forced_fdr/
lib.rs

1// Copyright 2019 The Fuchsia Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5//! Triggers a forced fdr by comparing the configured
6//! index against the stored index
7
8use anyhow::{format_err, Context as _, Error};
9use fidl_fuchsia_recovery::{FactoryResetMarker, FactoryResetProxy};
10use fidl_fuchsia_update_channel::{ProviderMarker, ProviderProxy};
11use fuchsia_component::client::connect_to_protocol;
12use log::{info, warn};
13use serde::{Deserialize, Serialize};
14use std::collections::HashMap;
15use std::fs;
16use std::fs::File;
17use std::path::PathBuf;
18
19const DEVICE_INDEX_FILE: &str = "stored-index.json";
20const CONFIGURED_INDEX_FILE: &str = "forced-fdr-channel-indices.config";
21
22#[derive(Serialize, Deserialize, Debug)]
23#[serde(tag = "version", content = "content", deny_unknown_fields)]
24enum ChannelIndices {
25    #[serde(rename = "1")]
26    Version1 { channel_indices: HashMap<String, i32> },
27}
28
29#[derive(Serialize, Deserialize, Debug)]
30#[serde(tag = "version", content = "content", deny_unknown_fields)]
31enum StoredIndex {
32    #[serde(rename = "1")]
33    Version1 { channel: String, index: i32 },
34}
35
36struct ForcedFDR {
37    data_dir: PathBuf,
38    config_data_dir: PathBuf,
39    info_proxy: ProviderProxy,
40    factory_reset_proxy: FactoryResetProxy,
41}
42
43impl ForcedFDR {
44    fn new() -> Result<Self, Error> {
45        let info_proxy = connect_to_protocol::<ProviderMarker>()?;
46        let factory_reset_proxy = connect_to_protocol::<FactoryResetMarker>()?;
47
48        Ok(ForcedFDR {
49            data_dir: "/data".into(),
50            config_data_dir: "/config/data".into(),
51            info_proxy,
52            factory_reset_proxy,
53        })
54    }
55
56    #[cfg(test)]
57    fn new_mock(
58        data_dir: PathBuf,
59        config_data_dir: PathBuf,
60    ) -> (
61        Self,
62        fidl_fuchsia_update_channel::ProviderRequestStream,
63        fidl_fuchsia_recovery::FactoryResetRequestStream,
64    ) {
65        let (info_proxy, info_stream) =
66            fidl::endpoints::create_proxy_and_stream::<ProviderMarker>();
67        let (fdr_proxy, fdr_stream) =
68            fidl::endpoints::create_proxy_and_stream::<FactoryResetMarker>();
69
70        (
71            ForcedFDR { data_dir, config_data_dir, info_proxy, factory_reset_proxy: fdr_proxy },
72            info_stream,
73            fdr_stream,
74        )
75    }
76}
77
78/// Performs a Factory Data Reset(FDR) on the device "if necessary."
79///
80/// Necessity is determined by comparing the index stored in
81/// `forced-fdr-channel-indices.config` for the device's ota channel against
82/// an index written into storage that represents the last successful FDR.
83/// `forced-fdr-channel-indices.config` is provided on a per board basis using
84/// config-data.
85///
86/// # Errors
87///
88/// There are numerous cases (config missing, failed to read file, ...)
89/// where the library is unable to determine if an FDR is necessary. In
90/// all of these cases, the library will *not* FDR.
91pub async fn perform_fdr_if_necessary() {
92    perform_fdr_if_necessary_impl().await.unwrap_or_else(|err| info!(tag = "forced-fdr", err:?; ""))
93}
94
95async fn perform_fdr_if_necessary_impl() -> Result<(), Error> {
96    let forced_fdr = ForcedFDR::new().context("Failed to connect to required services")?;
97    run(forced_fdr).await
98}
99
100async fn run(fdr: ForcedFDR) -> Result<(), Error> {
101    let current_channel =
102        get_current_channel(&fdr).await.context("Failed to get current channel")?;
103
104    let channel_indices = get_channel_indices(&fdr).context("Channel indices not available")?;
105
106    if !is_channel_in_allowlist(&channel_indices, &current_channel) {
107        return Err(format_err!("Not in forced FDR allowlist"));
108    }
109
110    let channel_index = get_channel_index(&channel_indices, &current_channel)
111        .ok_or_else(|| format_err!("Not in forced FDR allowlist."))?;
112
113    let device_index = match get_stored_index(&fdr, &current_channel) {
114        Ok(index) => index,
115        Err(err) => {
116            info!(err:%; "Unable to read stored index");
117            // The device index is missing so it should be
118            // written in preparation for the next FDR ota.
119            // The index will always be missing right after
120            // an FDR.
121            return write_stored_index(&fdr, &current_channel, channel_index)
122                .context("Failed to write device index");
123        }
124    };
125
126    if device_index >= channel_index {
127        return Err(format_err!("FDR not required"));
128    }
129
130    trigger_fdr(&fdr).await.context("Failed to trigger FDR")?;
131
132    Ok(())
133}
134
135fn get_channel_indices(fdr: &ForcedFDR) -> Result<HashMap<String, i32>, Error> {
136    let f = open_channel_indices_file(fdr)?;
137    match serde_json::from_reader(std::io::BufReader::new(f))? {
138        ChannelIndices::Version1 { channel_indices } => Ok(channel_indices),
139    }
140}
141
142fn open_channel_indices_file(fdr: &ForcedFDR) -> Result<File, Error> {
143    Ok(fs::File::open(fdr.config_data_dir.join(CONFIGURED_INDEX_FILE))?)
144}
145
146async fn get_current_channel(fdr: &ForcedFDR) -> Result<String, Error> {
147    Ok(fdr.info_proxy.get_current().await?)
148}
149
150fn is_channel_in_allowlist(allowlist: &HashMap<String, i32>, channel: &String) -> bool {
151    allowlist.contains_key(channel)
152}
153
154fn get_channel_index(channel_indices: &HashMap<String, i32>, channel: &String) -> Option<i32> {
155    channel_indices.get(channel).copied()
156}
157
158async fn trigger_fdr(fdr: &ForcedFDR) -> Result<i32, Error> {
159    warn!("Triggering FDR. SSH keys will be lost");
160    Ok(fdr.factory_reset_proxy.reset().await?)
161}
162
163fn get_stored_index(fdr: &ForcedFDR, current_channel: &String) -> Result<i32, Error> {
164    let f = open_stored_index_file(fdr)?;
165    match serde_json::from_reader(std::io::BufReader::new(f))? {
166        StoredIndex::Version1 { channel, index } => {
167            // The channel has been changed, and thus nothing can be assumed.
168            // Report error so the file will be replaced with the file for
169            // the new channel.
170            if *current_channel != channel {
171                return Err(format_err!("Mismatch between stored and current channel"));
172            }
173
174            Ok(index)
175        }
176    }
177}
178
179fn open_stored_index_file(fdr: &ForcedFDR) -> Result<File, Error> {
180    Ok(fs::File::open(fdr.data_dir.join(DEVICE_INDEX_FILE))?)
181}
182
183fn write_stored_index(fdr: &ForcedFDR, channel: &String, index: i32) -> Result<(), Error> {
184    info!("Writing index {} for channel {}", index, channel);
185    let stored_index = StoredIndex::Version1 { channel: channel.to_string(), index };
186    let contents = serde_json::to_string(&stored_index)?;
187    fs::write(fdr.data_dir.join(DEVICE_INDEX_FILE), contents)?;
188    Ok(())
189}
190
191#[cfg(test)]
192mod forced_fdr_test;