diff options
| author | Kelvin Zhang <zhangkelvin@google.com> | 2021-05-19 14:59:43 +0200 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2021-05-19 14:59:43 +0200 |
| commit | bbde214b484acb43a515e5dc346e0bf0a236c7f3 (patch) | |
| tree | cdf7df10096b0fd3919578a988810eb52c4a3611 /install/install.cpp | |
| parent | Merge "use create_dumb.size as size of buffer" (diff) | |
| parent | Check SPL downgrade before install OTA in recovery (diff) | |
| download | android_bootable_recovery-bbde214b484acb43a515e5dc346e0bf0a236c7f3.tar android_bootable_recovery-bbde214b484acb43a515e5dc346e0bf0a236c7f3.tar.gz android_bootable_recovery-bbde214b484acb43a515e5dc346e0bf0a236c7f3.tar.bz2 android_bootable_recovery-bbde214b484acb43a515e5dc346e0bf0a236c7f3.tar.lz android_bootable_recovery-bbde214b484acb43a515e5dc346e0bf0a236c7f3.tar.xz android_bootable_recovery-bbde214b484acb43a515e5dc346e0bf0a236c7f3.tar.zst android_bootable_recovery-bbde214b484acb43a515e5dc346e0bf0a236c7f3.zip | |
Diffstat (limited to 'install/install.cpp')
| -rw-r--r-- | install/install.cpp | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/install/install.cpp b/install/install.cpp index 1b220cb39..6e74f80ab 100644 --- a/install/install.cpp +++ b/install/install.cpp @@ -47,6 +47,7 @@ #include <android-base/unique_fd.h> #include "install/package.h" +#include "install/spl_check.h" #include "install/verifier.h" #include "install/wipe_data.h" #include "otautil/error_code.h" @@ -348,6 +349,12 @@ static InstallResult TryUpdateBinary(Package* package, bool* wipe_cache, android::base::GetBoolProperty("ro.virtual_ab.allow_non_ab", false); bool device_only_supports_ab = device_supports_ab && !ab_device_supports_nonab; + const auto current_spl = android::base::GetProperty("ro.build.version.security_patch", ""); + if (ViolatesSPLDowngrade(zip, current_spl)) { + LOG(ERROR) << "Denying OTA because it's SPL downgrade"; + return INSTALL_ERROR; + } + if (package_is_ab) { CHECK(package->GetType() == PackageType::kFile); } |