aea4c1cea20dda7ae7e85fc8924a2d784f70d806 |
|
20-Aug-2015 |
Alex Deymo <deymo@google.com> |
Re-license update_engine to Apache2 This patch automatically replaced the license on all text files from Chromium OS (BSD style) to AOSP (Apache2), keeping the original year as a reference. The license header was added to .gyp and .gypi files, the NOTICE was replaced with a copy of the Apache2 license and MODULE_LICENSE_* file was updated. BUG=b/23084294 TEST=grep 'Chromium OS Authors' doesn't find anything. Change-Id: Ie5083750755f5180a8a785b24fe67dbf9195cd10
/system/update_engine/update_manager/default_policy.cc
|
78ecbfc254c574e52cfe63310a801381a0035c43 |
|
22-Oct-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Separate global P2P usage from payload-specific attributes. This change is needed for two reasons: (a) The decision regarding the global P2P enabled state and those pertaining to whether individual payloads may be downloaded and/or shared via P2P have distinct and not necessarily nested lifespans. (b) Some parts of the update engine are concerned with the former and some with the latter, and so we need separate entry points in the Update Manager to accommodate that. This also introduces two Omaha-derived values, denoting whether P2P downloading and/or sharing should be disabled for the current payload, into the UpdateCanStart policy. BUG=chromium:425233 TEST=Unit tests. Change-Id: I0ba0090bd4c5ceb0c812ea218b070945083abd95 Reviewed-on: https://chromium-review.googlesource.com/225150 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Alex Deymo <deymo@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
14a9e70709b4cda5afc97ac6219bc660810b2077 |
|
08-Oct-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Properly handle update download deterrents. The UpdateCanStart policy request needs to satisfy two related requirements: * It must allow the caller to proceed with the update even if some forms of download are not allowed (for example, HTTP/HTTPS download blocked due to scattering) but other are allowed (for example, P2P). * It needs to assess all the input provided and, upon returning successfully, convey any new values that pertain to downloading of the update payload and that need to be persisted (such as the download URL, backoff and scattering values, and so on). The caller in turn is assured that, having successfully returned, the policy has indeed considered all state and it is safe to clear parts of it (such as the download error history). This change ensures that the policy suppresses scattering and backoff decisions if P2P download is allowed. This only suppresses the final decision, but otherwise still returns whatever URL index and error count that were inferred. It further adjusts the way in which various download deterrents (check due, scattering, backoff) are handled, deferring responses to the very end of the evaluation and thus returning a complete result. BUG=chromium:384087 TEST=Unit tests. Change-Id: Ie95976295c0cd635e2a10912308b8756a677682f Reviewed-on: https://chromium-review.googlesource.com/222263 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Gaurav Shah <gauravsh@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
b2f9919a0e4a77dd885625cb52ff7322974bd338 |
|
07-Oct-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Policy to distinguish between P2P downloading and sharing. Previously, the UpdateCanStart policy returned a single Boolean, indicating whether "P2P is allowed". However, the policy has been incorrectly reproducing decisions made by current code, whereas P2P sharing is always allowed (if P2P is enabled) but P2P downloading has additional limitations. This CL introduces distinct flags for both downloading and sharing, and reasons about them specifically. This also adds a constraints whereas P2P downloading is allowed for non-interactive updates only. BUG=chromium:420732 TEST=Unit tests. Change-Id: Ife4b6b2830c999745a0d4239089034c863de6388 Reviewed-on: https://chromium-review.googlesource.com/222262 Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Alex Deymo <deymo@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
d78caf9baf2026a356130f4754af2c504f423945 |
|
24-Sep-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Change policy argument from const ref to value. It turns out that passing an argument by reference to UpdateCanStart via UpdateManager::AsyncPolicyRequest is a pain. Furthermore, given that the policy is async by definition, it makes little sense to hand it a const reference argument. This changes the said argument to be passed by value. BUG=chromium:396148 TEST=Unit tests. Change-Id: I45a8141b389c173347f3a6b7dc03ffe46cb32228 Reviewed-on: https://chromium-review.googlesource.com/219694 Reviewed-by: Alex Vakulenko <avakulenko@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Alex Deymo <deymo@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
dc4bb268eb6e6ddcd087d5eccfd88c8e92252920 |
|
23-Jul-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Incorporate backoff logic in UpdateCanStart. This change adds backoff computation logic to UpdateCanStart. For the most part, it is extending a private policy call (UpdateDownloadUrl) to account for previously enacted backoff periods and to compute new ones when an update failure is identified (accordingly, it is now called UpdateBackoffAndDownloadUrl). To conform with the pure nature of policy implementations, yet minimizing the amount of "state" that needs to be managed and persisted by the updater, we now consider download errors in bulks defined by the most recent update failure (namely, the point in time when all URLs where tried and failed). The updater is expected to keep track of the update failure count, setting it to zero when a new update is seen, and incrementing it (and recording the time it was incremented) when told to do so by the policy. We therefore make some adjustments to the policy API and its usage semantics. BUG=chromium:396148 TEST=Unit tests. Change-Id: If8787b8c41055779945f9b41368ec08ac5e6fcca Reviewed-on: https://chromium-review.googlesource.com/210702 Reviewed-by: Alex Vakulenko <avakulenko@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Reviewed-by: Alex Deymo <deymo@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
d4b303246eae1fcd0b4820657f1d787e8238146f |
|
22-Jul-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: UpdateCheckAllowed returns target version prefix. This piece of information is also provided by the device policy and needed when performing the update check. Borrows logic currently in UpdateAttempter::CalculateUpdateParams(). BUG=chromium:358269 TEST=Unit tests. Change-Id: I5259404df1763be8944b445d51e1fafbca946306 Reviewed-on: https://chromium-review.googlesource.com/209228 Reviewed-by: Alex Vakulenko <avakulenko@chromium.org> Reviewed-by: Alex Deymo <deymo@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
44dc3bfd45eaddc1e7b586f8839babe4540418b5 |
|
19-Jul-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: UpdateCheckAllowed now considers interactive update requests. This is necessary so we can delegate handling of all update checks to the UpdateManager, allowing us to share logic between the two cases and eliminate multiple entry point to UpdateAttempter::Update() and handling of interference between these two processes. Instead, these are all handled naturally by the UpdateManager. BUG=chromium:394389 TEST=Unit tests. Change-Id: I32a1ab917e5aeb5c2da1953d8b0ffa8c9d8d62f9 Reviewed-on: https://chromium-review.googlesource.com/209100 Reviewed-by: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
a23e408368ad34e21ee90ebd0dcb55cd03417d22 |
|
17-Jul-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Make DefaultPolicy::UpdateCheckAllowed stateful. This adds an auxiliary state to DefaultPolicy, and makes UpdateCheckAllowed use it for recording the last time an update check was allowed. This is necessary for enforcing a minimum interval between consecutive update checks, a necessary property in the unlikely case that the main policy is badly screwed: with it, the update engine will repeatedly check for updates, unnecessarily consuming local resources and potentially DDoS-ing Omaha. In order to track time, the DefaultPolicy now takes a ClockInterface argument; for backward compatibility with existing unit testing code, we allow this handle to be null, in which case time is not tracked and the policy resorts to the previous default behavior (namely, updates are always allowed). We do plug a clock when DefaultPolicy is used in the UpdateManager production (backup policy) and fake (main policy) implementations. Note that the state is added as an external object, in order to work around the constness of policy objects that's implied by the policy API (const methods). Finally, it should be noted that we use monotonic time in order to ensure that the DefaultPolicy does not become an attack surface for denying updates, or exhausting local resources and/or DoS-ing services. BUG=chromium:394778 TEST=Unit tests. Change-Id: I08628ea9b0067fa7abf6e457c55d4ffea276c463 Reviewed-on: https://chromium-review.googlesource.com/208732 Reviewed-by: Gilad Arnold <garnold@chromium.org> Tested-by: Gilad Arnold <garnold@chromium.org> Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|