Add security patch level to update manifest
When installing a full OTA, the target build might have a newer
timestamp but older SPL. In these caess, update_engine will fail to
recognize the SPL downgrade and skip data wipe, causing /data decryption
to fail on next reboot. To fix this issue, add a SPL field to update
manifest. update_engine will check this field on OTA install and
schedule data wipe as needed.
Test: install OTA with newer timestamp but older SPL, make sure data wipe is scheduled
Bug: 242812845
Change-Id: I9d1dd73b46323939bbf990e29da5cc0ba79f86e2
diff --git a/payload_consumer/delta_performer.h b/payload_consumer/delta_performer.h
index dd71467..633c533 100644
--- a/payload_consumer/delta_performer.h
+++ b/payload_consumer/delta_performer.h
@@ -32,10 +32,9 @@
#include "update_engine/common/hash_calculator.h"
#include "update_engine/common/platform_constants.h"
-#include "update_engine/payload_consumer/file_descriptor.h"
#include "update_engine/payload_consumer/file_writer.h"
#include "update_engine/payload_consumer/install_plan.h"
-#include "update_engine/payload_consumer/partition_writer.h"
+#include "update_engine/payload_consumer/partition_writer_interface.h"
#include "update_engine/payload_consumer/payload_metadata.h"
#include "update_engine/payload_consumer/payload_verifier.h"
#include "update_engine/update_metadata.pb.h"
@@ -88,7 +87,7 @@
// FileWriter's Write implementation where caller doesn't care about
// error codes.
bool Write(const void* bytes, size_t count) override {
- ErrorCode error;
+ ErrorCode error{};
return Write(bytes, count, &error);
}
@@ -315,6 +314,8 @@
// Check if partition `part_name` is a dynamic partition.
bool IsDynamicPartition(const std::string& part_name, uint32_t slot);
+ void CheckSPLDowngrade();
+
// Update Engine preference store.
PrefsInterface* prefs_;