StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Reject SPL downgrade OTAs on release-keys devices" am: b9dd9dd417

Browse Source 
Original change: https://android-review.googlesource.com/c/platform/build/+/2457448

Change-Id: I9a9f45d33f6a2b49bcf70cb5cf910fde7fbe3c0e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Treehugger Robot
2023-02-25 02:07:05 +00:00
committed by Automerger Merge Worker
parent df1cdb8f53 b9dd9dd417
commit 923d0cc1b8
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tools/releasetools/ota_from_target_files.py
View File

@@ -1341,6 +1341,14 @@ def main(argv):
source_spl = source_build_prop.GetProp(SECURITY_PATCH_LEVEL_PROP_NAME)
target_spl = target_build_prop.GetProp(SECURITY_PATCH_LEVEL_PROP_NAME)
is_spl_downgrade = target_spl < source_spl
if is_spl_downgrade and target_build_prop.GetProp("ro.build.tags") == "release-keys":
raise common.ExternalError(
"Target security patch level {} is older than source SPL {} "
"A locked bootloader will reject SPL downgrade no matter "
"what(even if data wipe is done), so SPL downgrade on any "
"release-keys build is not allowed.".format(target_spl, source_spl))
logger.info("SPL downgrade on %s", target_build_prop.GetProp("ro.build.tags"))
if is_spl_downgrade and not OPTIONS.spl_downgrade and not OPTIONS.downgrade:
raise common.ExternalError(
"Target security patch level {} is older than source SPL {} applying "