ota: Validate any installed data's signature against our own
Try to prevent incompatible-signature system quirkiness
Change-Id: I73402d963a1b57ad0ee3c68ced4f2d7f074f927f
diff --git a/config/common.mk b/config/common.mk
index 32ec971..af67cf5 100644
--- a/config/common.mk
+++ b/config/common.mk
@@ -87,6 +87,10 @@
vendor/cm/prebuilt/common/bin/blacklist:system/addon.d/blacklist
endif
+# Signature compatibility validation
+PRODUCT_COPY_FILES += \
+ vendor/cm/prebuilt/common/bin/otasigcheck.sh:system/bin/otasigcheck.sh
+
# init.d support
PRODUCT_COPY_FILES += \
vendor/cm/prebuilt/common/etc/init.d/00banner:system/etc/init.d/00banner \
diff --git a/prebuilt/common/bin/otasigcheck.sh b/prebuilt/common/bin/otasigcheck.sh
new file mode 100644
index 0000000..49def3c
--- /dev/null
+++ b/prebuilt/common/bin/otasigcheck.sh
@@ -0,0 +1,18 @@
+#!/sbin/sh
+
+# Validate that the incoming OTA is compatible with an already-installed
+# system
+
+if [ -f /data/system/packages.xml -a -f /tmp/releasekey ]; then
+ relCert=$(grep -A3 'package name="com.android.providers.calendar"' /data/system/packages.xml | grep "cert index" | head -n 1 | sed -e 's|.*"\([[:digit:]]\)".*|\1|g')
+
+ grep "cert index=\"$relCert\"" /data/system/packages.xml | grep -q `cat /tmp/releasekey`
+ if [ $? -ne 0 ]; then
+ echo "You have an installed system that isn't signed with this build's key, aborting..."
+ # Edify doesn't abort on non-zero executions, so let's trash the key and use sha1sum instead
+ echo "INVALID" > /tmp/releasekey
+ exit 1
+ fi
+fi
+
+exit 0