update_engine: Fall back to DeviceMinimumVersion
If the kiosk's required Chrome OS version can not be read several times
and DeviceMinimumVersionis set, update only if the current version is
below the DeviceMinimumVersion.
This a very conservative approach at preventing kiosks from updating
randomly:
- It only affects kiosk devices.
- It only affects devices that have DeviceMinimumVersion set, others
will still simply update once the kiosk version could not be fetched
several times.
BUG=chromium:1084453
TEST=FEATURES=test emerge-amd64-generic update_engine
TEST=Set policies on DUT and check behavior
Change-Id: I82caf4bf4969959e461a218a916f057ea73946ad
Reviewed-on: https://chromium-review.googlesource.com/c/aosp/platform/system/update_engine/+/2416628
Tested-by: Miriam Polzer <mpolzer@google.com>
Commit-Queue: Miriam Polzer <mpolzer@google.com>
Reviewed-by: Amin Hassani <ahassani@chromium.org>
diff --git a/update_manager/system_provider.h b/update_manager/system_provider.h
index 13e188b..8eb14e3 100644
--- a/update_manager/system_provider.h
+++ b/update_manager/system_provider.h
@@ -17,6 +17,10 @@
#ifndef UPDATE_ENGINE_UPDATE_MANAGER_SYSTEM_PROVIDER_H_
#define UPDATE_ENGINE_UPDATE_MANAGER_SYSTEM_PROVIDER_H_
+#include <string>
+
+#include <base/version.h>
+
#include "update_engine/update_manager/provider.h"
#include "update_engine/update_manager/variable.h"
@@ -46,6 +50,9 @@
// with zero delay kiosk app if any.
virtual Variable<std::string>* var_kiosk_required_platform_version() = 0;
+ // Chrome OS version number as provided by |ImagePropeties|.
+ virtual Variable<base::Version>* var_chromeos_version() = 0;
+
protected:
SystemProvider() {}