From c29149a1a25e43597cc6b965da9e0f88d6719a5a Mon Sep 17 00:00:00 2001 From: Ricardo Cerqueira Date: Fri, 9 May 2014 22:21:28 +0100 Subject: ota: Make sure we don't install on top of an incompatible system If the system has data present, make sure said data doesn't depend on a system signature different from our own. If we can't find our platform key, abort the installation Change-Id: I16572daf9464de326a9d0d126597cfbf03208f94 --- tools/releasetools/edify_generator.py | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'tools/releasetools/edify_generator.py') diff --git a/tools/releasetools/edify_generator.py b/tools/releasetools/edify_generator.py index 4acda35..2cff05b 100644 --- a/tools/releasetools/edify_generator.py +++ b/tools/releasetools/edify_generator.py @@ -147,6 +147,17 @@ class EdifyGenerator(object): self.script.append('delete("/system/bin/backuptool.sh");') self.script.append('delete("/system/bin/backuptool.functions");') + def ValidateSignatures(self, command): + if command == "cleanup": + self.script.append('delete("/system/bin/otasigcheck.sh");') + else: + self.script.append('package_extract_file("system/bin/otasigcheck.sh", "/tmp/otasigcheck.sh");') + self.script.append('package_extract_file("META-INF/org/cyanogenmod/releasekey", "/tmp/releasekey");') + self.script.append('set_metadata("/tmp/otasigcheck.sh", "uid", 0, "gid", 0, "mode", 0755);') + self.script.append('run_program("/tmp/otasigcheck.sh");') + ## Hax: a failure from run_program doesn't trigger an abort, so have it change the key value and check for "INVALID" + self.script.append('sha1_check(read_file("/tmp/releasekey"),"7241e92725436afc79389d4fc2333a2aa8c20230") && abort("Can\'t install this package on top of incompatible data. Please try another package or run a factory reset");') + def ShowProgress(self, frac, dur): """Update the progress bar, advancing it over 'frac' over the next 'dur' seconds. 'dur' may be zero to advance it via SetProgress -- cgit v1.1