1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_INCIDENT_REPORTING_SERVICE_H_
6 #define CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_INCIDENT_REPORTING_SERVICE_H_
12 #include "base/compiler_specific.h"
13 #include "base/macros.h"
14 #include "base/memory/ref_counted.h"
15 #include "base/memory/scoped_ptr.h"
16 #include "base/memory/scoped_vector.h"
17 #include "base/memory/weak_ptr.h"
18 #include "base/threading/thread_checker.h"
19 #include "base/time/time.h"
20 #include "base/timer/timer.h"
21 #include "chrome/browser/safe_browsing/download_protection_service.h"
22 #include "chrome/browser/safe_browsing/incident_reporting/delayed_analysis_callback.h"
23 #include "chrome/browser/safe_browsing/incident_reporting/delayed_callback_runner.h"
24 #include "chrome/browser/safe_browsing/incident_reporting/download_metadata_manager.h"
25 #include "chrome/browser/safe_browsing/incident_reporting/incident_report_uploader.h"
26 #include "chrome/browser/safe_browsing/incident_reporting/last_download_finder.h"
27 #include "content/public/browser/notification_observer.h"
28 #include "content/public/browser/notification_registrar.h"
31 class SafeBrowsingDatabaseManager
;
32 class SafeBrowsingService
;
33 class TrackedPreferenceValidationDelegate
;
40 class DownloadManager
;
41 class NotificationDetails
;
42 class NotificationSource
;
46 class URLRequestContextGetter
;
49 namespace safe_browsing
{
51 class ClientDownloadRequest
;
52 class ClientIncidentReport
;
53 class ClientIncidentReport_DownloadDetails
;
54 class ClientIncidentReport_EnvironmentData
;
55 class ClientIncidentReport_IncidentData
;
57 class IncidentReceiver
;
59 // A class that manages the collection of incidents and submission of incident
60 // reports to the safe browsing client-side detection service. The service
61 // begins operation when an incident is reported via the AddIncident method.
62 // Incidents reported from a profile that is loading are held until the profile
63 // is fully created. Incidents originating from profiles that do not participate
64 // in safe browsing are dropped. Process-wide incidents are affiliated with a
65 // profile that participates in safe browsing when one becomes available.
66 // Following the addition of an incident that is not dropped, the service
67 // collects environmental data, finds the most recent binary download, and waits
68 // a bit. Additional incidents that arrive during this time are collated with
69 // the initial incident. Finally, already-reported incidents are pruned and any
70 // remaining are uploaded in an incident report.
71 class IncidentReportingService
: public content::NotificationObserver
{
73 IncidentReportingService(SafeBrowsingService
* safe_browsing_service
,
74 const scoped_refptr
<net::URLRequestContextGetter
>&
75 request_context_getter
);
77 // All incident collection, data collection, and uploads in progress are
78 // dropped at destruction.
79 ~IncidentReportingService() override
;
81 // Returns an object by which external components can add an incident to the
82 // service. The object may outlive the service, but will no longer have any
83 // effect after the service is deleted.
84 scoped_ptr
<IncidentReceiver
> GetIncidentReceiver();
86 // Returns a preference validation delegate that adds incidents to the service
87 // for validation failures in |profile|. The delegate may outlive the service,
88 // but incidents reported by it will no longer have any effect after the
89 // service is deleted.
90 scoped_ptr
<TrackedPreferenceValidationDelegate
>
91 CreatePreferenceValidationDelegate(Profile
* profile
);
93 // Registers |callback| to be run after some delay following process launch.
94 void RegisterDelayedAnalysisCallback(const DelayedAnalysisCallback
& callback
);
96 // Adds |download_manager| to the set monitored for client download request
98 void AddDownloadManager(content::DownloadManager
* download_manager
);
101 // A pointer to a function that populates a protobuf with environment data.
102 typedef void (*CollectEnvironmentDataFn
)(
103 ClientIncidentReport_EnvironmentData
*);
105 // For testing so that the TaskRunner used for delayed analysis callbacks can
107 IncidentReportingService(
108 SafeBrowsingService
* safe_browsing_service
,
109 const scoped_refptr
<net::URLRequestContextGetter
>& request_context_getter
,
110 base::TimeDelta delayed_task_interval
,
111 const scoped_refptr
<base::TaskRunner
>& delayed_task_runner
);
113 // Sets the function called by the service to collect environment data and the
114 // task runner on which it is called. Used by unit tests to provide a fake
115 // environment data collector.
116 void SetCollectEnvironmentHook(
117 CollectEnvironmentDataFn collect_environment_data_hook
,
118 const scoped_refptr
<base::TaskRunner
>& task_runner
);
120 // Handles the addition of a new profile to the ProfileManager. Creates a new
121 // context for |profile| if one does not exist, drops any received incidents
122 // for the profile if the profile is not participating in safe browsing, and
123 // initiates a new search for the most recent download if a report is being
124 // assembled and the most recent has not been found. Overridden by unit tests
125 // to inject incidents prior to creation.
126 virtual void OnProfileAdded(Profile
* profile
);
128 // Initiates a search for the most recent binary download. Overriden by unit
129 // tests to provide a fake finder.
130 virtual scoped_ptr
<LastDownloadFinder
> CreateDownloadFinder(
131 const LastDownloadFinder::LastDownloadCallback
& callback
);
133 // Initiates an upload. Overridden by unit tests to provide a fake uploader.
134 virtual scoped_ptr
<IncidentReportUploader
> StartReportUpload(
135 const IncidentReportUploader::OnResultCallback
& callback
,
136 const scoped_refptr
<net::URLRequestContextGetter
>& request_context_getter
,
137 const ClientIncidentReport
& report
);
139 // Returns true if a report is currently being processed.
140 bool IsProcessingReport() const;
143 struct ProfileContext
;
147 // A mapping of profiles to contexts holding state about received incidents.
148 typedef std::map
<Profile
*, ProfileContext
*> ProfileContextCollection
;
150 // Returns the context for |profile|, creating it if it does not exist.
151 ProfileContext
* GetOrCreateProfileContext(Profile
* profile
);
153 // Returns the context for |profile|, or NULL if it is unknown.
154 ProfileContext
* GetProfileContext(Profile
* profile
);
156 // Handles the destruction of a profile. Incidents reported for the profile
157 // but not yet uploaded are dropped.
158 void OnProfileDestroyed(Profile
* profile
);
160 // Returns an initialized profile that participates in safe browsing. Profiles
161 // participating in extended safe browsing are preferred.
162 Profile
* FindEligibleProfile() const;
164 // Adds |incident_data| relating to the optional |profile| to the service.
165 void AddIncident(Profile
* profile
, scoped_ptr
<Incident
> incident
);
167 // Begins processing a report. If processing is already underway, ensures that
168 // collection tasks have completed or are running.
169 void BeginReportProcessing();
171 // Begins the process of collating incidents by waiting for incidents to
172 // arrive. This function is idempotent.
173 void BeginIncidentCollation();
175 // Starts a task to collect environment data in the blocking pool.
176 void BeginEnvironmentCollection();
178 // Returns true if the environment collection task is outstanding.
179 bool WaitingForEnvironmentCollection();
181 // Cancels any pending environment collection task and drops any data that has
182 // already been collected.
183 void CancelEnvironmentCollection();
185 // A callback invoked on the UI thread when environment data collection is
186 // complete. Incident report processing continues, either by waiting for the
187 // collection timeout or by sending an incident report.
188 void OnEnvironmentDataCollected(
189 scoped_ptr
<ClientIncidentReport_EnvironmentData
> environment_data
);
191 // Returns true if the service is waiting for additional incidents before
192 // uploading a report.
193 bool WaitingToCollateIncidents();
195 // Cancels the collection timeout.
196 void CancelIncidentCollection();
198 // A callback invoked on the UI thread after which incident collation has
199 // completed. Incident report processing continues, either by waiting for
200 // environment data or the most recent download to arrive or by sending an
202 void OnCollationTimeout();
204 // Starts the asynchronous process of finding the most recent executable
205 // download if one is not currently being search for and/or has not already
207 void BeginDownloadCollection();
209 // True if the service is waiting to discover the most recent download either
210 // because a task to do so is outstanding, or because one or more profiles
211 // have yet to be added to the ProfileManager.
212 bool WaitingForMostRecentDownload();
214 // Cancels the search for the most recent executable download.
215 void CancelDownloadCollection();
217 // A callback invoked on the UI thread by the last download finder when the
218 // search for the most recent binary download is complete.
219 void OnLastDownloadFound(
220 scoped_ptr
<ClientIncidentReport_DownloadDetails
> last_download
);
222 // Uploads an incident report if all data collection is complete. Incidents
223 // originating from profiles that do not participate in safe browsing are
225 void UploadIfCollectionComplete();
227 // Cancels all uploads, discarding all reports and responses in progress.
228 void CancelAllReportUploads();
230 // Continues an upload after checking for the CSD whitelist killswitch.
231 void OnKillSwitchResult(UploadContext
* context
, bool is_killswitch_on
);
233 // Performs processing for a report after succesfully receiving a response.
234 void HandleResponse(const UploadContext
& context
);
236 // IncidentReportUploader::OnResultCallback implementation.
237 void OnReportUploadResult(UploadContext
* context
,
238 IncidentReportUploader::Result result
,
239 scoped_ptr
<ClientIncidentResponse
> response
);
241 // DownloadProtectionService::ClientDownloadRequestCallback implementation.
242 void OnClientDownloadRequest(content::DownloadItem
* download
,
243 const ClientDownloadRequest
* request
);
245 // content::NotificationObserver methods.
246 void Observe(int type
,
247 const content::NotificationSource
& source
,
248 const content::NotificationDetails
& details
) override
;
250 base::ThreadChecker thread_checker_
;
252 // The safe browsing database manager, through which the whitelist killswitch
254 scoped_refptr
<SafeBrowsingDatabaseManager
> database_manager_
;
256 // Accessor for an URL context with which reports will be sent.
257 scoped_refptr
<net::URLRequestContextGetter
> url_request_context_getter_
;
259 // A pointer to a function that collects environment data. The function will
260 // be run by |environment_collection_task_runner_|. This is ordinarily
261 // CollectEnvironmentData, but may be overridden by tests; see
262 // SetCollectEnvironmentHook.
263 CollectEnvironmentDataFn collect_environment_data_fn_
;
265 // The task runner on which environment collection takes place. This is
266 // ordinarily a runner in the browser's blocking pool that will skip the
267 // collection task at shutdown if it has not yet started.
268 scoped_refptr
<base::TaskRunner
> environment_collection_task_runner_
;
270 // Registrar for observing profile lifecycle notifications.
271 content::NotificationRegistrar notification_registrar_
;
273 // A subscription for ClientDownloadRequests, used to persist them for later
275 DownloadProtectionService::ClientDownloadRequestSubscription
276 client_download_request_subscription_
;
278 // True when the asynchronous environment collection task has been fired off
279 // but has not yet completed.
280 bool environment_collection_pending_
;
282 // True when an incident has been received and the service is waiting for the
283 // collation_timer_ to fire.
284 bool collation_timeout_pending_
;
286 // A timer upon the firing of which the service will report received
288 base::DelayTimer
<IncidentReportingService
> collation_timer_
;
290 // The report currently being assembled. This becomes non-NULL when an initial
291 // incident is reported, and returns to NULL when the report is sent for
293 scoped_ptr
<ClientIncidentReport
> report_
;
295 // The time at which the initial incident is reported.
296 base::Time first_incident_time_
;
298 // The time at which the last incident is reported.
299 base::TimeTicks last_incident_time_
;
301 // The time at which environmental data collection was initiated.
302 base::TimeTicks environment_collection_begin_
;
304 // The time at which download collection was initiated.
305 base::TimeTicks last_download_begin_
;
307 // Context data for all on-the-record profiles plus the process-wide (NULL)
309 ProfileContextCollection profiles_
;
311 // Callbacks registered for performing delayed analysis.
312 DelayedCallbackRunner delayed_analysis_callbacks_
;
314 DownloadMetadataManager download_metadata_manager_
;
316 // The collection of uploads in progress.
317 ScopedVector
<UploadContext
> uploads_
;
319 // An object that asynchronously searches for the most recent binary download.
320 // Non-NULL while such a search is outstanding.
321 scoped_ptr
<LastDownloadFinder
> last_download_finder_
;
323 // A factory for handing out weak pointers for IncidentReceiver objects.
324 base::WeakPtrFactory
<IncidentReportingService
> receiver_weak_ptr_factory_
;
326 // A factory for handing out weak pointers for internal asynchronous tasks
327 // that are posted during normal processing (e.g., environment collection,
328 // safe browsing database checks, and report uploads).
329 base::WeakPtrFactory
<IncidentReportingService
> weak_ptr_factory_
;
331 DISALLOW_COPY_AND_ASSIGN(IncidentReportingService
);
334 } // namespace safe_browsing
336 #endif // CHROME_BROWSER_SAFE_BROWSING_INCIDENT_REPORTING_INCIDENT_REPORTING_SERVICE_H_