Gitiles
Code Review Sign In
gerrit.twrp.me / android_bootable_recovery / 421625f45875451b8203d5e97c78bb1a6de213da^1..421625f45875451b8203d5e97c78bb1a6de213da / .
commit421625f45875451b8203d5e97c78bb1a6de213da[log] [tgz]
authorKelvin Zhang <zhangkelvin@google.com>Wed Mar 15 00:20:45 2023 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Wed Mar 15 00:20:45 2023 +0000
treece829f2ae4553f1a2831a6aa21092915799ab95c
parent6f24f52f7980dde48292e2346bb7a558422520db [diff]
parent00bfe128f9cec98737a3747e013c882e6b855b78 [diff]
Merge "Require serialno field for brick OTA package on release-key devices" am: 00bfe128f9

Original change: https://android-review.googlesource.com/c/platform/bootable/recovery/+/2486120

Change-Id: I58087c7e132a714cdedf3984906e49f78e233b85
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

diff --git a/install/install.cpp b/install/install.cpp
index 044856b..30ba94c 100644
--- a/install/install.cpp
+++ b/install/install.cpp

@@ -70,6 +70,8 @@
 static constexpr float VERIFICATION_PROGRESS_FRACTION = 0.25;
 // The charater used to separate dynamic fingerprints. e.x. sargo|aosp-sargo
 static const char* FINGERPRING_SEPARATOR = "|";
+static constexpr auto&& RELEASE_KEYS_TAG = "release-keys";
+
 static std::condition_variable finish_log_temperature;
 static bool isInStringList(const std::string& target_token, const std::string& str_list,
                            const std::string& deliminator);
@@ -213,6 +215,7 @@
   // We allow the package to not have any serialno; and we also allow it to carry multiple serial
   // numbers split by "|"; e.g. serialno=serialno1|serialno2|serialno3 ... We will fail the
   // verification if the device's serialno doesn't match any of these carried numbers.
+
   auto pkg_serial_no = get_value(metadata, "serialno");
   if (!pkg_serial_no.empty()) {
     auto device_serial_no = android::base::GetProperty("ro.serialno", "");
@@ -226,6 +229,21 @@
       LOG(ERROR) << "Package is for serial " << pkg_serial_no;
       return false;
     }
+  } else if (ota_type == OtaType::BRICK) {
+    const auto device_build_tag = android::base::GetProperty("ro.build.tags", "");
+    if (device_build_tag.empty()) {
+      LOG(ERROR) << "Unable to determine device build tags, serial number is missing from package. "
+                    "Rejecting the brick OTA package.";
+      return false;
+    }
+    if (device_build_tag == RELEASE_KEYS_TAG) {
+      LOG(ERROR) << "Device is release key build, serial number is missing from package. "
+                    "Rejecting the brick OTA package.";
+      return false;
+    }
+    LOG(INFO)
+        << "Serial number is missing from brick OTA package, permitting anyway because device is "
+        << device_build_tag;
   }
 
   if (ota_type == OtaType::AB) {