Google Git
Sign in
android / platform / frameworks / base.git / fa00d60b1239b7f7830b2b818ef15993e4ebc217
commitfa00d60b1239b7f7830b2b818ef15993e4ebc217[log] [tgz]
authorBryan Henry <bryanhenry@google.com>Thu Jul 26 22:30:28 2018 -0700
committerandroid-build-team Robot <android-build-team-robot@google.com>Thu Jun 20 01:34:46 2019 +0000
tree1bdde61fa96faf466e40f78c3d6580c8f54c6dd9
parentd29c48e3c3165bd7ee50109a7ed633290caf429a [diff]
Collect APK certificates after an OTA, rather than relying on timestamps

Checking APK file modified timestamps is not a reliable signal to
determine that the APK signature may have changed. APKs in the system
image (anything that passes through add_img_to_target_files) have all
file timestamps rewritten to 2009-01-01, for instance, so timestamp will
explicitly fail to detect changes in the platform key across an OTA.

Bug: 80093599
Bug: 74501739
Test: Verified OTA between test-keys and dev-keys worked for 2 builds
with same APK timestamps, and signature changes were picked up.
Change-Id: Id3e5afbfe22e63d70cd176f1e438e2fa143ccd65
(cherry picked from commit 770f3579dcc5a1697e0e5c3474e8fa34fd21d3dd)
1 file changed
tree: 1bdde61fa96faf466e40f78c3d6580c8f54c6dd9
  1. apct-tests/
  2. api/
  3. cmds/
  4. config/
  5. core/
  6. data/
  7. docs/
  8. drm/
  9. graphics/
  10. keystore/
  11. libs/
  12. location/
  13. lowpan/
  14. media/
  15. native/
  16. nfc-extras/
  17. obex/
  18. opengl/
  19. packages/
  20. proto/
  21. rs/
  22. samples/
  23. sax/
  24. services/
  25. telecomm/
  26. telephony/
  27. test-base/
  28. test-legacy/
  29. test-mock/
  30. test-runner/
  31. tests/
  32. tools/
  33. vr/
  34. wifi/
  35. Android.bp
  36. Android.mk
  37. CleanSpec.mk
  38. MODULE_LICENSE_APACHE2
  39. NOTICE
  40. pathmap.mk
  41. PREUPLOAD.cfg