app: aboot: Check device's status in cmd_flash_meta_img before flashing

It is risky that the device will bypass the critical partition when device is locked. Because the image maybe a package of all partitions. So forbid to flash image when device is locked. CRs-Fixed: 982266 Change-Id: I0fff412419702e11bd4098e572be37e9dac20cf0
author: lijuang <lijuang@codeaurora.org> 2016-04-19 16:57:11 +0800
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2016-05-04 19:33:43 -0700
commit: 44770f4899ead4610ccfc1d7e856758f403b0323 (patch)
tree: 09cf04aace583580847e90ec837a686418967a38
parent: 689e0e1f51b3dcea770408c180246799ec6948c6 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/app/aboot/aboot.c b/app/aboot/aboot.c
index bc485dd8..846ff0ac 100644
--- a/app/aboot/aboot.c
+++ b/app/aboot/aboot.c
@@ -2593,6 +2593,26 @@ void cmd_flash_meta_img(const char *arg, void *data, unsigned sz)
 	meta_header_t *meta_header;
 	img_header_entry_t *img_header_entry;
 
+	/* If device is locked:
+	 * Forbid to flash image to avoid the device to bypass the image
+	 * which with "any" name other than bootloader. Because it maybe
+	 * a meta package of all partitions.
+	 */
+#if VERIFIED_BOOT
+	if (target_build_variant_user()) {
+		if (!device.is_unlocked) {
+			fastboot_fail("Device is locked, meta image flashing is not allowed");
+			return;
+		}
+#if !VBOOT_MOTA
+		if(!device.is_unlock_critical) {
+			fastboot_fail("Device is critical locked, Meta image flashing is not allowed");
+			return;
+		}
+#endif
+	}
+#endif
+
 	meta_header = (meta_header_t*) data;
 	img_header_entry = (img_header_entry_t*) (data+sizeof(meta_header_t));
author	lijuang <lijuang@codeaurora.org>	2016-04-19 16:57:11 +0800
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2016-05-04 19:33:43 -0700
commit	44770f4899ead4610ccfc1d7e856758f403b0323 (patch)
tree	09cf04aace583580847e90ec837a686418967a38
parent	689e0e1f51b3dcea770408c180246799ec6948c6 (diff)