From 33c62fc4b81b93b29c7a94fba20ab56d7f5f6bd7 Mon Sep 17 00:00:00 2001 From: Kelvin Zhang Date: Fri, 14 May 2021 17:15:50 -0400 Subject: Check SPL downgrade before install OTA in recovery Applying an SPL downgrade package can cause boot failures (/data failed to decrypt). Today's ota_from_target_files tool already try to prevent this. But Packages generated using older tools are still around. Add check in recovery to prevent such OTA package from installing. Test: th Test: Sideload an OTA with newer SPL, make sure check passes Test; Sideload an OTA with older SPL, make sure check fails Bug: 186581246 Change-Id: Icffe8097521c511e151af023a443ccbb4b59e22c --- install/install.cpp | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'install/install.cpp') diff --git a/install/install.cpp b/install/install.cpp index 1b220cb39..6e74f80ab 100644 --- a/install/install.cpp +++ b/install/install.cpp @@ -47,6 +47,7 @@ #include #include "install/package.h" +#include "install/spl_check.h" #include "install/verifier.h" #include "install/wipe_data.h" #include "otautil/error_code.h" @@ -348,6 +349,12 @@ static InstallResult TryUpdateBinary(Package* package, bool* wipe_cache, android::base::GetBoolProperty("ro.virtual_ab.allow_non_ab", false); bool device_only_supports_ab = device_supports_ab && !ab_device_supports_nonab; + const auto current_spl = android::base::GetProperty("ro.build.version.security_patch", ""); + if (ViolatesSPLDowngrade(zip, current_spl)) { + LOG(ERROR) << "Denying OTA because it's SPL downgrade"; + return INSTALL_ERROR; + } + if (package_is_ab) { CHECK(package->GetType() == PackageType::kFile); } -- cgit v1.2.3