Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Verified Commit 775a6f14 authored by Rohit Sekhar's avatar Rohit Sekhar Committed by Nicolas Gelot
Browse files

FP4: Store SPL only if locked and on Stock ROM 

* Rollback Index == SPL only if we:
  - Are on the Stock ROM
    (Non Stock OS-es spoof SPL values)
  - Have a LOCKED bootloader
    (A device with an UNLOCKED bootloader MAY NOT have SPL == Rollback Index)

* On a given device from the wild, which can only be interfaced via ADB
  and Fastboot, this is the only way to understand the Rollback Index and
  prevent AVB Red state on LOCKING the bootloader
parent 47b5428e

flash-scripts/linux/store-rom-info.sh

+4 −8
Original line number Diff line number Diff line
@@ -48,10 +48,6 @@ SECURITY_PATCH=${ARCHIVE_FOLDER_PATH}""${device_model}"-security-patch" 
DEVICE_STATE=${ARCHIVE_FOLDER_PATH}""${device_model}"-device-state"

MURENA_ROM_INFO=${ARCHIVE_FOLDER_PATH}""${device_model}"-rom-info"



# The command below may provide  empty result if the key does not exists

# In that case the process will use for compare.

"$ADB_PATH" shell getprop ro.build.version.security_patch> $SECURITY_PATCH



curl -o $MURENA_ROM_INFO https://images.ecloud.global/stable/FP4/e-latest-FP4.zip.prop



MURENA__SECURITY_PATCH=`sed -n 's/^ro.build.version.security_patch=//p' $MURENA_ROM_INFO`
@@ -65,12 +61,12 @@ then 
	if "$ADB_PATH" shell getprop ro.boot.vbmeta.device_state 2>&1 | grep "unlocked"

	then

		echo "Device is unlocked"

		exit 0

	else

		echo "Device is locked"

		exit 2

		# Device is locked and on stock ROM. The prop will NOT be spoofed and can be trusted.

		# NOTE: In case of an empty result we will skip locking later.

		"$ADB_PATH" shell getprop ro.build.version.security_patch> $SECURITY_PATCH

	fi

fi



#We are NOT on a stock ROM let's assume the job (unlock) is done and continue the process.

exit 0