From 3d05f68f3adcfed2fdb1daabdaaebc9d68e8f026 Mon Sep 17 00:00:00 2001 From: Kelvin Zhang Date: Fri, 24 Feb 2023 10:50:53 -0800 Subject: [PATCH] Reject SPL downgrade OTAs on release-keys devices Test: th Bug: 270459308 Change-Id: I013324b5b97336366d8e8cbe05e6ade91778b747 --- tools/releasetools/ota_from_target_files.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tools/releasetools/ota_from_target_files.py b/tools/releasetools/ota_from_target_files.py index d6c39c6812..97fbd510cb 100755 --- a/tools/releasetools/ota_from_target_files.py +++ b/tools/releasetools/ota_from_target_files.py @@ -1341,6 +1341,14 @@ def main(argv): source_spl = source_build_prop.GetProp(SECURITY_PATCH_LEVEL_PROP_NAME) target_spl = target_build_prop.GetProp(SECURITY_PATCH_LEVEL_PROP_NAME) is_spl_downgrade = target_spl < source_spl + if is_spl_downgrade and target_build_prop.GetProp("ro.build.tags") == "release-keys": + raise common.ExternalError( + "Target security patch level {} is older than source SPL {} " + "A locked bootloader will reject SPL downgrade no matter " + "what(even if data wipe is done), so SPL downgrade on any " + "release-keys build is not allowed.".format(target_spl, source_spl)) + + logger.info("SPL downgrade on %s", target_build_prop.GetProp("ro.build.tags")) if is_spl_downgrade and not OPTIONS.spl_downgrade and not OPTIONS.downgrade: raise common.ExternalError( "Target security patch level {} is older than source SPL {} applying "