges->set_remove(key_def_privileges & PRIV_REMOVE);
   privileges->set_update(key_def_privileges & PRIV_MIGRATE);
@@ -169,8 +168,6 @@ std::vector<KeyDefinition> GetKeyDataReplyToKeyDefinitions(
 
     // Extract |privileges|.
     const KeyPrivileges& privileges = it->privileges();
-    if (privileges.mount())
-      key_definition.privileges |= PRIV_MOUNT;
     if (privileges.add())
       key_definition.privileges |= PRIV_ADD;
     if (privileges.remove())

chromeos/cryptohome/cryptohome_util_unittest.cc

@@ -91,7 +91,6 @@ TEST(CryptohomeUtilTest,
   EXPECT_EQ(auth_request.key().data().type(),
             KeyData::KEY_TYPE_CHALLENGE_RESPONSE);
   EXPECT_EQ(auth_request.key().data().label(), kKeyLabel);
-  EXPECT_TRUE(auth_request.key().data().privileges().mount());
   ASSERT_EQ(auth_request.key().data().challenge_response_key_size(), 1);
   EXPECT_EQ(
       auth_request.key().data().challenge_response_key(0).public_key_spki_der(),
@@ -262,28 +261,12 @@ TEST(CryptohomeUtilTest, KeyDefinitionToKeyDefaultPrivileges) {
   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();
 
-  EXPECT_TRUE(privileges.mount());
   EXPECT_TRUE(privileges.add());
   EXPECT_TRUE(privileges.remove());
   EXPECT_TRUE(privileges.update());
   EXPECT_FALSE(privileges.authorized_update());
 }
 
-TEST(CryptohomeUtilTest, KeyDefinitionToKeyMountPrivileges) {
-  KeyDefinition key_def;
-  key_def.privileges = PRIV_MOUNT;
-  Key key;
-
-  KeyDefinitionToKey(key_def, &key);
-  KeyPrivileges privileges = key.data().privileges();
-
-  EXPECT_TRUE(privileges.mount());
-  EXPECT_FALSE(privileges.add());
-  EXPECT_FALSE(privileges.remove());
-  EXPECT_FALSE(privileges.update());
-  EXPECT_FALSE(privileges.authorized_update());
-}
-
 TEST(CryptohomeUtilTest, KeyDefinitionToKeyAddPrivileges) {
   KeyDefinition key_def;
   key_def.privileges = PRIV_ADD;
@@ -292,7 +275,6 @@ TEST(CryptohomeUtilTest, KeyDefinitionToKeyAddPrivileges) {
   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();
 
-  EXPECT_FALSE(privileges.mount());
   EXPECT_TRUE(privileges.add());
   EXPECT_FALSE(privileges.remove());
   EXPECT_FALSE(privileges.update());
@@ -307,7 +289,6 @@ TEST(CryptohomeUtilTest, KeyDefinitionToKeyRemovePrivileges) {
   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();
 
-  EXPECT_FALSE(privileges.mount());
   EXPECT_FALSE(privileges.add());
   EXPECT_TRUE(privileges.remove());
   EXPECT_FALSE(privileges.update());
@@ -322,7 +303,6 @@ TEST(CryptohomeUtilTest, KeyDefinitionToKeyUpdatePrivileges) {
   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();
 
-  EXPECT_FALSE(privileges.mount());
   EXPECT_FALSE(privileges.add());
   EXPECT_FALSE(privileges.remove());
   EXPECT_TRUE(privileges.update());
@@ -337,7 +317,6 @@ TEST(CryptohomeUtilTest, KeyDefinitionToKeyAuthorizedUpdatePrivileges) {
   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();
 
-  EXPECT_FALSE(privileges.mount());
   EXPECT_FALSE(privileges.add());
   EXPECT_FALSE(privileges.remove());
   EXPECT_FALSE(privileges.update());
@@ -352,7 +331,6 @@ TEST(CryptohomeUtilTest, KeyDefinitionToKeyAllPrivileges) {
   KeyDefinitionToKey(key_def, &key);
   KeyPrivileges privileges = key.data().privileges();
 
-  EXPECT_TRUE(privileges.mount());
   EXPECT_TRUE(privileges.add());
   EXPECT_TRUE(privileges.remove());
   EXPECT_TRUE(privileges.update());
@@ -363,7 +341,7 @@ TEST(CryptohomeUtilTest, KeyDefinitionToKeyAllPrivileges) {
 // the |TYPE_CHALLENGE_RESPONSE| type.
 TEST(CryptohomeUtilTest, KeyDefinitionToKey_ChallengeResponse) {
   using Algorithm = ChallengeResponseKey::SignatureAlgorithm;
-  const int kPrivileges = PRIV_MOUNT;
+  const int kPrivileges = 0;
   const std::string kKey1Spki = "spki1";
   const Algorithm kKey1Algorithm = Algorithm::kRsassaPkcs1V15Sha1;
   const ChallengeSignatureAlgorithm kKey1AlgorithmProto =
@@ -393,7 +371,6 @@ TEST(CryptohomeUtilTest, KeyDefinitionToKey_ChallengeResponse) {
   EXPECT_FALSE(key.has_secret());
   EXPECT_EQ(key.data().type(), KeyData::KEY_TYPE_CHALLENGE_RESPONSE);
   EXPECT_EQ(key.data().label(), kKeyLabel);
-  EXPECT_TRUE(key.data().privileges().mount());
   ASSERT_EQ(key.data().challenge_response_key_size(), 2);
   EXPECT_EQ(key.data().challenge_response_key(0).public_key_spki_der(),
             kKey1Spki);
@@ -572,7 +549,7 @@ TEST(CryptohomeUtilTest, GetKeyDataReplyToKeyDefinitionsTwoEntries) {
   const KeyDefinition& key_definition = key_definitions.front();
   EXPECT_EQ(KeyDefinition::TYPE_PASSWORD, key_definition.type);
   EXPECT_EQ(kKeyLabel, key_definition.label);
-  EXPECT_EQ(PRIV_MOUNT | PRIV_ADD | PRIV_REMOVE, key_definition.privileges);
+  EXPECT_EQ(PRIV_ADD | PRIV_REMOVE, key_definition.privileges);
   EXPECT_EQ(kKeyRevision, key_definition.revision);
   ASSERT_EQ(1u, key_definition.authorization_data.size());
   EXPECT_EQ(KeyDefinition::AuthorizationData::TYPE_HMACSHA256,