Check boot image version before update.

Rely on libkver to report boot image version and check
updateability correctly before the update.

Test: apply GKI update
Bug: 162554855
Bug: 162623577
Change-Id: If7668346db5dcb03a1fdd31a738dd5952e30ca1a
diff --git a/Android.bp b/Android.bp
index 95de8b2..f61b255 100644
--- a/Android.bp
+++ b/Android.bp
@@ -260,6 +260,7 @@
     ],
 
     static_libs: [
+        "libkver",
         "libpayload_consumer",
         "libupdate_engine_boot_control",
     ],
@@ -389,6 +390,7 @@
         "libbrillo-stream",
         "libbrillo",
         "libchrome",
+        "libkver",
     ],
     target: {
         recovery: {
@@ -682,6 +684,7 @@
         "common/utils_unittest.cc",
         "dynamic_partition_control_android_unittest.cc",
         "libcurl_http_fetcher_unittest.cc",
+        "hardware_android_unittest.cc",
         "payload_consumer/bzip_extent_writer_unittest.cc",
         "payload_consumer/cached_file_descriptor_unittest.cc",
         "payload_consumer/certificate_parser_android_unittest.cc",
diff --git a/hardware_android.cc b/hardware_android.cc
index 361b9f1..4894522 100644
--- a/hardware_android.cc
+++ b/hardware_android.cc
@@ -17,6 +17,7 @@
 #include "update_engine/hardware_android.h"
 
 #include <sys/types.h>
+#include <sys/utsname.h>
 
 #include <memory>
 #include <string>
@@ -26,6 +27,8 @@
 #include <android-base/properties.h>
 #include <base/files/file_util.h>
 #include <bootloader_message/bootloader_message.h>
+#include <kver/kernel_release.h>
+#include <kver/utils.h>
 
 #include "update_engine/common/error_code_utils.h"
 #include "update_engine/common/hardware.h"
@@ -35,6 +38,8 @@
 using android::base::GetBoolProperty;
 using android::base::GetIntProperty;
 using android::base::GetProperty;
+using android::kver::IsKernelUpdateValid;
+using android::kver::KernelRelease;
 using std::string;
 
 namespace chromeos_update_engine {
@@ -51,6 +56,11 @@
 const char kPropBootRevision[] = "ro.boot.revision";
 const char kPropBuildDateUTC[] = "ro.build.date.utc";
 
+string GetPartitionBuildDate(const string& partition_name) {
+  return android::base::GetProperty("ro." + partition_name + ".build.date.utc",
+                                    "");
+}
+
 }  // namespace
 
 namespace hardware {
@@ -228,15 +238,33 @@
   }
 }
 
-std::string HardwareAndroid::GetVersionForLogging(
-    const std::string& partition_name) const {
-  return android::base::GetProperty("ro." + partition_name + ".build.date.utc",
-                                    "");
+string HardwareAndroid::GetVersionForLogging(
+    const string& partition_name) const {
+  if (partition_name == "boot") {
+    struct utsname buf;
+    if (uname(&buf) != 0) {
+      PLOG(ERROR) << "Unable to call uname()";
+      return "";
+    }
+    auto kernel_release =
+        KernelRelease::Parse(buf.release, true /* allow_suffix */);
+    return kernel_release.has_value() ? kernel_release->string() : "";
+  }
+  return GetPartitionBuildDate(partition_name);
 }
 
 ErrorCode HardwareAndroid::IsPartitionUpdateValid(
-    const std::string& partition_name, const std::string& new_version) const {
-  const auto old_version = GetVersionForLogging(partition_name);
+    const string& partition_name, const string& new_version) const {
+  if (partition_name == "boot") {
+    struct utsname buf;
+    if (uname(&buf) != 0) {
+      PLOG(ERROR) << "Unable to call uname()";
+      return ErrorCode::kError;
+    }
+    return IsKernelUpdateValid(buf.release, new_version);
+  }
+
+  const auto old_version = GetPartitionBuildDate(partition_name);
   // TODO(zhangkelvin)  for some partitions, missing a current timestamp should
   // be an error, e.g. system, vendor, product etc.
   auto error_code = utils::IsTimestampNewer(old_version, new_version);
@@ -249,4 +277,29 @@
   return error_code;
 }
 
+ErrorCode HardwareAndroid::IsKernelUpdateValid(const string& old_release,
+                                               const string& new_release) {
+  // Check that the package either contain an empty version (indicating that the
+  // new build does not use GKI), or a valid GKI kernel release.
+  std::optional<KernelRelease> new_kernel_release;
+  if (new_release.empty()) {
+    LOG(INFO) << "New build does not contain GKI.";
+  } else {
+    new_kernel_release =
+        KernelRelease::Parse(new_release, true /* allow_suffix */);
+    if (!new_kernel_release.has_value()) {
+      LOG(ERROR) << "New kernel release is not valid GKI kernel release: "
+                 << new_release;
+      return ErrorCode::kDownloadManifestParseError;
+    }
+  }
+
+  auto old_kernel_release =
+      KernelRelease::Parse(old_release, true /* allow_suffix */);
+  return android::kver::IsKernelUpdateValid(old_kernel_release,
+                                            new_kernel_release)
+             ? ErrorCode::kSuccess
+             : ErrorCode::kPayloadTimestampError;
+}
+
 }  // namespace chromeos_update_engine
diff --git a/hardware_android.h b/hardware_android.h
index d8fbbbe..b670447 100644
--- a/hardware_android.h
+++ b/hardware_android.h
@@ -22,6 +22,7 @@
 
 #include <base/macros.h>
 #include <base/time/time.h>
+#include <gtest/gtest_prod.h>
 
 #include "update_engine/common/error_code.h"
 #include "update_engine/common/hardware.h"
@@ -67,6 +68,12 @@
       const std::string& new_version) const override;
 
  private:
+  FRIEND_TEST(HardwareAndroidTest, IsKernelUpdateValid);
+
+  // Helper for IsPartitionUpdateValid.
+  static ErrorCode IsKernelUpdateValid(const std::string& old_release,
+                                       const std::string& new_release);
+
   DISALLOW_COPY_AND_ASSIGN(HardwareAndroid);
 };
 
diff --git a/hardware_android_unittest.cc b/hardware_android_unittest.cc
new file mode 100644
index 0000000..9a491f3
--- /dev/null
+++ b/hardware_android_unittest.cc
@@ -0,0 +1,67 @@
+//
+// Copyright (C) 2020 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#include <gtest/gtest.h>
+
+#include "update_engine/common/error_code.h"
+#include "update_engine/common/test_utils.h"
+#include "update_engine/hardware_android.h"
+
+namespace chromeos_update_engine {
+
+TEST(HardwareAndroidTest, IsKernelUpdateValid) {
+  EXPECT_EQ(ErrorCode::kSuccess,
+            HardwareAndroid::IsKernelUpdateValid("5.4.42-not-gki", ""))
+      << "Legacy update should be fine";
+
+  EXPECT_EQ(ErrorCode::kSuccess,
+            HardwareAndroid::IsKernelUpdateValid("5.4.42-not-gki",
+                                                 "5.4.42-android12-0"))
+      << "Update to GKI should be fine";
+
+  EXPECT_EQ(
+      ErrorCode::kDownloadManifestParseError,
+      HardwareAndroid::IsKernelUpdateValid("5.4.42-not-gki", "5.4.42-not-gki"))
+      << "Should report parse error for invalid version field";
+
+  EXPECT_EQ(ErrorCode::kSuccess,
+            HardwareAndroid::IsKernelUpdateValid(
+                "5.4.42-android12-0-something", "5.4.42-android12-0-something"))
+      << "Self update should be fine";
+
+  EXPECT_EQ(ErrorCode::kSuccess,
+            HardwareAndroid::IsKernelUpdateValid(
+                "5.4.42-android12-0-something", "5.4.43-android12-0-something"))
+      << "Sub-level update should be fine";
+
+  EXPECT_EQ(
+      ErrorCode::kSuccess,
+      HardwareAndroid::IsKernelUpdateValid("5.4.42-android12-0-something",
+                                           "5.10.10-android12-0-something"))
+      << "KMI version update should be fine";
+
+  EXPECT_EQ(ErrorCode::kPayloadTimestampError,
+            HardwareAndroid::IsKernelUpdateValid("5.4.42-android12-0-something",
+                                                 "5.4.5-android12-0-something"))
+      << "Should detect sub-level downgrade";
+
+  EXPECT_EQ(ErrorCode::kPayloadTimestampError,
+            HardwareAndroid::IsKernelUpdateValid("5.4.42-android12-0-something",
+                                                 "5.1.5-android12-0-something"))
+      << "Should detect KMI version downgrade";
+}
+
+}  // namespace chromeos_update_engine