Line data Source code
1 : /*
2 : *
3 : * Copyright (c) 2022 Project CHIP Authors
4 : *
5 : * Licensed under the Apache License, Version 2.0 (the "License");
6 : * you may not use this file except in compliance with the License.
7 : * You may obtain a copy of the License at
8 : *
9 : * http://www.apache.org/licenses/LICENSE-2.0
10 : *
11 : * Unless required by applicable law or agreed to in writing, software
12 : * distributed under the License is distributed on an "AS IS" BASIS,
13 : * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 : * See the License for the specific language governing permissions and
15 : * limitations under the License.
16 : */
17 :
18 : /**
19 : * @file
20 : * A 'Fail Safe Context' SHALL be created on the receiver, to track fail-safe
21 : * state information while the fail-safe is armed.
22 : */
23 :
24 : #pragma once
25 :
26 : #include <lib/core/CHIPError.h>
27 : #include <lib/core/DataModelTypes.h>
28 : #include <platform/internal/CHIPDeviceLayerInternal.h>
29 : #include <system/SystemClock.h>
30 :
31 : namespace chip {
32 : namespace app {
33 :
34 : class FailSafeContext
35 : {
36 : public:
37 : // ===== Members for internal use by other Device Layer components.
38 :
39 : /**
40 : * @brief
41 : * Only a single fail-safe timer is started on the device, if this function is called again
42 : * when the fail-safe timer is currently armed, the currently-running fail-safe timer will
43 : * first be cancelled, then the fail-safe timer will be re-armed.
44 : */
45 : CHIP_ERROR ArmFailSafe(FabricIndex accessingFabricIndex, System::Clock::Seconds16 expiryLengthSeconds);
46 :
47 : /**
48 : * @brief Cleanly disarm failsafe timer, such as on CommissioningComplete
49 : */
50 : void DisarmFailSafe();
51 : void SetAddNocCommandInvoked(FabricIndex nocFabricIndex)
52 : {
53 : mAddNocCommandHasBeenInvoked = true;
54 : mFabricIndex = nocFabricIndex;
55 : }
56 : void SetUpdateNocCommandInvoked() { mUpdateNocCommandHasBeenInvoked = true; }
57 : void SetAddTrustedRootCertInvoked() { mAddTrustedRootCertHasBeenInvoked = true; }
58 : void SetCsrRequestForUpdateNoc(bool isForUpdateNoc) { mIsCsrRequestForUpdateNoc = isForUpdateNoc; }
59 : void SetUpdateTermsAndConditionsHasBeenInvoked() { mUpdateTermsAndConditionsHasBeenInvoked = true; }
60 : void RecordSetVidVerificationStatementHasBeenInvoked() { mSetVidVerificationStatementHasBeenInvoked = true; }
61 :
62 : /**
63 : * @brief
64 : * Schedules a work to cleanup the FailSafe Context asynchronously after various cleanup work
65 : * has completed.
66 : */
67 : void ScheduleFailSafeCleanup(FabricIndex fabricIndex, bool addNocCommandInvoked, bool updateNocCommandInvoked);
68 :
69 : bool IsFailSafeArmed(FabricIndex accessingFabricIndex) const
70 : {
71 : return IsFailSafeArmed() && MatchesFabricIndex(accessingFabricIndex);
72 : }
73 :
74 : // Returns true if the fail-safe is in a state where commands that require an armed
75 : // fail-safe can no longer execute, but a new fail-safe can't be armed yet.
76 9 : bool IsFailSafeBusy() const { return mFailSafeBusy; }
77 :
78 6 : bool IsFailSafeArmed() const { return mFailSafeArmed; }
79 :
80 : // True if it is possible to do an initial arming of the failsafe if needed.
81 : // To be used in places where some action should take place only if the
82 : // fail-safe could be armed after that action.
83 6 : bool IsFailSafeFullyDisarmed() const { return !IsFailSafeArmed() && !IsFailSafeBusy(); }
84 :
85 : bool MatchesFabricIndex(FabricIndex accessingFabricIndex) const
86 : {
87 : VerifyOrDie(IsFailSafeArmed());
88 : return (accessingFabricIndex == mFabricIndex);
89 : }
90 :
91 : bool NocCommandHasBeenInvoked() const { return mAddNocCommandHasBeenInvoked || mUpdateNocCommandHasBeenInvoked; }
92 : bool AddNocCommandHasBeenInvoked() const { return mAddNocCommandHasBeenInvoked; }
93 : bool UpdateNocCommandHasBeenInvoked() const { return mUpdateNocCommandHasBeenInvoked; }
94 : bool AddTrustedRootCertHasBeenInvoked() const { return mAddTrustedRootCertHasBeenInvoked; }
95 : bool IsCsrRequestForUpdateNoc() const { return mIsCsrRequestForUpdateNoc; }
96 : bool UpdateTermsAndConditionsHasBeenInvoked() const { return mUpdateTermsAndConditionsHasBeenInvoked; }
97 : bool HasSetVidVerificationStatementHasBeenInvoked() const { return mSetVidVerificationStatementHasBeenInvoked; }
98 :
99 : FabricIndex GetFabricIndex() const
100 : {
101 : VerifyOrDie(IsFailSafeArmed());
102 : return mFabricIndex;
103 : }
104 :
105 : // Immediately disarms the timer and schedules a failsafe timer expiry.
106 : // If the failsafe is not armed, this is a no-op.
107 : void ForceFailSafeTimerExpiry();
108 :
109 : private:
110 : bool mFailSafeArmed = false;
111 : bool mFailSafeBusy = false;
112 : bool mAddNocCommandHasBeenInvoked = false;
113 : bool mUpdateNocCommandHasBeenInvoked = false;
114 : bool mAddTrustedRootCertHasBeenInvoked = false;
115 : // The fact of whether a CSR occurred at all is stored elsewhere.
116 : bool mIsCsrRequestForUpdateNoc = false;
117 : FabricIndex mFabricIndex = kUndefinedFabricIndex;
118 : bool mUpdateTermsAndConditionsHasBeenInvoked = false;
119 : bool mSetVidVerificationStatementHasBeenInvoked = false;
120 :
121 : /**
122 : * @brief
123 : * The callback function to be called when "fail-safe timer" expires.
124 : */
125 : static void HandleArmFailSafeTimer(System::Layer * layer, void * aAppState);
126 :
127 : /**
128 : * @brief
129 : * The callback function to be called when max cumulative time expires.
130 : */
131 : static void HandleMaxCumulativeFailSafeTimer(System::Layer * layer, void * aAppState);
132 :
133 : /**
134 : * @brief
135 : * The callback function to be called asynchronously after various cleanup work has completed
136 : * to actually disarm the fail-safe.
137 : */
138 : static void HandleDisarmFailSafe(intptr_t arg);
139 :
140 : void SetFailSafeArmed(bool armed);
141 :
142 : /**
143 : * @brief Reset to unarmed basic state
144 : */
145 3 : void ResetState()
146 : {
147 3 : SetFailSafeArmed(false);
148 :
149 3 : mAddNocCommandHasBeenInvoked = false;
150 3 : mUpdateNocCommandHasBeenInvoked = false;
151 3 : mAddTrustedRootCertHasBeenInvoked = false;
152 3 : mFailSafeBusy = false;
153 3 : mIsCsrRequestForUpdateNoc = false;
154 3 : mUpdateTermsAndConditionsHasBeenInvoked = false;
155 3 : mSetVidVerificationStatementHasBeenInvoked = false;
156 3 : }
157 :
158 : void FailSafeTimerExpired();
159 : };
160 :
161 : } // namespace app
162 : } // namespace chip
|