This CL fixes issues where a tagged metainstaller does not:
* elevate when run with needsadmin=true|prefers from medium integrity.
* deelevate when run with needsadmin=false from high integrity.
This CL also adds detailed steps to create a tagged metainstaller in
the design document.
Bug: 1370538
Change-Id: I1f00846a080158e21805ef88e15e133feb35f095
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3936957
Commit-Queue: S Ganesh <ganesh@chromium.org>
Reviewed-by: Xiaoling Bao <xiaolingbao@chromium.org>
Commit-Queue: Xiaoling Bao <xiaolingbao@chromium.org>
Auto-Submit: S Ganesh <ganesh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1055593}
1. Update IDL files for all 6 flavors (CPU_ARCH x IS_CHROME_BRANDED).
2. Build a smaller GN target
(`chrome/updater/app/server/win:updater_idl_idl_idl_action` vs
`chrome/updater:all`)
Bug: 1353883
Change-Id: I7cc55655edfb74f644d32b44d25c6bbf7217fdc6
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3835274
Commit-Queue: Xiaoling Bao <xiaolingbao@chromium.org>
Reviewed-by: S Ganesh <ganesh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1036310}
This change makes the testing story simpler, and allows for
non-branded builds to use the legacy COM classes and interfaces.
The branded and non-branded builds use different GUIDs for the legacy
COM classes and interfaces.
For cross compilation reasons, the IDL files are generated with
different names for chrome-branded and open source. The common template
`updater_legacy_idl.template` is copied to the appropriately suffixed
template under the gen dir, and that copied template is used to then
generate the MIDL output with substitutible `defines` such as
`UPDATER_LEGACY_LIB_UUID` in the `midl("updater_legacy_idl_idl")`
action.
### How to generate the cross-compilation IDL COM headers and TLB
files
6 different build flavors need to be built in sequence as outlined
below. Each of those builds will generate the corresponding IDL files
and stop with a message to copy the files. Here is an example output
to copy generated files. After copying the files, the next step is to build the next build flavor and copy those files, until all build flavors are built:
```
midl.exe output different from files in
gen/chrome/updater/app/server/win, see C:\src\temp\tmppbfwi0ds
To rebaseline:
copy /y C:\src\temp\tmppbfwi0ds\* c:\src\chromium\src\third_party\win_build_output\midl\chrome\updater\
app\server\win\x64
ninja: build stopped: subcommand failed.
```
```
* call gn gen out\ChromeBrandedDebug "--args=target_cpu=\"arm64\"
use_goma=true is_chrome_branded=true is_debug=true enable_nacl=false
blink_symbol_level=0 v8_symbol_level=0"
* autoninja -C out\ChromeBrandedDebug chrome/updater:all
* copy the generated files
* call gn gen out\ChromeBrandedDebug "--args=target_cpu=\"x64\"
use_goma=true is_chrome_branded=true is_debug=true enable_nacl=false
blink_symbol_level=0 v8_symbol_level=0"
* autoninja -C out\ChromeBrandedDebug chrome/updater:all
* copy the generated files
* call gn gen out\ChromeBrandedDebug "--args=target_cpu=\"x86\"
use_goma=true is_chrome_branded=true is_debug=true enable_nacl=false
blink_symbol_level=0 v8_symbol_level=0"
* autoninja -C out\ChromeBrandedDebug chrome/updater:all
* copy the generated files
* call gn gen out\Default "--args=target_cpu=\"arm64\" use_goma=true
is_chrome_branded=false is_debug=true enable_nacl=false
blink_symbol_level=0 v8_symbol_level=0"
* autoninja -C out\Default chrome/updater:all
* copy the generated files
* call gn gen out\Default "--args=target_cpu=\"x64\" use_goma=true
is_chrome_branded=false is_debug=true enable_nacl=false
blink_symbol_level=0 v8_symbol_level=0"
* autoninja -C out\Default chrome/updater:all
* copy the generated files
* call gn gen out\Default "--args=target_cpu=\"x86\" use_goma=true
is_chrome_branded=false is_debug=true enable_nacl=false
blink_symbol_level=0 v8_symbol_level=0"
* autoninja -C out\Default chrome/updater:all
* copy the generated files
```
Bug: 1255965,1348293
Change-Id: Id411940e3a0d7ae46f0e3c57724b61751ba7b4a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3795492
Auto-Submit: S Ganesh <ganesh@chromium.org>
Commit-Queue: Xiaoling Bao <xiaolingbao@chromium.org>
Reviewed-by: Xiaoling Bao <xiaolingbao@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1030420}
For each application that needs to be deployed via the updater, the
policy for that application can be set to either `Force installs (system
wide)` or `Force installs (per user)`.
The updater is then expected to download and install the application on
all machines where the policy is deployed, and where the application is
not already installed.
Bug: 1347562
Change-Id: I2ec00244202b64b7c1ba18d0439bc9e59ed08cac
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3788901
Commit-Queue: S Ganesh <ganesh@chromium.org>
Reviewed-by: Xiaoling Bao <xiaolingbao@google.com>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1028971}
This CL implements the legacy Omaha3 IPolicyStatus2 and
IPolicyStatusValue interfaces, which return the current updater policies
for external constants, group policy, and device management.
Bug: 1293203
Change-Id: Idd1cd18ecdab353b1d1505d05c3bdad8b07a4d60
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3778356
Commit-Queue: S Ganesh <ganesh@chromium.org>
Reviewed-by: Xiaoling Bao <xiaolingbao@google.com>
Cr-Commit-Position: refs/heads/main@{#1026838}
/enterprise should disable pings in offline installs. However, it turns
out that no pings are actually sent for offline installs yet, so this
just hooks up some of the plumbing.
Also fixes a DCHECK that is too strict.
Fixed: 1286582
Change-Id: I0639fd0328a266087fee5269a2b167181bf951a8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3773537
Auto-Submit: Joshua Pawlicki <waffles@chromium.org>
Commit-Queue: Joshua Pawlicki <waffles@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1026389}
This change adds restrictions on system updater COM callers that are
CoCreating the active or internal COM classes, because the interfaces
exposed allow for unrestricted functionality, such as installing any app
that the updater supports.
With this change, COM callers for the system active or internal
COM classes need to be admin, otherwise COM creation will fail with
E_ACCESSDENIED.
The legacy COM classes allow non-admin callers because the interfaces
only expose functionality that non-admin callers need.
Bug: 1343119
Change-Id: I6d6dfd754d2e1d7003620876b6fa1e6945d53d0d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3750851
Commit-Queue: S. Ganesh <ganesh@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1023308}
In addition, this CL:
* creates specific version resources for updater and updater_test
* deletes an unused data file
This CL changes the tests to run updater.exe instead of
updater_test.exe. This is done in one unit test and in the Uninstall()
of the integration tests. Running updater.exe everywhere simplifies
the code in a future CL where processes are killed in between
successive unit tests runs.
Bug: 1241276
Change-Id: I9d97fd120748c296a8830428b8e5d2396fb476a9
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3751877
Auto-Submit: Sorin Jianu <sorin@chromium.org>
Reviewed-by: S. Ganesh <ganesh@chromium.org>
Commit-Queue: S. Ganesh <ganesh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1022313}
This change makes `IProcessLauncher::LaunchCmdElevated` more secure,
because it now uses the command line processing that `AppCommandRunner`
implements, including restrictions around the executable being under
%ProgramFiles% and not having any replaceable parameters.
Bug: 1256944
Change-Id: I2d7d2b92c25211ccf821932d49524e0991bc25ef
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3749606
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Commit-Queue: S. Ganesh <ganesh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1021835}
`command format` can now optionally contain a single substitutible
parameter, which is filled in with the OS versions in the format
`{Previous OS Version}-{Current OS Version}`. It is ok to have a static
command line as well if the OS versions information is not required.
Bug: 1316682
Change-Id: I0b2e379dcaa89024664a41bd2d153dfc65cc88d3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3731212
Reviewed-by: Xiaoling Bao <xiaolingbao@chromium.org>
Commit-Queue: S. Ganesh <ganesh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1018754}
These additions complete the imports from the O3/Keystone functional
spec brainstorm doc. Everything in that document is now either tracked
here (potentially as a TODO), rejected from O4, or referenced by a P3
crbug (and is not critical to ship).
Bug: 1316098
Change-Id: I8803352b615caa8bf3408b05f913433b3071a0bb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3724187
Commit-Queue: Joshua Pawlicki <waffles@chromium.org>
Auto-Submit: Joshua Pawlicki <waffles@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1018214}
The AutoRunOnOsUpgrade task runs AutoRunOnOSUpgrade app commands
registered for the updater apps on Windows as a part of the update
service's periodic tasks.
Bug: 1316682
Change-Id: I2eb918f165b5ffd484c125dcf4f3033a1bc2f5cb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3717426
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Reviewed-by: Joshua Pawlicki <waffles@chromium.org>
Commit-Queue: S. Ganesh <ganesh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1017895}
The chrome builders are not joined to a domain, so the
`IntegrationTest.LegacyUpdate3Web` test fails. This change allows for
the test to run as if it were joined to a domain, which allows the test
to succeed. In addition, with using external constants, the registry
is not a constraint anymore, and arbitrary group policies can be set.
Bug: 1325740
Change-Id: I27cf7fc740d14284edb44c888992761cb41bde82
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3654538
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Commit-Queue: S. Ganesh <ganesh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1006065}
This is a reland of 52f9fae524
Original change's description:
> Move //chrome/updater metainstaller RC file strings to grd
>
> To take advantage of the chromium.src infrastructure for translations,
> move the existing string resources in
> //chrome/updater/win/ui/resources/resources_en.rc to
> chromium_strings.grd. During the build, utilize generate_embedded_i18n
> along with a Python file detailing which string IDs to pick to embed the
> translated strings into the metainstaller itself.
>
> Bug: 1281969
> Change-Id: I949da93e9b3833f78cb034d7f2eedefce091d772
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3579733
> Reviewed-by: Joshua Pawlicki <waffles@chromium.org>
> Reviewed-by: Sorin Jianu <sorin@chromium.org>
> Commit-Queue: Dong Sung Chang <donchan@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#992665}
Bug: 1281969
Change-Id: I76f29e1684dd00abc2787db9ce0e828cd7cbdc43
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3587453
Commit-Queue: Dong Sung Chang <donchan@microsoft.com>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Cr-Commit-Position: refs/heads/main@{#992760}
To take advantage of the chromium.src infrastructure for translations,
move the existing string resources in
//chrome/updater/win/ui/resources/resources_en.rc to
chromium_strings.grd. During the build, utilize generate_embedded_i18n
along with a Python file detailing which string IDs to pick to embed the
translated strings into the metainstaller itself.
Bug: 1281969
Change-Id: I949da93e9b3833f78cb034d7f2eedefce091d772
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3579733
Reviewed-by: Joshua Pawlicki <waffles@chromium.org>
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Commit-Queue: Dong Sung Chang <donchan@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#992665}
If needsadmin=prefers, updater setup first tries to elevate to install
as system, and if elevation fails, it tries to install as an user app.
No prompt is shown to the user.
Bug: 1311354
Change-Id: I4f2c3739b3e0ae2ac000637e09d37170d2732aea
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3577989
Reviewed-by: Sorin Jianu <sorin@chromium.org>
Commit-Queue: S. Ganesh <ganesh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#990688}
