From aff5e54c4ef5fec7e67e830f83ee64424005d07c Mon Sep 17 00:00:00 2001 From: Ricardo Cerqueira Date: Fri, 9 May 2014 22:24:12 +0100 Subject: [PATCH] ota: Validate any installed data's signature against our own Try to prevent incompatible-signature system quirkiness Change-Id: I73402d963a1b57ad0ee3c68ced4f2d7f074f927f --- config/common.mk | 4 ++++ prebuilt/common/bin/otasigcheck.sh | 18 ++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 prebuilt/common/bin/otasigcheck.sh diff --git a/config/common.mk b/config/common.mk index 32ec9715..af67cf53 100644 --- a/config/common.mk +++ b/config/common.mk @@ -87,6 +87,10 @@ PRODUCT_COPY_FILES += \ vendor/cm/prebuilt/common/bin/blacklist:system/addon.d/blacklist endif +# Signature compatibility validation +PRODUCT_COPY_FILES += \ + vendor/cm/prebuilt/common/bin/otasigcheck.sh:system/bin/otasigcheck.sh + # init.d support PRODUCT_COPY_FILES += \ vendor/cm/prebuilt/common/etc/init.d/00banner:system/etc/init.d/00banner \ diff --git a/prebuilt/common/bin/otasigcheck.sh b/prebuilt/common/bin/otasigcheck.sh new file mode 100644 index 00000000..49def3c8 --- /dev/null +++ b/prebuilt/common/bin/otasigcheck.sh @@ -0,0 +1,18 @@ +#!/sbin/sh + +# Validate that the incoming OTA is compatible with an already-installed +# system + +if [ -f /data/system/packages.xml -a -f /tmp/releasekey ]; then + relCert=$(grep -A3 'package name="com.android.providers.calendar"' /data/system/packages.xml | grep "cert index" | head -n 1 | sed -e 's|.*"\([[:digit:]]\)".*|\1|g') + + grep "cert index=\"$relCert\"" /data/system/packages.xml | grep -q `cat /tmp/releasekey` + if [ $? -ne 0 ]; then + echo "You have an installed system that isn't signed with this build's key, aborting..." + # Edify doesn't abort on non-zero executions, so let's trash the key and use sha1sum instead + echo "INVALID" > /tmp/releasekey + exit 1 + fi +fi + +exit 0