tree: fcb0492a276329faeece59314d06d161cf4fe446 [path history] [tgz]
  1. .project_alias
  2. BUILD.gn
  3. COMMIT-QUEUE.ini
  4. OWNERS
  5. PRESUBMIT.cfg
  6. README.md
  7. SessionManager.conf
  8. android_oci_wrapper.cc
  9. android_oci_wrapper.h
  10. android_oci_wrapper_test.cc
  11. blob_util.cc
  12. blob_util.h
  13. browser_job.cc
  14. browser_job.h
  15. browser_job_test.cc
  16. child_exit_dispatcher.cc
  17. child_exit_dispatcher.h
  18. child_exit_dispatcher_test.cc
  19. child_exit_handler.cc
  20. child_exit_handler.h
  21. child_job.cc
  22. child_job.h
  23. chrome_dev.conf
  24. chrome_setup.cc
  25. chrome_setup.h
  26. chrome_setup_test.cc
  27. container_manager_interface.cc
  28. container_manager_interface.h
  29. crossystem.cc
  30. crossystem.h
  31. crossystem_impl.cc
  32. crossystem_impl.h
  33. cumulative_use_time_metric.cc
  34. cumulative_use_time_metric.h
  35. cumulative_use_time_metric_test.cc
  36. dbus_bindings/
  37. dbus_util.cc
  38. dbus_util.h
  39. default_proxy
  40. device_local_account_manager.cc
  41. device_local_account_manager.h
  42. device_local_account_manager_test.cc
  43. device_policy_service.cc
  44. device_policy_service.h
  45. device_policy_service_test.cc
  46. docs/
  47. fake_browser_job.cc
  48. fake_browser_job.h
  49. fake_child_process.cc
  50. fake_child_process.h
  51. fake_container_manager.cc
  52. fake_container_manager.h
  53. fake_crossystem.cc
  54. fake_crossystem.h
  55. fake_generated_key_handler.cc
  56. fake_generated_key_handler.h
  57. fake_generator_job.cc
  58. fake_generator_job.h
  59. file_checker.cc
  60. file_checker.h
  61. generator_job.cc
  62. generator_job.h
  63. init/
  64. init_daemon_controller.h
  65. key_generator.cc
  66. key_generator.h
  67. key_generator_test.cc
  68. keygen.cc
  69. keygen_worker.cc
  70. keygen_worker.h
  71. liveness_checker.h
  72. liveness_checker_impl.cc
  73. liveness_checker_impl.h
  74. liveness_checker_impl_test.cc
  75. login_metrics.cc
  76. login_metrics.h
  77. login_metrics_test.cc
  78. lsan_suppressions
  79. matchers.h
  80. mock_constructors.cc
  81. mock_device_policy_service.h
  82. mock_file_checker.h
  83. mock_init_daemon_controller.h
  84. mock_install_attributes_reader.h
  85. mock_key_generator.h
  86. mock_liveness_checker.h
  87. mock_metrics.h
  88. mock_mitigator.h
  89. mock_nss_util.cc
  90. mock_nss_util.h
  91. mock_object_proxy.h
  92. mock_policy_key.h
  93. mock_policy_service.h
  94. mock_policy_store.h
  95. mock_process_manager_service.h
  96. mock_server.key
  97. mock_server.pem
  98. mock_server_backed_state_key_generator.h
  99. mock_session_manager.h
  100. mock_subprocess.h
  101. mock_system_utils.h
  102. mock_user_policy_service_factory.h
  103. mock_vpd_process.h
  104. nss_util.cc
  105. nss_util.h
  106. nss_util_test.cc
  107. owner_key_loss_mitigator.cc
  108. owner_key_loss_mitigator.h
  109. policy_key.cc
  110. policy_key.h
  111. policy_key_test.cc
  112. policy_service.cc
  113. policy_service.h
  114. policy_service_test.cc
  115. policy_store.cc
  116. policy_store.h
  117. policy_store_test.cc
  118. process_manager_service_interface.h
  119. regen_mitigator.cc
  120. regen_mitigator.h
  121. regen_mitigator_test.cc
  122. resilient_policy_store.cc
  123. resilient_policy_store.h
  124. resilient_policy_store_test.cc
  125. server_backed_state_key_generator.cc
  126. server_backed_state_key_generator.h
  127. server_backed_state_key_generator_test.cc
  128. session_manager-client/
  129. session_manager_impl.cc
  130. session_manager_impl.h
  131. session_manager_impl_test.cc
  132. session_manager_interface.h
  133. session_manager_main.cc
  134. session_manager_process_test.cc
  135. session_manager_service.cc
  136. session_manager_service.h
  137. session_manager_setup.sh
  138. subprocess.cc
  139. subprocess.h
  140. subprocess_test.cc
  141. system_utils.h
  142. system_utils_impl.cc
  143. system_utils_impl.h
  144. system_utils_test.cc
  145. systemd_unit_starter.cc
  146. systemd_unit_starter.h
  147. upstart_signal_emitter.cc
  148. upstart_signal_emitter.h
  149. user_policy_service.cc
  150. user_policy_service.h
  151. user_policy_service_factory.cc
  152. user_policy_service_factory.h
  153. user_policy_service_test.cc
  154. validator_utils.cc
  155. validator_utils.h
  156. validator_utils_test.cc
  157. vpd_process.h
  158. vpd_process_impl.cc
  159. vpd_process_impl.h
login_manager/README.md

Chrome OS Session Manager

session_manager is responsible for managing the lifecycle of the Chrome process. It confusingly lives in the login_manager directory and is installed by the chromeos-login package.

session_manager communicates with other processes using D-Bus. It owns the service name org.chromium.SessionManager at service path /org/chromium/SessionManager and exports an interface named org.chromium.SessionManager.

This document contains an overview of what session_manager does. See the docs directory for more information.

Startup

The ui Upstart job is responsible for running session_manager. Before executing it, it runs ui-pre-start to create necessary files and directories.

session_manager constructs a command line for running Chrome and fork-execs it. The command line is built by chrome_setup.cc and libchromeos-ui‘s ChromiumCommandBuilder class. The command line’s contents are dependent on the presence of various USE flags. The libchromeos-use-flags package lists a number of USE flags in its IUSE variable; at build-time, it writes all of the set flags to /etc/ui_use_flags.txt. session_manager then reads this file at startup. (Generating ui_use_flags.txt in a tiny ancillary package rather than in chromeos-login avoids the need to build a different copy of the chromeos-login package for every board.)

Developers should take note of /etc/chrome_dev.conf, a configuration file that may be modified on-device to add or remove flags from Chrome's command line. The file contains documentation about its format.

After Chrome has displayed its login prompt, it calls session_manager's EmitLoginPromptVisible D-Bus method. session_manager writes a login-prompt-visible bootstat event, emits a LoginPromptVisible D-Bus signal on its interface, and makes an asynchronous D-Bus call to Upstart to tell it to emit a login-prompt-visible event; this latter event is used to trigger other jobs.

Login

When the user successfully logs in within Chrome, Chrome calls session_manager‘s StartSession D-Bus method and emits a start-user-session upstart signal. session_manager makes an asynchronous D-Bus call to Upstart’s StartUserSession method and emits a SessionStateChanged D-Bus signal on its own interface.

Additional SessionStateChanged signals are emitted if additional users are added to the session.

Screen Locking

Other processes on the system may decide to lock the screen after the user has logged in:

  • Chrome locks the screen in response to a request from the user, or just before the system suspends if the “Require password to wake from sleep” setting is enabled.
  • powerd locks the screen in response to user inactivity.

To do this, these processes call session_manager‘s LockScreen D-Bus method. session_manager records the locked state internally, triggers the screen-locked upstart signal, and calls Chrome’s ShowLockScreen D-Bus method via org.chromium.ScreenLockService. Once Chrome has successfully displayed the lock screen it calls session_manager's HandleLockScreenShown D-Bus method. session_manager then emits a ScreenIsLocked D-Bus signal.

After the user successfully types their password to unlock the screen, Chrome calls session_manager's HandleLockScreenDismissed D-Bus method. session_manager updates its internal state to record that the screen is no longer locked and emits both a screen-unlocked upstart event and a ScreenIsUnlocked D-Bus signal. Note that the lock events are not necessarily followed by unlock events because the active session can crash in which case the device is no longer locked.

Logout

When the user signs out, Chrome calls session_manager's StopSession D-Bus method. session_manager sends SIGTERM to the browser process and waits (3 seconds, by default) for it to exit. If the process is still running, it sends SIGABRT. session_manager then exits.

At this point, the ui-post-stop script runs. It writes a ui-post-stop bootstat event and forcibly cleans up by sending SIGKILL to any remaining chronos processes and killing orphaned containers.

The ui-respawn Upstart job then executes the ui-respawn script, which is responsible for restarting the ui job.

Crashes

If Chrome exits unexpectedly, session_manager typically restarts it (without the --login-manager flag). If the screen was locked at the time of the crash, session_manager instead ends the session to avoid exposing a logged-in desktop on a potentially-unattended system.

If Chrome crashes repeatedly, ui-respawn reboots the system. If the crashes continue, it stops rebooting the system with the hope that it‘ll eventually be autoupdated to a new version that doesn’t crash. See the ui-respawn script for specifics.