Check SPL downgrade before install OTA in recovery
Applying an SPL downgrade package can cause boot failures
(/data failed to decrypt). Today's ota_from_target_files
tool already try to prevent this. But Packages generated
using older tools are still around.
Add check in recovery to prevent such OTA package from
installing.
Test: th
Test: Sideload an OTA with newer SPL, make sure check passes
Test; Sideload an OTA with older SPL, make sure check fails
Bug: 186581246
Bug: 188575410
cherry-picked from aosp/1708986
cherry-picked from commit: 33c62fc4b81b93b29c7a94fba20ab56d7f5f6bd7
Change-Id: Icffe8097521c511e151af023a443ccbb4b59e22c
diff --git a/install/Android.bp b/install/Android.bp
index 8c88bd0..e239ddc 100644
--- a/install/Android.bp
+++ b/install/Android.bp
@@ -26,6 +26,7 @@
defaults: [
"recovery_defaults",
+ "libspl_check_defaults",
],
shared_libs: [
@@ -49,12 +50,51 @@
"librecovery_utils",
"libotautil",
"libsnapshot_nobinder",
+ "ota_metadata_proto_cc",
// external dependencies
"libvintf",
],
}
+cc_test_host {
+ name: "libinstall_host_unittests",
+ defaults: [
+ "libspl_check_defaults"
+ ],
+ srcs: [
+ "spl_check_unittests.cpp",
+ ],
+ static_libs: [
+ "libspl_check",
+ ],
+}
+
+cc_defaults {
+ name: "libspl_check_defaults",
+ static_libs: [
+ "libbase",
+ "ota_metadata_proto_cc",
+ "liblog",
+ "libziparchive",
+ "libz",
+ "libprotobuf-cpp-lite",
+ ],
+}
+
+cc_library_static {
+ name: "libspl_check",
+ recovery_available: true,
+ host_supported: true,
+ defaults: [
+ "libspl_check_defaults",
+ ],
+ srcs: ["spl_check.cpp"],
+ export_include_dirs: [
+ "include",
+ ],
+}
+
cc_library_static {
name: "libinstall",
recovery_available: true,
@@ -73,6 +113,7 @@
"verifier.cpp",
"wipe_data.cpp",
"wipe_device.cpp",
+ "spl_check.cpp",
],
header_libs: [