File: safe_seed_manager.h

package info (click to toggle)
chromium 141.0.7390.122-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 6,246,384 kB
  • sloc: cpp: 35,265,044; ansic: 7,169,920; javascript: 4,250,185; python: 1,460,635; asm: 950,788; xml: 751,771; pascal: 187,972; sh: 89,459; perl: 88,691; objc: 79,953; sql: 53,924; cs: 44,622; fortran: 24,137; makefile: 22,313; tcl: 15,277; php: 14,018; yacc: 8,995; ruby: 7,553; awk: 3,720; lisp: 3,096; lex: 1,330; ada: 727; jsp: 228; sed: 36
file content (129 lines) | stat: -rw-r--r-- 4,805 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
 
// Copyright 2017 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef COMPONENTS_VARIATIONS_SERVICE_SAFE_SEED_MANAGER_H_
#define COMPONENTS_VARIATIONS_SERVICE_SAFE_SEED_MANAGER_H_

#include "base/memory/raw_ptr.h"
#include "base/time/time.h"

class PrefRegistrySimple;
class PrefService;

namespace variations {

struct ClientFilterableState;
class VariationsSeedStore;

enum class SeedType {
  kRegularSeed,
  kSafeSeed,
  kNullSeed,
};

// As of January 2018, users at the 99.5th percentile, across all platforms,
// tend to experience fewer than 3 consecutive crashes: [1], [2], [3], [4].
// Note, however, that this is less true for the less-stable channels on some
// platforms.
// [1] All platforms, stable channel (consistently stable):
//     https://uma.googleplex.com/timeline_v2?sid=90ac80f4573249fb341a8e49501bfcfd
// [2] Most platforms, all channels (consistently stable other than occasional
//     spikes on Canary):
//     https://uma.googleplex.com/timeline_v2?sid=7af5ba1969db76689a401f982a1db539
// [3] A less stable platform, all channels:
//     https://uma.googleplex.com/timeline_v2?sid=07dbc8e4fa9f08e332fb609309a21882
// [4] Another less stable platform, all channels:
//     https://uma.googleplex.com/timeline_v2?sid=a7b529ef5d52863fae2d216e963c4cbc
// Overall, the only {platform, channel} combinations that spike above 3
// consecutive crashes are ones with very few users, plus Canary. It's probably
// not realistic to avoid false positives for these less-stable configurations.
constexpr int kCrashStreakSafeSeedThreshold = 3;
constexpr int kCrashStreakNullSeedThreshold = 4;

// The primary class that encapsulates state for managing the safe seed.
class SafeSeedManager {
 public:
  // Creates a SafeSeedManager instance and updates a safe mode pref,
  // kVariationsFailedToFetchSeedStreak, for bookkeeping.
  explicit SafeSeedManager(PrefService* local_state);

  SafeSeedManager(const SafeSeedManager&) = delete;
  SafeSeedManager& operator=(const SafeSeedManager&) = delete;

  virtual ~SafeSeedManager();

  // Registers safe mode prefs in Local State.
  static void RegisterPrefs(PrefRegistrySimple* registry);

  // Returns the type of seed the client should use.  Uses Regular seed by
  // default, but will use Safe seed, and Null seed after continual crashes or
  // network fetch failures.
  //
  // Virtual for testing.
  virtual SeedType GetSeedType() const;

  // Stores the combined server and client state that control the active
  // variations state. May be called at most once per Chrome app launch. As an
  // optimization, should not be called when running in safe mode.
  //
  // Virtual for testing.
  virtual void SetActiveSeedState(
      const std::string& seed_data,
      const std::string& base64_seed_signature,
      int seed_milestone,
      std::unique_ptr<ClientFilterableState> client_filterable_state,
      base::Time seed_fetch_time);

  // Records that a fetch has started: pessimistically increments the
  // corresponding failure streak for safe mode.
  void RecordFetchStarted();

  // Records a successful fetch: resets the failure streaks for safe mode.
  // Writes the currently active seed to the |seed_store| as a safe seed, if
  // appropriate.
  void RecordSuccessfulFetch(VariationsSeedStore* seed_store);

 private:
  // The combined server and client state needed to save an active seed as a
  // safe seed. Not set when running in safe mode.
  struct ActiveSeedState {
    ActiveSeedState(
        const std::string& seed_data,
        const std::string& base64_seed_signature,
        int seed_milestone,
        std::unique_ptr<ClientFilterableState> client_filterable_state,
        base::Time seed_fetch_time);

    ~ActiveSeedState();

    // The serialized variations seed data.
    const std::string seed_data;

    // The base64-encoded signature for the seed data.
    const std::string base64_seed_signature;

    // The milestone with which the active seed was fetched.
    const int seed_milestone;

    // The client state which is used for filtering studies.
    const std::unique_ptr<ClientFilterableState> client_filterable_state;

    // The latest timestamp at which this seed was fetched. This is always a
    // client-side timestamp, never a server-provided timestamp.
    const base::Time seed_fetch_time;
  };

  // Accessor for active_seed_state_.
  const std::optional<ActiveSeedState>& GetActiveSeedState() const;

  // The pref service used to persist the variations seed. Weak reference; must
  // outlive |this| instance.
  raw_ptr<PrefService> local_state_;

  std::optional<ActiveSeedState> active_seed_state_;
};

}  // namespace variations

#endif  // COMPONENTS_VARIATIONS_SERVICE_SAFE_SEED_MANAGER_H_