blob: ed93cc80046650378946172e663235dcd01f7edc [file] [log] [blame]
# Copyright 2017 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
description "Report UMA statistics for completed TPM firmware updates"
author ""
start on started system-services
# Report updater status for this boot. The updater's status code
# gets written to the tpm-firmware-updater.status file by the
# tpm-firmware-update init job that runs during early boot.
status="$(cat /run/tpm-firmware-updater.status || :)"
if [ -n "${status}" ]; then
metrics_client -s Platform.TPM.FirmwareUpdate.Status "$((status))"
rm -f /run/tpm-firmware-updater.status
# Read firmware update parameters directly from VPD instead of
# looking at the cache. This is necessary in case they were modified
# during recovery, which may leave the cache out of sync.
vpd_params="$(vpd -i RW_VPD -g tpm_firmware_update_params | tr ',' '\n')"
# Decode key-value pairs.
while IFS=":" read -r key value; do
echo "${key}" | tr '[:upper:] ' '[:lower:]_' | tr -cd '[:alnum:]_-')"
sanitized_value="$(echo "${value}" | tr -cd '[:alnum:]._-')"
readonly "vpd_param_${sanitized_key}=${sanitized_value}"
done <<EOF
# Don't report any metrics if dryrun is on.
if [ "${vpd_param_dryrun}" = "1" ]; then
# Report appropriate metrics for terminal states.
case "${vpd_param_mode}" in
# Successful update. Look at the number of attempts to see
# whether it went smoothly or not. More than one attempt
# indicates a successful retry in recovery mode.
if [ "${vpd_param_attempts}" = "1" ]; then
metrics_client -e Platform.TPM.FirmwareUpdate.Result 0 3
metrics_client -e Platform.TPM.FirmwareUpdate.Result 1 3
metrics_client -e Platform.TPM.FirmwareUpdate.Attempts \
"${vpd_param_attempts}" 10
# Failed updater run that however didn't cause subsequent boot
# failure (otherwise being here indicates we've gone through
# successful retry in recovery mode, which should have flipped
# mode to "complete".
metrics_client -e Platform.TPM.FirmwareUpdate.Result 2 3
# Bail out to avoid deleting the VPD key in non-terminal states.
# Clear the VPD so we don't report again.
vpd -i RW_VPD -d tpm_firmware_update_params
end script