1 //
2 // Copyright (C) 2016 The Android Open Source Project
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 // http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 //
16
17 #include "update_engine/update_attempter_android.h"
18
19 #include <algorithm>
20 #include <map>
21 #include <utility>
22
23 #include <base/bind.h>
24 #include <base/logging.h>
25 #include <base/strings/string_number_conversions.h>
26 #include <brillo/bind_lambda.h>
27 #include <brillo/data_encoding.h>
28 #include <brillo/message_loops/message_loop.h>
29 #include <brillo/strings/string_utils.h>
30 #include <log/log.h>
31
32 #include "update_engine/common/constants.h"
33 #include "update_engine/common/file_fetcher.h"
34 #include "update_engine/common/utils.h"
35 #include "update_engine/daemon_state_interface.h"
36 #include "update_engine/network_selector.h"
37 #include "update_engine/payload_consumer/download_action.h"
38 #include "update_engine/payload_consumer/filesystem_verifier_action.h"
39 #include "update_engine/payload_consumer/postinstall_runner_action.h"
40 #include "update_engine/update_status_utils.h"
41
42 #ifndef _UE_SIDELOAD
43 // Do not include support for external HTTP(s) urls when building
44 // update_engine_sideload.
45 #include "update_engine/libcurl_http_fetcher.h"
46 #endif
47
48 using base::Bind;
49 using base::TimeDelta;
50 using base::TimeTicks;
51 using std::shared_ptr;
52 using std::string;
53 using std::vector;
54
55 namespace chromeos_update_engine {
56
57 namespace {
58
59 // Minimum threshold to broadcast an status update in progress and time.
60 const double kBroadcastThresholdProgress = 0.01; // 1%
61 const int kBroadcastThresholdSeconds = 10;
62
63 const char* const kErrorDomain = "update_engine";
64 // TODO(deymo): Convert the different errors to a numeric value to report them
65 // back on the service error.
66 const char* const kGenericError = "generic_error";
67
68 // Log and set the error on the passed ErrorPtr.
LogAndSetError(brillo::ErrorPtr * error,const tracked_objects::Location & location,const string & reason)69 bool LogAndSetError(brillo::ErrorPtr* error,
70 const tracked_objects::Location& location,
71 const string& reason) {
72 brillo::Error::AddTo(error, location, kErrorDomain, kGenericError, reason);
73 LOG(ERROR) << "Replying with failure: " << location.ToString() << ": "
74 << reason;
75 return false;
76 }
77
78 } // namespace
79
UpdateAttempterAndroid(DaemonStateInterface * daemon_state,PrefsInterface * prefs,BootControlInterface * boot_control,HardwareInterface * hardware)80 UpdateAttempterAndroid::UpdateAttempterAndroid(
81 DaemonStateInterface* daemon_state,
82 PrefsInterface* prefs,
83 BootControlInterface* boot_control,
84 HardwareInterface* hardware)
85 : daemon_state_(daemon_state),
86 prefs_(prefs),
87 boot_control_(boot_control),
88 hardware_(hardware),
89 processor_(new ActionProcessor()) {
90 network_selector_ = network::CreateNetworkSelector();
91 }
92
~UpdateAttempterAndroid()93 UpdateAttempterAndroid::~UpdateAttempterAndroid() {
94 // Release ourselves as the ActionProcessor's delegate to prevent
95 // re-scheduling the updates due to the processing stopped.
96 processor_->set_delegate(nullptr);
97 }
98
Init()99 void UpdateAttempterAndroid::Init() {
100 // In case of update_engine restart without a reboot we need to restore the
101 // reboot needed state.
102 if (UpdateCompletedOnThisBoot())
103 SetStatusAndNotify(UpdateStatus::UPDATED_NEED_REBOOT);
104 else
105 SetStatusAndNotify(UpdateStatus::IDLE);
106 }
107
ApplyPayload(const string & payload_url,int64_t payload_offset,int64_t payload_size,const vector<string> & key_value_pair_headers,brillo::ErrorPtr * error)108 bool UpdateAttempterAndroid::ApplyPayload(
109 const string& payload_url,
110 int64_t payload_offset,
111 int64_t payload_size,
112 const vector<string>& key_value_pair_headers,
113 brillo::ErrorPtr* error) {
114 if (status_ == UpdateStatus::UPDATED_NEED_REBOOT) {
115 return LogAndSetError(
116 error, FROM_HERE, "An update already applied, waiting for reboot");
117 }
118 if (ongoing_update_) {
119 return LogAndSetError(
120 error, FROM_HERE, "Already processing an update, cancel it first.");
121 }
122 DCHECK(status_ == UpdateStatus::IDLE);
123
124 std::map<string, string> headers;
125 for (const string& key_value_pair : key_value_pair_headers) {
126 string key;
127 string value;
128 if (!brillo::string_utils::SplitAtFirst(
129 key_value_pair, "=", &key, &value, false)) {
130 return LogAndSetError(
131 error, FROM_HERE, "Passed invalid header: " + key_value_pair);
132 }
133 if (!headers.emplace(key, value).second)
134 return LogAndSetError(error, FROM_HERE, "Passed repeated key: " + key);
135 }
136
137 // Unique identifier for the payload. An empty string means that the payload
138 // can't be resumed.
139 string payload_id = (headers[kPayloadPropertyFileHash] +
140 headers[kPayloadPropertyMetadataHash]);
141
142 // Setup the InstallPlan based on the request.
143 install_plan_ = InstallPlan();
144
145 install_plan_.download_url = payload_url;
146 install_plan_.version = "";
147 base_offset_ = payload_offset;
148 InstallPlan::Payload payload;
149 payload.size = payload_size;
150 if (!payload.size) {
151 if (!base::StringToUint64(headers[kPayloadPropertyFileSize],
152 &payload.size)) {
153 payload.size = 0;
154 }
155 }
156 if (!brillo::data_encoding::Base64Decode(headers[kPayloadPropertyFileHash],
157 &payload.hash)) {
158 LOG(WARNING) << "Unable to decode base64 file hash: "
159 << headers[kPayloadPropertyFileHash];
160 }
161 if (!base::StringToUint64(headers[kPayloadPropertyMetadataSize],
162 &payload.metadata_size)) {
163 payload.metadata_size = 0;
164 }
165 // The |payload.type| is not used anymore since minor_version 3.
166 payload.type = InstallPayloadType::kUnknown;
167 install_plan_.payloads.push_back(payload);
168
169 // The |public_key_rsa| key would override the public key stored on disk.
170 install_plan_.public_key_rsa = "";
171
172 install_plan_.hash_checks_mandatory = hardware_->IsOfficialBuild();
173 install_plan_.is_resume = !payload_id.empty() &&
174 DeltaPerformer::CanResumeUpdate(prefs_, payload_id);
175 if (!install_plan_.is_resume) {
176 if (!DeltaPerformer::ResetUpdateProgress(prefs_, false)) {
177 LOG(WARNING) << "Unable to reset the update progress.";
178 }
179 if (!prefs_->SetString(kPrefsUpdateCheckResponseHash, payload_id)) {
180 LOG(WARNING) << "Unable to save the update check response hash.";
181 }
182 }
183 install_plan_.source_slot = boot_control_->GetCurrentSlot();
184 install_plan_.target_slot = install_plan_.source_slot == 0 ? 1 : 0;
185
186 int data_wipe = 0;
187 install_plan_.powerwash_required =
188 base::StringToInt(headers[kPayloadPropertyPowerwash], &data_wipe) &&
189 data_wipe != 0;
190
191 NetworkId network_id = kDefaultNetworkId;
192 if (!headers[kPayloadPropertyNetworkId].empty()) {
193 if (!base::StringToUint64(headers[kPayloadPropertyNetworkId],
194 &network_id)) {
195 return LogAndSetError(
196 error,
197 FROM_HERE,
198 "Invalid network_id: " + headers[kPayloadPropertyNetworkId]);
199 }
200 if (!network_selector_->SetProcessNetwork(network_id)) {
201 return LogAndSetError(
202 error,
203 FROM_HERE,
204 "Unable to set network_id: " + headers[kPayloadPropertyNetworkId]);
205 }
206 }
207
208 LOG(INFO) << "Using this install plan:";
209 install_plan_.Dump();
210
211 BuildUpdateActions(payload_url);
212 // Setup extra headers.
213 HttpFetcher* fetcher = download_action_->http_fetcher();
214 if (!headers[kPayloadPropertyAuthorization].empty())
215 fetcher->SetHeader("Authorization", headers[kPayloadPropertyAuthorization]);
216 if (!headers[kPayloadPropertyUserAgent].empty())
217 fetcher->SetHeader("User-Agent", headers[kPayloadPropertyUserAgent]);
218
219 SetStatusAndNotify(UpdateStatus::UPDATE_AVAILABLE);
220 ongoing_update_ = true;
221
222 // Just in case we didn't update boot flags yet, make sure they're updated
223 // before any update processing starts. This will start the update process.
224 UpdateBootFlags();
225 return true;
226 }
227
SuspendUpdate(brillo::ErrorPtr * error)228 bool UpdateAttempterAndroid::SuspendUpdate(brillo::ErrorPtr* error) {
229 if (!ongoing_update_)
230 return LogAndSetError(error, FROM_HERE, "No ongoing update to suspend.");
231 processor_->SuspendProcessing();
232 return true;
233 }
234
ResumeUpdate(brillo::ErrorPtr * error)235 bool UpdateAttempterAndroid::ResumeUpdate(brillo::ErrorPtr* error) {
236 if (!ongoing_update_)
237 return LogAndSetError(error, FROM_HERE, "No ongoing update to resume.");
238 processor_->ResumeProcessing();
239 return true;
240 }
241
CancelUpdate(brillo::ErrorPtr * error)242 bool UpdateAttempterAndroid::CancelUpdate(brillo::ErrorPtr* error) {
243 if (!ongoing_update_)
244 return LogAndSetError(error, FROM_HERE, "No ongoing update to cancel.");
245 processor_->StopProcessing();
246 return true;
247 }
248
ResetStatus(brillo::ErrorPtr * error)249 bool UpdateAttempterAndroid::ResetStatus(brillo::ErrorPtr* error) {
250 LOG(INFO) << "Attempting to reset state from "
251 << UpdateStatusToString(status_) << " to UpdateStatus::IDLE";
252
253 switch (status_) {
254 case UpdateStatus::IDLE:
255 return true;
256
257 case UpdateStatus::UPDATED_NEED_REBOOT: {
258 // Remove the reboot marker so that if the machine is rebooted
259 // after resetting to idle state, it doesn't go back to
260 // UpdateStatus::UPDATED_NEED_REBOOT state.
261 bool ret_value = prefs_->Delete(kPrefsUpdateCompletedOnBootId);
262
263 // Update the boot flags so the current slot has higher priority.
264 if (!boot_control_->SetActiveBootSlot(boot_control_->GetCurrentSlot()))
265 ret_value = false;
266
267 // Mark the current slot as successful again, since marking it as active
268 // may reset the successful bit. We ignore the result of whether marking
269 // the current slot as successful worked.
270 if (!boot_control_->MarkBootSuccessfulAsync(Bind([](bool successful){})))
271 ret_value = false;
272
273 if (!ret_value) {
274 return LogAndSetError(
275 error,
276 FROM_HERE,
277 "Failed to reset the status to ");
278 }
279
280 SetStatusAndNotify(UpdateStatus::IDLE);
281 LOG(INFO) << "Reset status successful";
282 return true;
283 }
284
285 default:
286 return LogAndSetError(
287 error,
288 FROM_HERE,
289 "Reset not allowed in this state. Cancel the ongoing update first");
290 }
291 }
292
ProcessingDone(const ActionProcessor * processor,ErrorCode code)293 void UpdateAttempterAndroid::ProcessingDone(const ActionProcessor* processor,
294 ErrorCode code) {
295 LOG(INFO) << "Processing Done.";
296
297 switch (code) {
298 case ErrorCode::kSuccess:
299 // Update succeeded.
300 WriteUpdateCompletedMarker();
301 prefs_->SetInt64(kPrefsDeltaUpdateFailures, 0);
302 DeltaPerformer::ResetUpdateProgress(prefs_, false);
303
304 LOG(INFO) << "Update successfully applied, waiting to reboot.";
305 break;
306
307 case ErrorCode::kFilesystemCopierError:
308 case ErrorCode::kNewRootfsVerificationError:
309 case ErrorCode::kNewKernelVerificationError:
310 case ErrorCode::kFilesystemVerifierError:
311 case ErrorCode::kDownloadStateInitializationError:
312 // Reset the ongoing update for these errors so it starts from the
313 // beginning next time.
314 DeltaPerformer::ResetUpdateProgress(prefs_, false);
315 LOG(INFO) << "Resetting update progress.";
316 break;
317
318 case ErrorCode::kPayloadTimestampError:
319 // SafetyNet logging, b/36232423
320 android_errorWriteLog(0x534e4554, "36232423");
321 break;
322
323 default:
324 // Ignore all other error codes.
325 break;
326 }
327
328 TerminateUpdateAndNotify(code);
329 }
330
ProcessingStopped(const ActionProcessor * processor)331 void UpdateAttempterAndroid::ProcessingStopped(
332 const ActionProcessor* processor) {
333 TerminateUpdateAndNotify(ErrorCode::kUserCanceled);
334 }
335
ActionCompleted(ActionProcessor * processor,AbstractAction * action,ErrorCode code)336 void UpdateAttempterAndroid::ActionCompleted(ActionProcessor* processor,
337 AbstractAction* action,
338 ErrorCode code) {
339 // Reset download progress regardless of whether or not the download
340 // action succeeded.
341 const string type = action->Type();
342 if (type == DownloadAction::StaticType()) {
343 download_progress_ = 0;
344 }
345 if (code != ErrorCode::kSuccess) {
346 // If an action failed, the ActionProcessor will cancel the whole thing.
347 return;
348 }
349 if (type == DownloadAction::StaticType()) {
350 SetStatusAndNotify(UpdateStatus::FINALIZING);
351 }
352 }
353
BytesReceived(uint64_t bytes_progressed,uint64_t bytes_received,uint64_t total)354 void UpdateAttempterAndroid::BytesReceived(uint64_t bytes_progressed,
355 uint64_t bytes_received,
356 uint64_t total) {
357 double progress = 0;
358 if (total)
359 progress = static_cast<double>(bytes_received) / static_cast<double>(total);
360 if (status_ != UpdateStatus::DOWNLOADING || bytes_received == total) {
361 download_progress_ = progress;
362 SetStatusAndNotify(UpdateStatus::DOWNLOADING);
363 } else {
364 ProgressUpdate(progress);
365 }
366 }
367
ShouldCancel(ErrorCode * cancel_reason)368 bool UpdateAttempterAndroid::ShouldCancel(ErrorCode* cancel_reason) {
369 // TODO(deymo): Notify the DownloadAction that it should cancel the update
370 // download.
371 return false;
372 }
373
DownloadComplete()374 void UpdateAttempterAndroid::DownloadComplete() {
375 // Nothing needs to be done when the download completes.
376 }
377
ProgressUpdate(double progress)378 void UpdateAttempterAndroid::ProgressUpdate(double progress) {
379 // Self throttle based on progress. Also send notifications if progress is
380 // too slow.
381 if (progress == 1.0 ||
382 progress - download_progress_ >= kBroadcastThresholdProgress ||
383 TimeTicks::Now() - last_notify_time_ >=
384 TimeDelta::FromSeconds(kBroadcastThresholdSeconds)) {
385 download_progress_ = progress;
386 SetStatusAndNotify(status_);
387 }
388 }
389
UpdateBootFlags()390 void UpdateAttempterAndroid::UpdateBootFlags() {
391 if (updated_boot_flags_) {
392 LOG(INFO) << "Already updated boot flags. Skipping.";
393 CompleteUpdateBootFlags(true);
394 return;
395 }
396 // This is purely best effort.
397 LOG(INFO) << "Marking booted slot as good.";
398 if (!boot_control_->MarkBootSuccessfulAsync(
399 Bind(&UpdateAttempterAndroid::CompleteUpdateBootFlags,
400 base::Unretained(this)))) {
401 LOG(ERROR) << "Failed to mark current boot as successful.";
402 CompleteUpdateBootFlags(false);
403 }
404 }
405
CompleteUpdateBootFlags(bool successful)406 void UpdateAttempterAndroid::CompleteUpdateBootFlags(bool successful) {
407 updated_boot_flags_ = true;
408 ScheduleProcessingStart();
409 }
410
ScheduleProcessingStart()411 void UpdateAttempterAndroid::ScheduleProcessingStart() {
412 LOG(INFO) << "Scheduling an action processor start.";
413 brillo::MessageLoop::current()->PostTask(
414 FROM_HERE,
415 Bind([](ActionProcessor* processor) { processor->StartProcessing(); },
416 base::Unretained(processor_.get())));
417 }
418
TerminateUpdateAndNotify(ErrorCode error_code)419 void UpdateAttempterAndroid::TerminateUpdateAndNotify(ErrorCode error_code) {
420 if (status_ == UpdateStatus::IDLE) {
421 LOG(ERROR) << "No ongoing update, but TerminatedUpdate() called.";
422 return;
423 }
424
425 download_progress_ = 0;
426 actions_.clear();
427 UpdateStatus new_status =
428 (error_code == ErrorCode::kSuccess ? UpdateStatus::UPDATED_NEED_REBOOT
429 : UpdateStatus::IDLE);
430 SetStatusAndNotify(new_status);
431 ongoing_update_ = false;
432
433 for (auto observer : daemon_state_->service_observers())
434 observer->SendPayloadApplicationComplete(error_code);
435 }
436
SetStatusAndNotify(UpdateStatus status)437 void UpdateAttempterAndroid::SetStatusAndNotify(UpdateStatus status) {
438 status_ = status;
439 size_t payload_size =
440 install_plan_.payloads.empty() ? 0 : install_plan_.payloads[0].size;
441 for (auto observer : daemon_state_->service_observers()) {
442 observer->SendStatusUpdate(
443 0, download_progress_, status_, "", payload_size);
444 }
445 last_notify_time_ = TimeTicks::Now();
446 }
447
BuildUpdateActions(const string & url)448 void UpdateAttempterAndroid::BuildUpdateActions(const string& url) {
449 CHECK(!processor_->IsRunning());
450 processor_->set_delegate(this);
451
452 // Actions:
453 shared_ptr<InstallPlanAction> install_plan_action(
454 new InstallPlanAction(install_plan_));
455
456 HttpFetcher* download_fetcher = nullptr;
457 if (FileFetcher::SupportedUrl(url)) {
458 DLOG(INFO) << "Using FileFetcher for file URL.";
459 download_fetcher = new FileFetcher();
460 } else {
461 #ifdef _UE_SIDELOAD
462 LOG(FATAL) << "Unsupported sideload URI: " << url;
463 #else
464 LibcurlHttpFetcher* libcurl_fetcher =
465 new LibcurlHttpFetcher(&proxy_resolver_, hardware_);
466 libcurl_fetcher->set_server_to_check(ServerToCheck::kDownload);
467 download_fetcher = libcurl_fetcher;
468 #endif // _UE_SIDELOAD
469 }
470 shared_ptr<DownloadAction> download_action(
471 new DownloadAction(prefs_,
472 boot_control_,
473 hardware_,
474 nullptr, // system_state, not used.
475 download_fetcher)); // passes ownership
476 shared_ptr<FilesystemVerifierAction> filesystem_verifier_action(
477 new FilesystemVerifierAction());
478
479 shared_ptr<PostinstallRunnerAction> postinstall_runner_action(
480 new PostinstallRunnerAction(boot_control_, hardware_));
481
482 download_action->set_delegate(this);
483 download_action->set_base_offset(base_offset_);
484 download_action_ = download_action;
485 postinstall_runner_action->set_delegate(this);
486
487 actions_.push_back(shared_ptr<AbstractAction>(install_plan_action));
488 actions_.push_back(shared_ptr<AbstractAction>(download_action));
489 actions_.push_back(shared_ptr<AbstractAction>(filesystem_verifier_action));
490 actions_.push_back(shared_ptr<AbstractAction>(postinstall_runner_action));
491
492 // Bond them together. We have to use the leaf-types when calling
493 // BondActions().
494 BondActions(install_plan_action.get(), download_action.get());
495 BondActions(download_action.get(), filesystem_verifier_action.get());
496 BondActions(filesystem_verifier_action.get(),
497 postinstall_runner_action.get());
498
499 // Enqueue the actions.
500 for (const shared_ptr<AbstractAction>& action : actions_)
501 processor_->EnqueueAction(action.get());
502 }
503
WriteUpdateCompletedMarker()504 bool UpdateAttempterAndroid::WriteUpdateCompletedMarker() {
505 string boot_id;
506 TEST_AND_RETURN_FALSE(utils::GetBootId(&boot_id));
507 prefs_->SetString(kPrefsUpdateCompletedOnBootId, boot_id);
508 return true;
509 }
510
UpdateCompletedOnThisBoot()511 bool UpdateAttempterAndroid::UpdateCompletedOnThisBoot() {
512 // In case of an update_engine restart without a reboot, we stored the boot_id
513 // when the update was completed by setting a pref, so we can check whether
514 // the last update was on this boot or a previous one.
515 string boot_id;
516 TEST_AND_RETURN_FALSE(utils::GetBootId(&boot_id));
517
518 string update_completed_on_boot_id;
519 return (prefs_->Exists(kPrefsUpdateCompletedOnBootId) &&
520 prefs_->GetString(kPrefsUpdateCompletedOnBootId,
521 &update_completed_on_boot_id) &&
522 update_completed_on_boot_id == boot_id);
523 }
524
525 } // namespace chromeos_update_engine
526