| aea4c1cea20dda7ae7e85fc8924a2d784f70d806 |
|
20-Aug-2015 |
Alex Deymo <deymo@google.com> |
Re-license update_engine to Apache2
This patch automatically replaced the license on all text files from
Chromium OS (BSD style) to AOSP (Apache2), keeping the original year as
a reference.
The license header was added to .gyp and .gypi files, the NOTICE was
replaced with a copy of the Apache2 license and MODULE_LICENSE_* file
was updated.
BUG=b/23084294
TEST=grep 'Chromium OS Authors' doesn't find anything.
Change-Id: Ie5083750755f5180a8a785b24fe67dbf9195cd10
/system/update_engine/update_manager/default_policy.cc
|
| 78ecbfc254c574e52cfe63310a801381a0035c43 |
|
22-Oct-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Separate global P2P usage from payload-specific attributes.
This change is needed for two reasons: (a) The decision regarding the
global P2P enabled state and those pertaining to whether individual
payloads may be downloaded and/or shared via P2P have distinct and not
necessarily nested lifespans. (b) Some parts of the update engine are
concerned with the former and some with the latter, and so we need
separate entry points in the Update Manager to accommodate that.
This also introduces two Omaha-derived values, denoting whether P2P
downloading and/or sharing should be disabled for the current payload,
into the UpdateCanStart policy.
BUG=chromium:425233
TEST=Unit tests.
Change-Id: I0ba0090bd4c5ceb0c812ea218b070945083abd95
Reviewed-on: https://chromium-review.googlesource.com/225150
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Alex Deymo <deymo@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
| 14a9e70709b4cda5afc97ac6219bc660810b2077 |
|
08-Oct-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Properly handle update download deterrents.
The UpdateCanStart policy request needs to satisfy two related
requirements:
* It must allow the caller to proceed with the update even if some forms
of download are not allowed (for example, HTTP/HTTPS download blocked
due to scattering) but other are allowed (for example, P2P).
* It needs to assess all the input provided and, upon returning
successfully, convey any new values that pertain to downloading of the
update payload and that need to be persisted (such as the download
URL, backoff and scattering values, and so on). The caller in turn is
assured that, having successfully returned, the policy has indeed
considered all state and it is safe to clear parts of it (such as the
download error history).
This change ensures that the policy suppresses scattering and backoff
decisions if P2P download is allowed. This only suppresses the final
decision, but otherwise still returns whatever URL index and error count
that were inferred. It further adjusts the way in which various download
deterrents (check due, scattering, backoff) are handled, deferring
responses to the very end of the evaluation and thus returning
a complete result.
BUG=chromium:384087
TEST=Unit tests.
Change-Id: Ie95976295c0cd635e2a10912308b8756a677682f
Reviewed-on: https://chromium-review.googlesource.com/222263
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
| b2f9919a0e4a77dd885625cb52ff7322974bd338 |
|
07-Oct-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Policy to distinguish between P2P downloading and sharing.
Previously, the UpdateCanStart policy returned a single Boolean,
indicating whether "P2P is allowed". However, the policy has been
incorrectly reproducing decisions made by current code, whereas P2P
sharing is always allowed (if P2P is enabled) but P2P downloading has
additional limitations. This CL introduces distinct flags for both
downloading and sharing, and reasons about them specifically.
This also adds a constraints whereas P2P downloading is allowed for
non-interactive updates only.
BUG=chromium:420732
TEST=Unit tests.
Change-Id: Ife4b6b2830c999745a0d4239089034c863de6388
Reviewed-on: https://chromium-review.googlesource.com/222262
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Alex Deymo <deymo@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
| d78caf9baf2026a356130f4754af2c504f423945 |
|
24-Sep-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Change policy argument from const ref to value.
It turns out that passing an argument by reference to UpdateCanStart via
UpdateManager::AsyncPolicyRequest is a pain. Furthermore, given that the
policy is async by definition, it makes little sense to hand it a const
reference argument. This changes the said argument to be passed by
value.
BUG=chromium:396148
TEST=Unit tests.
Change-Id: I45a8141b389c173347f3a6b7dc03ffe46cb32228
Reviewed-on: https://chromium-review.googlesource.com/219694
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Alex Deymo <deymo@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
| dc4bb268eb6e6ddcd087d5eccfd88c8e92252920 |
|
23-Jul-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Incorporate backoff logic in UpdateCanStart.
This change adds backoff computation logic to UpdateCanStart. For the
most part, it is extending a private policy call (UpdateDownloadUrl) to
account for previously enacted backoff periods and to compute new ones
when an update failure is identified (accordingly, it is now called
UpdateBackoffAndDownloadUrl).
To conform with the pure nature of policy implementations, yet
minimizing the amount of "state" that needs to be managed and persisted
by the updater, we now consider download errors in bulks defined by the
most recent update failure (namely, the point in time when all URLs
where tried and failed). The updater is expected to keep track of the
update failure count, setting it to zero when a new update is seen, and
incrementing it (and recording the time it was incremented) when told to
do so by the policy. We therefore make some adjustments to the policy
API and its usage semantics.
BUG=chromium:396148
TEST=Unit tests.
Change-Id: If8787b8c41055779945f9b41368ec08ac5e6fcca
Reviewed-on: https://chromium-review.googlesource.com/210702
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Reviewed-by: Alex Deymo <deymo@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
| d4b303246eae1fcd0b4820657f1d787e8238146f |
|
22-Jul-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: UpdateCheckAllowed returns target version prefix.
This piece of information is also provided by the device policy and
needed when performing the update check. Borrows logic currently in
UpdateAttempter::CalculateUpdateParams().
BUG=chromium:358269
TEST=Unit tests.
Change-Id: I5259404df1763be8944b445d51e1fafbca946306
Reviewed-on: https://chromium-review.googlesource.com/209228
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Reviewed-by: Alex Deymo <deymo@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
| 44dc3bfd45eaddc1e7b586f8839babe4540418b5 |
|
19-Jul-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: UpdateCheckAllowed now considers interactive update requests.
This is necessary so we can delegate handling of all update checks to
the UpdateManager, allowing us to share logic between the two cases and
eliminate multiple entry point to UpdateAttempter::Update() and handling
of interference between these two processes. Instead, these are all
handled naturally by the UpdateManager.
BUG=chromium:394389
TEST=Unit tests.
Change-Id: I32a1ab917e5aeb5c2da1953d8b0ffa8c9d8d62f9
Reviewed-on: https://chromium-review.googlesource.com/209100
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|
| a23e408368ad34e21ee90ebd0dcb55cd03417d22 |
|
17-Jul-2014 |
Gilad Arnold <garnold@chromium.org> |
update_engine: UM: Make DefaultPolicy::UpdateCheckAllowed stateful.
This adds an auxiliary state to DefaultPolicy, and makes
UpdateCheckAllowed use it for recording the last time an update check
was allowed. This is necessary for enforcing a minimum interval between
consecutive update checks, a necessary property in the unlikely case
that the main policy is badly screwed: with it, the update engine will
repeatedly check for updates, unnecessarily consuming local resources
and potentially DDoS-ing Omaha.
In order to track time, the DefaultPolicy now takes a ClockInterface
argument; for backward compatibility with existing unit testing code, we
allow this handle to be null, in which case time is not tracked and the
policy resorts to the previous default behavior (namely, updates are
always allowed). We do plug a clock when DefaultPolicy is used in the
UpdateManager production (backup policy) and fake (main policy)
implementations.
Note that the state is added as an external object, in order to work
around the constness of policy objects that's implied by the policy API
(const methods).
Finally, it should be noted that we use monotonic time in order to
ensure that the DefaultPolicy does not become an attack surface for
denying updates, or exhausting local resources and/or DoS-ing services.
BUG=chromium:394778
TEST=Unit tests.
Change-Id: I08628ea9b0067fa7abf6e457c55d4ffea276c463
Reviewed-on: https://chromium-review.googlesource.com/208732
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
/system/update_engine/update_manager/default_policy.cc
|