A/B OTA updates

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

A/B OTA updates

Vincent Victor
I want to understand about verification of OTA update package before updation in case of A/B updates. 

For non-A/B updates, it is mentioned on the Android website (https://source.android.com/devices/tech/ota/nonab) that:

Life of an OTA update
  1. A typical OTA update contains the following steps:

    1. Device performs regular check in with OTA servers and is notified of the availability of an update, including the URL of the update package and a description string to show the user.
    2. Update downloads to a cache or data partition, and its cryptographic signature is verified against the certificates in/system/etc/security/otacerts.zip. User is prompted to install the update.
    3. Device reboots into recovery mode, in which the kernel and system in the recovery partition are booted instead of the kernel in the boot partition.
    4. Recovery binary is started by init. It finds command-line arguments in /cache/recovery/command that point it to the downloaded package.
    5. Recovery verifies the cryptographic signature of the package against the public keys in /res/keys (part of the RAM disk contained in the recovery partition).
                   [...]

That is, OTA update is verified twice:
  • System verifies cryptographic signature against the certificates in/system/etc/security/otacerts.zip
  • Recovery verifies the cryptographic signature of the package against the public keys in /res/keys (part of the RAM disk contained in the recovery partition).
However, since A/B updates are applied by update_engine running in the regular booted system image, how OTA update package is verified before updation? In case of A/B updates, does system verifies cryptographic signature against the certificates in/system/etc/security/otacerts.zip? I am not able to find any such information for A/B updates on Android website.

Regards,
Vincent

--
You received this message because you are subscribed to the Google Groups "android-platform" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/android-platform.
For more options, visit https://groups.google.com/d/optout.