| // |
| // Copyright (C) 2014 The Android Open Source Project |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| // |
| |
| #ifndef UPDATE_ENGINE_UPDATE_MANAGER_POLICY_H_ |
| #define UPDATE_ENGINE_UPDATE_MANAGER_POLICY_H_ |
| |
| #include <memory> |
| #include <string> |
| #include <tuple> |
| #include <vector> |
| |
| #include "update_engine/common/error_code.h" |
| #include "update_engine/payload_consumer/install_plan.h" |
| #include "update_engine/update_manager/evaluation_context.h" |
| #include "update_engine/update_manager/rollback_prefs.h" |
| #include "update_engine/update_manager/state.h" |
| |
| namespace chromeos_update_manager { |
| |
| // The three different results of a policy request. |
| enum class EvalStatus { |
| kFailed, |
| kSucceeded, |
| kAskMeAgainLater, |
| kContinue, |
| }; |
| |
| std::string ToString(EvalStatus status); |
| |
| // Parameters of an update check. These parameters are determined by the |
| // UpdateCheckAllowed policy. |
| struct UpdateCheckParams { |
| // Whether the auto-updates are enabled on this build. |
| bool updates_enabled{true}; |
| |
| // Attributes pertaining to the case where update checks are allowed. |
| // |
| // A target version prefix, if imposed by policy; otherwise, an empty string. |
| std::string target_version_prefix; |
| // Specifies whether rollback images are allowed by device policy. |
| bool rollback_allowed{false}; |
| // Specifies if rollbacks should attempt to preserve some system state. |
| bool rollback_data_save_requested{false}; |
| // Specifies the number of Chrome milestones rollback should be allowed, |
| // starting from the stable version at any time. Value is -1 if unspecified |
| // (e.g. no device policy is available yet), in this case no version |
| // roll-forward should happen. |
| int rollback_allowed_milestones{0}; |
| // Whether a rollback with data save should be initiated on channel |
| // downgrade (e.g. beta to stable). |
| bool rollback_on_channel_downgrade{false}; |
| // A target channel, if so imposed by policy; otherwise, an empty string. |
| std::string target_channel; |
| // Specifies if the channel hint, e.g. LTS (Long Term Support) updates. |
| std::string lts_tag; |
| // Specifies a token which maps to a Chrome OS Quick Fix Build, if imposed by |
| // policy; otherwise, an empty string. |
| std::string quick_fix_build_token; |
| |
| // Whether the allowed update is interactive (user-initiated) or periodic. |
| bool interactive{false}; |
| }; |
| |
| // Input arguments to UpdateCanStart. |
| // |
| // A snapshot of the state of the current update process. This includes |
| // everything that a policy might need and that occurred since the first time |
| // the current payload was first seen and attempted (consecutively). |
| struct UpdateState { |
| // Information pertaining to the current update payload and/or check. |
| // |
| // Whether the current update check is an interactive one. The caller should |
| // feed the value returned by the preceding call to UpdateCheckAllowed(). |
| bool interactive; |
| // Whether it is a delta payload. |
| bool is_delta_payload; |
| // Wallclock time when payload was first (consecutively) offered by Omaha. |
| base::Time first_seen; |
| // Number of consecutive update checks returning the current update. |
| int num_checks; |
| // Number of update payload failures and the wallclock time when it was last |
| // updated by the updater. These should both be nullified whenever a new |
| // update is seen; they are updated at the policy's descretion (via |
| // UpdateDownloadParams.do_increment_failures) once all of the usable download |
| // URLs for the payload have been used without success. They should be |
| // persisted across reboots. |
| int num_failures; |
| base::Time failures_last_updated; |
| |
| // Information pertaining to downloading and applying of the current update. |
| // |
| // An array of download URLs provided by Omaha. |
| std::vector<std::string> download_urls; |
| // Max number of errors allowed per download URL. |
| int download_errors_max; |
| // The index of the URL to download from, as determined in the previous call |
| // to the policy. For a newly seen payload, this should be -1. |
| int last_download_url_idx; |
| // The number of successive download errors pertaining to this last URL, as |
| // determined in the previous call to the policy. For a newly seen payload, |
| // this should be zero. |
| int last_download_url_num_errors; |
| // An array of errors that occurred while trying to download this update since |
| // the previous call to this policy has returned, or since this payload was |
| // first seen, or since the updater process has started (whichever is later). |
| // Includes the URL index attempted, the error code, and the wallclock-based |
| // timestamp when it occurred. |
| std::vector<std::tuple<int, chromeos_update_engine::ErrorCode, base::Time>> |
| download_errors; |
| // Whether Omaha forbids use of P2P for downloading and/or sharing. |
| bool p2p_downloading_disabled; |
| bool p2p_sharing_disabled; |
| // The number of P2P download attempts and wallclock-based time when P2P |
| // download was first attempted. |
| int p2p_num_attempts; |
| base::Time p2p_first_attempted; |
| |
| // Information pertaining to update backoff mechanism. |
| // |
| // The currently known (persisted) wallclock-based backoff expiration time; |
| // zero if none. |
| base::Time backoff_expiry; |
| // Whether backoff is disabled by Omaha. |
| bool is_backoff_disabled; |
| |
| // Information pertaining to update scattering. |
| // |
| // The currently known (persisted) scattering wallclock-based wait period and |
| // update check threshold; zero if none. |
| base::TimeDelta scatter_wait_period; |
| int scatter_check_threshold; |
| // Maximum wait period allowed for this update, as determined by Omaha. |
| base::TimeDelta scatter_wait_period_max; |
| // Minimum/maximum check threshold values. |
| // TODO(garnold) These appear to not be related to the current update and so |
| // should probably be obtained as variables via UpdaterProvider. |
| int scatter_check_threshold_min; |
| int scatter_check_threshold_max; |
| }; |
| |
| // Results regarding the downloading and applying of an update, as determined by |
| // UpdateCanStart. |
| // |
| // An enumerator for the reasons of not allowing an update to start. |
| enum class UpdateCannotStartReason { |
| kUndefined, |
| kCheckDue, |
| kScattering, |
| kBackoff, |
| kCannotDownload, |
| }; |
| |
| struct UpdateDownloadParams { |
| // Whether the update attempt is allowed to proceed. |
| bool update_can_start; |
| // If update cannot proceed, a reason code for why it cannot do so. |
| UpdateCannotStartReason cannot_start_reason; |
| |
| // Download related attributes. The update engine uses them to choose the |
| // means for downloading and applying an update. |
| // |
| // The index of the download URL to use (-1 means no suitable URL was found) |
| // and whether it can be used. Even if there's no URL or its use is not |
| // allowed (backoff, scattering) there may still be other means for download |
| // (like P2P). The URL index needs to be persisted and handed back to the |
| // policy on the next time it is called. |
| int download_url_idx; |
| bool download_url_allowed; |
| // The number of download errors associated with this download URL. This value |
| // needs to be persisted and handed back to the policy on the next time it is |
| // called. |
| int download_url_num_errors; |
| // Whether P2P download and sharing are allowed. |
| bool p2p_downloading_allowed; |
| bool p2p_sharing_allowed; |
| |
| // Other values that need to be persisted and handed to the policy as need on |
| // the next call. |
| // |
| // Whether an update failure has been identified by the policy. The client |
| // should increment and persist its update failure count, and record the time |
| // when this was done; it needs to hand these values back to the policy |
| // (UpdateState.{num_failures,failures_last_updated}) on the next time it is |
| // called. |
| bool do_increment_failures; |
| // The current backof expiry. |
| base::Time backoff_expiry; |
| // The scattering wait period and check threshold. |
| base::TimeDelta scatter_wait_period; |
| int scatter_check_threshold; |
| }; |
| |
| // The Policy class is an interface to the ensemble of policy requests that the |
| // client can make. A derived class includes the policy implementations of |
| // these. |
| // |
| // When compile-time selection of the policy is required due to missing or extra |
| // parts in a given platform, a different Policy subclass can be used. |
| class Policy { |
| public: |
| virtual ~Policy() {} |
| |
| // Returns the name of a public policy request. |
| // IMPORTANT: Be sure to add a conditional for each new public policy that is |
| // being added to this class in the future. |
| template <typename R, typename... Args> |
| std::string PolicyRequestName(EvalStatus (Policy::*policy_method)( |
| EvaluationContext*, State*, std::string*, R*, Args...) const) const { |
| std::string class_name = PolicyName() + "::"; |
| |
| if (reinterpret_cast<typeof(&Policy::UpdateCheckAllowed)>(policy_method) == |
| &Policy::UpdateCheckAllowed) |
| return class_name + "UpdateCheckAllowed"; |
| if (reinterpret_cast<typeof(&Policy::UpdateCanBeApplied)>(policy_method) == |
| &Policy::UpdateCanBeApplied) |
| return class_name + "UpdateCanBeApplied"; |
| if (reinterpret_cast<typeof(&Policy::UpdateCanStart)>(policy_method) == |
| &Policy::UpdateCanStart) |
| return class_name + "UpdateCanStart"; |
| if (reinterpret_cast<typeof(&Policy::P2PEnabled)>(policy_method) == |
| &Policy::P2PEnabled) |
| return class_name + "P2PEnabled"; |
| if (reinterpret_cast<typeof(&Policy::P2PEnabledChanged)>(policy_method) == |
| &Policy::P2PEnabledChanged) |
| return class_name + "P2PEnabledChanged"; |
| |
| NOTREACHED(); |
| return class_name + "(unknown)"; |
| } |
| |
| // List of policy requests. A policy request takes an EvaluationContext as the |
| // first argument, a State instance, a returned error message, a returned |
| // value and optionally followed by one or more arbitrary constant arguments. |
| // |
| // When the implementation fails, the method returns EvalStatus::kFailed and |
| // sets the |error| string. |
| |
| // UpdateCheckAllowed returns whether it is allowed to request an update check |
| // to Omaha. |
| virtual EvalStatus UpdateCheckAllowed(EvaluationContext* ec, |
| State* state, |
| std::string* error, |
| UpdateCheckParams* result) const = 0; |
| |
| // UpdateCanBeApplied returns whether the given |install_plan| can be acted |
| // on at this time. The reason for not applying is returned in |result|. |
| // The Policy may modify the passed-in |install_plan|, based on the |
| // implementation in the Policy and values provided by the EvaluationContext. |
| virtual EvalStatus UpdateCanBeApplied( |
| EvaluationContext* ec, |
| State* state, |
| std::string* error, |
| chromeos_update_engine::ErrorCode* result, |
| chromeos_update_engine::InstallPlan* install_plan) const = 0; |
| |
| // Returns EvalStatus::kSucceeded if either an update can start being |
| // processed, or the attempt needs to be aborted. In cases where the update |
| // needs to wait for some condition to be satisfied, but none of the values |
| // that need to be persisted has changed, returns |
| // EvalStatus::kAskMeAgainLater. Arguments include an |update_state| that |
| // encapsulates data pertaining to the current ongoing update process. |
| virtual EvalStatus UpdateCanStart(EvaluationContext* ec, |
| State* state, |
| std::string* error, |
| UpdateDownloadParams* result, |
| UpdateState update_state) const = 0; |
| |
| // Checks whether P2P is enabled. This may consult device policy and other |
| // global settings. |
| virtual EvalStatus P2PEnabled(EvaluationContext* ec, |
| State* state, |
| std::string* error, |
| bool* result) const = 0; |
| |
| // Checks whether P2P is enabled, but blocks (returns |
| // |EvalStatus::kAskMeAgainLater|) until it is different from |prev_result|. |
| // If the P2P enabled status is not expected to change, will return |
| // immediately with |EvalStatus::kSucceeded|. This internally uses the |
| // P2PEnabled() policy above. |
| virtual EvalStatus P2PEnabledChanged(EvaluationContext* ec, |
| State* state, |
| std::string* error, |
| bool* result, |
| bool prev_result) const = 0; |
| |
| protected: |
| Policy() {} |
| |
| // Returns the name of the actual policy class. |
| virtual std::string PolicyName() const = 0; |
| |
| private: |
| DISALLOW_COPY_AND_ASSIGN(Policy); |
| }; |
| |
| // Get system dependent policy implementation. |
| std::unique_ptr<Policy> GetSystemPolicy(); |
| |
| } // namespace chromeos_update_manager |
| |
| #endif // UPDATE_ENGINE_UPDATE_MANAGER_POLICY_H_ |