| Age | Commit message (Collapse) | Author |
|---|
|
For Virtual AB Compression, we need to mount snapshotted partitions
manually.
Test: treehugger
Change-Id: I15af8375e393ce2539d2075b467e8dbe94bec247
|
|
Done with:
git merge cros/upstream --commit -s recursive
- Added EC key support and its unittests.
- Resolved a conlict on error codes. Since Android versions are not
uploading any UMA metrics, I gave the priority to the Android version
Since they can't be changed.
- Changed the openssl functions to get1 version (from get0) version
because of a current issue with gale. Once the issue is resolved we
need to change them back.
- Some remaining styling issues fixed by clang-format
BUG=b:163153182
TEST=CQ passes
TEST=unittests
Change-Id: Ib95034422b92433ce26e28336bc4806b34910d38
|
|
It's a merge from chrome OS with some reverts.
1. the fd watcher change, because the libbrillo version isn't
compatible in aosp.
commit 6955bcc4ffe4cc9d62a88186b9a7e75d095a7897
commit 493fecb3f48c8478fd3ef244d631d857730dd14d
2. two libcurl unittest. Because the RunOnce() of the fake message
loop seems to have different behavior in aosp.
commit d3d84218cafbc1a95e7d6bbb775b495d1bebf4d2
Put preprocessor guards to use the old code in aosp. And we can
switch to the new code in the other path after adopting the new
libbrillo & libchrome.
Test: unit tests pass, apply an OTA
Change-Id: Id613599834b0f44f92841dbeae6303601db5490d
|
|
When updates are complete, currently all the AppIDs within the request
parameter are considered to be updated. This however is not true with
exclusions as non-critical AppIDs (e.g. DLCs) can be excluded. This
change sends the correct event for |kTypeUpdateComplete| event type.
BUG=chromium:928805
TEST=FEATURES=test emerge-$B update_engine update_engine-client
Change-Id: I8c21721688fb8a6501316cb87bd0a6f8e005b7ae
Reviewed-on: https://chromium-review.googlesource.com/c/aosp/platform/system/update_engine/+/2247489
Tested-by: Jae Hoon Kim <kimjae@chromium.org>
Reviewed-by: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
Auto-Submit: Jae Hoon Kim <kimjae@chromium.org>
Commit-Queue: Andrew Lassalle <andrewlassalle@chromium.org>
|
|
Changes applied include:
Replace arraysize by base::size.
Replace base::MessageLoop::current()->task_runner by
base::ThreadTaskRunnerHandle::Get, and
base::MessageLoopForIO::current by base::MessageLoopCurrent::IsSet.
Remove use of base::ContainsKey.
Replace base::Int{,64}ToString by base::NumberTostring.
The changes are all compatible with current libchrome r576279.
BUG=chromium:1054279
TEST=unittest
Change-Id: Ibb6027a5070e0e2d4554a6684350168542fedf5e
Reviewed-on: https://chromium-review.googlesource.com/c/aosp/platform/system/update_engine/+/2065691
Reviewed-by: Amin Hassani <ahassani@chromium.org>
Tested-by: Qijiang Fan <fqj@google.com>
Commit-Queue: Qijiang Fan <fqj@google.com>
|
|
This error code indicates the device is corrupted in a way
that it can no longer receive any future updates. Specifically, if a
device encounters a merge error, there is no way we can recover that
device.
Test: pass
Bug: 138808328
Change-Id: Idbd9d1bc5bc02bbba157f17f31b2c5ace839243c
|
|
Virtual A/B now requires space in userdata, which may not be enough
during OTA. A kNotEnoughSpace error code is added to indicate such case.
Bug: 138808328
Test: builds
Change-Id: I6bf7964911c8eb3b9df9b8752018925a99876d0f
|
|
Add to ErrorCode and metrics::DownloadErrorCode:
- kInternalLibCurlError
- kUnresolvedHostError
- kUnresolvedHostRecovered
Test: builds
Change-Id: Ibe11c02137860aed583b00b7e05b089ef84edb03
|
|
Whenever we are dealing with some problem that require defining error
codes and sending UMA metrics, we need to define a new ErrorCode enum
value. These error codes then will be used to send which UMA metric
value to send. Some of the UMA metrics seems to have circumvent this
process by introducing their own error codes without adding them to the
global list of error codes.
This CL introduces three new error codes:
- kInternalLibCurlError
- kUnresolvedHostError
- kUnresolvedHostRecovered (Technically not an error code, but fits the
description and use case of it.)
That are then translated to the UMA metric values we send for
DownloadErrorCode.
In addition, this CL moves the responsibility of sending these UMA
metrics from LibCurlHttpFetcher to OmahaRequestAction which is the more
correct place to send it because that's where the operations are
completed (success or failure) and we can safely decide on the value of
UMA without risking to send overlapping or duplicated metrics.
For example, previously we send kInternalLibCurlError in conjunction
with the kUnresolvedHostError. But doing this can hide the fact that
these two error codes might be related and caused by the same underlying
issue.
Same goes for kUnresolvedHostError and kUnresolvedHosRecovered. If we
send both these metrics at the same time, then we need to subtract the
number of kUnresolvedHosRecovered from kUnresolvedHostError to figure out
the number of unresolved host errors that did not recover. By
exclusively sending one or another. We can see exactly how many are
recovered and how many did not. Although this might change the meaning
of kUnresolvedHostError metric, in the long term it will not be an issue
as all the results will converge to the new behavior.
The enum.xml (chrome) is updated in crrev.com/c/1774101
BUG=None
TEST=cros_workon_make --board=amd64-generic --test --noreconf update_engine
Change-Id: I3c7bb5f6159a0bc3a37d55666572b9cd6730f3cb
Reviewed-on: https://chromium-review.googlesource.com/c/aosp/platform/system/update_engine/+/1759544
Reviewed-by: Nicolas Norvez <norvez@chromium.org>
Tested-by: Amin Hassani <ahassani@chromium.org>
Commit-Queue: Amin Hassani <ahassani@chromium.org>
|
|
BUG=none
TEST=unittest
Change-Id: Icdaf5017e03a197bc576f08f4b8dcdd00cff217c
Reviewed-on: https://chromium-review.googlesource.com/1407541
Commit-Ready: Amin Hassani <ahassani@chromium.org>
Tested-by: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Sen Jiang <senj@chromium.org>
|
|
Calculate verity hash tree in FilesystemVerifierAction based on configs
specified in protobuf, and write it to target partition before reading
from those blocks.
A new error code kVerityCalculationError was added to report error if
it fails.
Bug: 28171891
Test: update_engine_unittests
Change-Id: I492885a0655bf51043902f578720fffd87e6a3cf
|
|
The following change is reverted because aosp has newer libchrome.
71818c84 Partially Revert 2b9d241
Added stub override for ReportInternalErrorCode().
Fixed RunPosinstallAction typo.
Bug: 112326236
Test: update_engine_unittests
Change-Id: Ieaae0eef425cbb1278067a48aa19b14ed056317a
|
|
Currently we see many first actives to come from non-FSI images. But we have not
been able to figure out why. This CL, reports a new error
kFirstActiveOmahaPingSentPersistenceError when writing the first active omaha
flag into VPD fails. This allows us to see if that is the actual cause of the
problem.
CL:1062659 adds the enum value on the Chrome side.
BUG=chromium:833980
TEST=unittests
TEST=precq
Change-Id: I65e233c5f895489ba905494fb20d7b00d0c4af10
Reviewed-on: https://chromium-review.googlesource.com/1062662
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>
|
|
Omaha returns whether the image returned is a rollback in the
_rollback="true" argument. If this is set, the client has to check
whether it's OK to apply the rollback image (policy is specifically
requesting a rollback and verified boot will accept the image based
on its kernel and firmware key versions).
In addition to this, the device has to do a safe powerwash if the
image is a rollback. (We're not supporting rollbacks with partial
or no powerwash yet.)
We're also setting the rollback_happened preference to avoid force
updates happening before the policy is available again.
Chromium CL adding the error code: http://crrev.com/c/1047866
BUG=chromium:840432
TEST='cros_run_unit_tests --board=caroline --packages update_engine'
Change-Id: I1436ca96211b2a8523e78bf83602ef8b6b525570
Reviewed-on: https://chromium-review.googlesource.com/1047610
Commit-Ready: Marton Hunyady <hunyadym@chromium.org>
Tested-by: Marton Hunyady <hunyadym@chromium.org>
Reviewed-by: Amin Hassani <ahassani@chromium.org>
|
|
PayloadState does not get notified if there's no update, so the error
code will not be updated, move this to UpdateAttempter.
We were using the generic kError for no update, this change added a
new error code kNoUpdate for this, now update_engine_client will show
kNoUpdate instead of kSuccess or a random last error.
Bug: 36946608
Test: update_engine_client --check_for_update --follow
Change-Id: Ie1e94841788437140e0894dc2e73c314a7564108
(cherry picked from commit 89e24c11b406fe048382bdf1c89334e10417b899)
Reviewed-on: https://chromium-review.googlesource.com/1055857
Commit-Ready: Amin Hassani <ahassani@chromium.org>
Tested-by: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Nicolas Norvez <norvez@chromium.org>
Reviewed-by: Sen Jiang <senj@chromium.org>
|
|
am: 832c9f574c
Change-Id: I6d806ea15c34fabb89e3cc55ba357fe430eeba01
|
|
PayloadState does not get notified if there's no update, so the error
code will not be updated, move this to UpdateAttempter.
We were using the generic kError for no update, this change added a
new error code kNoUpdate for this, now update_engine_client will show
kNoUpdate instead of kSuccess or a random last error.
Bug: 36946608
Test: update_engine_client --check_for_update --follow
Change-Id: Ie1e94841788437140e0894dc2e73c314a7564108
|
|
This merge cherrypicks two commits that was reverted in an AOSP git merge.
4b0d6032cbb86ce488c03b31936cda31283f97e3 Add functions to allow update over cellular (including tethered connection)
840703a4cc77228e2606f45665ae3a4bd75ff7dd Fix update over cellular network on guest account
Handled multi-package response.
Ran clang-format which fixed a lot of issues in those two CLs.
BUG=chromium:815356
TEST=unittests, precq
Change-Id: I54b6763c4c54755272531b558ed7628ceb0fc6c7
Reviewed-on: https://chromium-review.googlesource.com/965267
Commit-Ready: Amin Hassani <ahassani@chromium.org>
Tested-by: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>
|
|
Set SWITCH_SLOT_ON_REBOOT=0 to skip marking new slot as active.
When ready to reboot to the new update, call applyPayload() again to
switch the slots, download will be skipped because it has already
finished, filesystem verification will always happen, and postinstall
can be skipped if it succeeded before for this update and
RUN_POST_INSTALL is set to 0.
Also removed reset update progress when update succeeded to support
reverting to current slot with resetStatus() without clearing download
progress. If the next update is a different payload then we will still
reset the progress on next update.
Bug: 35212183
Test: update_device.py --extra-headers 'SWITCH_SLOT_ON_REBOOT=0' ...
Merged-In: I52e2371ea4a9e6a6d026b4dd04bb1a60d95c9d5c
Change-Id: I52e2371ea4a9e6a6d026b4dd04bb1a60d95c9d5c
|
|
Set SWITCH_SLOT_ON_REBOOT=0 to skip marking new slot as active.
When ready to reboot to the new update, call applyPayload() again to
switch the slots, download will be skipped because it has already
finished, filesystem verification will always happen, and postinstall
can be skipped if it succeeded before for this update and
RUN_POST_INSTALL is set to 0.
Also removed reset update progress when update succeeded to support
reverting to current slot with resetStatus() without clearing download
progress. If the next update is a different payload then we will still
reset the progress on next update.
Bug: 35212183
Test: update_device.py --extra-headers 'SWITCH_SLOT_ON_REBOOT=0' ...
Merged-In: I52e2371ea4a9e6a6d026b4dd04bb1a60d95c9d5c
Change-Id: I52e2371ea4a9e6a6d026b4dd04bb1a60d95c9d5c
(cherry picked from commit e9685de187317c3bc92a2d63d3f4a40b9831f448)
|
|
Added a new field max_timestamp in the protobuf, from now on
update_engine will reject any payload without this field.
If the OS build timestamp is newer than the max_timestamp, the payload
will also be rejected to prevent downgrade.
Bug: 36232423
Test: update_engine_unittests
Merged-In: Ib20f5f35aaf41165013bada02bc8720917358237
Change-Id: Ib20f5f35aaf41165013bada02bc8720917358237
(cherry picked from commit 5011df680621eb477cad8b34f03fba5b542cc2f9)
|
|
connection)"
This reverts commit 4b0d6032cbb86ce488c03b31936cda31283f97e3.
Bug: 62366504
Test: GmsCore sees the old status code (i.e. UPDATED_NEED_REBOOT == 6).
Change-Id: I9185614a41bd621ad85e7f773b0f96919b0f70d5
|
|
- Add an update state NEED_PERMISSION_TO_UPDATE which is broadcasted along
with the update info (version and size) when |OmahaRequestAction| aborts
update due to cellular connection. So the state transition will be:
IDLE->CHECKING_FOR_UPDATE->NEED_PERMISSION_TO_UPDATE->REPORTING_ERROR_EVENT
->IDLE
(The Chrome UI prompts an alert window showing update size and asks user
whether to proceed upon receiving this state.)
- Add a dbus interface to set update over cellular target
(kPrefsUpdateOverCellularTargetVersion and kPrefsUpdateOverCellularTargetSize).
The target is the one received by Chrome UI in NEED_PERMISSION_TO_UPDATE
broadcast. By sending the target back with the dbus call, update engine can
double check the target with the server to make sure there's no new server
push after NEED_PERMISSION_TO_UPDATE is broadcasted to Chrome UI.
(This dbus call is invoked when the user chooses to proceed to update at the
alert window. The dbus call is followed by another dbus call |AttemptUpdate|)
- So, the the decision tree as to whether to allow update over cellular
connection has changed to:
IF (device policy DeviceUpdateAllowedConnectionTypes set)
follow device policy's decision
ELSE IF (kPrefsUpdateOverCellularPermission set to true)
allow update
ELSE IF (Either kPrefsUpdateOverCellularTargetVersion or
kPrefsUpdateOverCellularTargetSize is not set, or they are set but do not
match the version and size in |OmahaResponse| retrieved by
|OmahaRequestAction|)
disallow update, and broadcast NEED_PERMISSION_TO_UPDATE
ELSE
allow update
ENDIF
- This decision making happens at |OmahaRequestAction| after |OmahaResponse| is
retrieved. Since we want to separate the device policy check with the user
preferences check which depends on |OmahaResponse| during checking for update,
we modify ConnectionManager::IsUpdateAllowedOver by moving the user preferences
check to |OmahaRequestAction|. Thus, the function by default returns true for
cellular connection if device policy is not set.
- Corner case:
Adding kPrefsUpdateOverCellularPermission and
kPrefsUpdateOverCellularTargetSize seems to complicate the logic here. But
they could effectively solve a corner case where the target does not match
|OmahaResponse| due to new server push after broadcasting
NEED_PERMISSION_TO_UPDATE. In that case, we simply broadcast
NEED_PERMISSION_TO_UPDATE again along with new update info.
CQ-DEPEND=CL:481102
BUG=chromium:691108
TEST='FEATURES=test emerge-link update_engine'
(cherry picked from commit 70063d9f7e229db8c5b42443ca96ac23a971a6dd)
Cherry-pick updated to compile on Android.
Reviewed-on: https://chromium-review.googlesource.com/479467
Commit-Ready: Weidong Guo <weidongg@chromium.org>
Tested-by: Weidong Guo <weidongg@chromium.org>
Reviewed-by: Weidong Guo <weidongg@chromium.org>
Reviewed-by: Andrew de los Reyes <adlr@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>
|
|
If the system has not yet completed OOBE, and Omaha returns a response
with an empty deadline field, avoid initiating a background update
because doing so may violate an enterprise policy that gets pushed
down post-enrollment.
Bug: None
BUG=chromium:587101
TEST=`FEATURES=test emerge-link chromeos-base/update_engine`
TEST=powerwash, install lsb-release file from an old stable build,
repeat OOBE, verify that download is skipped via logs, then verify
that update proceeds after logging into a standard gmail account
Change-Id: I6e6fae02c609b2763abc6e9960bf6d87dd3534e2
|
|
The update_engine_client needs to translate the numeric ErrorCode to a
string name that can be printed on the output. This patch moves the
ErrorCodeToString() function to a new error_code_utils.{h,cc} pair of
files so it can be included easily from the client binary and uses it
in the Android update_engine_client.
Bug: 25631767
Bug: 25598547
TEST=`update_engine_client --update` prints the error message in a non-Brillo device.
Change-Id: Ib40813924ec676f3e703412de90d389b2596177e
|
