StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prevent SPL downgrade OTAs from generating

Browse Source 
Previously we allow all spl downgrade OTA to generate. But applying such
OTA often causes device to hang and rollback, because keymaster refuses
to attach if it detects spl downgrade. When such error happens, it's
really hard to debug. So instead of debugging a mysterious boot failure,
let''s prevent such OTA from generating in the first place.

Test: th
Bug: 178584781

Change-Id: I8e271862d804e86b16aea70424b4d3e289d43cc9
This commit is contained in:
Kelvin Zhang
2021-02-08 19:57:57 -05:00
parent a632e7f855
commit 80ff466780
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
tools/releasetools/ota_from_target_files.py
View File

@@ -273,6 +273,7 @@ OPTIONS.disable_verity_computation = False
OPTIONS.partial = None OPTIONS.partial = None
OPTIONS.custom_images = {} OPTIONS.custom_images = {}
OPTIONS.disable_vabc = False OPTIONS.disable_vabc = False
OPTIONS.spl_downgrade = False
POSTINSTALL_CONFIG = 'META/postinstall_config.txt' POSTINSTALL_CONFIG = 'META/postinstall_config.txt'
DYNAMIC_PARTITION_INFO = 'META/dynamic_partitions_info.txt' DYNAMIC_PARTITION_INFO = 'META/dynamic_partitions_info.txt'
@@ -291,6 +292,8 @@ SECONDARY_PAYLOAD_SKIPPED_IMAGES = [
'system_ext', 'vbmeta', 'vbmeta_system', 'vbmeta_vendor', 'vendor', 'system_ext', 'vbmeta', 'vbmeta_system', 'vbmeta_vendor', 'vendor',
'vendor_boot'] 'vendor_boot']
SECURITY_PATCH_LEVEL_PROP_NAME = "ro.build.version.security_patch"
class PayloadSigner(object): class PayloadSigner(object):
"""A class that wraps the payload signing works. """A class that wraps the payload signing works.
@@ -1262,6 +1265,8 @@ def main(argv):
OPTIONS.custom_images[custom_partition] = custom_image OPTIONS.custom_images[custom_partition] = custom_image
elif o == "--disable_vabc": elif o == "--disable_vabc":
OPTIONS.disable_vabc = True OPTIONS.disable_vabc = True
elif o == "--spl_downgrade":
OPTIONS.spl_downgrade = True
else: else:
return False return False
return True return True
@@ -1304,6 +1309,7 @@ def main(argv):
"partial=", "partial=",
"custom_image=", "custom_image=",
"disable_vabc", "disable_vabc",
"spl_downgrade"
], extra_option_handler=option_handler) ], extra_option_handler=option_handler)
if len(args) != 2: if len(args) != 2:
@@ -1400,6 +1406,19 @@ def main(argv):
# Get signing keys # Get signing keys
OPTIONS.key_passwords = common.GetKeyPasswords([OPTIONS.package_key]) OPTIONS.key_passwords = common.GetKeyPasswords([OPTIONS.package_key])
if OPTIONS.source_info_dict:
source_build_prop = OPTIONS.source_info_dict["build.prop"]
target_build_prop = OPTIONS.target_info_dict["build.prop"]
source_spl = source_build_prop.GetProp(SECURITY_PATCH_LEVEL_PROP_NAME)
target_spl = target_build_prop.GetProp(SECURITY_PATCH_LEVEL_PROP_NAME)
if target_spl < source_spl and not OPTIONS.spl_downgrade:
raise common.ExternalError(
"Target security patch level {} is older than source SPL {} applying "
"such OTA will likely cause device fail to boot. Pass --spl-downgrade "
"to override this check. This script expects security patch level to "
"be in format yyyy-mm-dd (e.x. 2021-02-05). It's possible to use "
"separators other than -, so as long as it's used consistenly across "
"all SPL dates".format(target_spl, source_spl))
if generate_ab: if generate_ab:
GenerateAbOtaPackage( GenerateAbOtaPackage(
target_file=args[0], target_file=args[0],