From 14d960a627aff22c6fbc623770d3101f58ca359d Mon Sep 17 00:00:00 2001
From: Shawn Willden <swillden@google.com>
Date: Thu, 1 Sep 2016 11:08:35 -0600
Subject: Don't reject OS version "upgrades" to zero.

b/31208182

Change-Id: I737156aa09345389777ae22b9a8614dfcf8439a5
(cherry picked from commit a23b44c8a5ba14b86d79813f66586774044b0576)
---
 soft_keymaster_context.cpp | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/soft_keymaster_context.cpp b/soft_keymaster_context.cpp
index 087439a..10ce893 100644
--- a/soft_keymaster_context.cpp
+++ b/soft_keymaster_context.cpp
@@ -493,6 +493,21 @@ keymaster_error_t SoftKeymasterContext::UpgradeKeyBlob(const KeymasterKeyBlob& k
 
     // Handle cases 1 & 2.
     bool set_changed = false;
+
+    if (os_version_ == 0) {
+        // We need to allow "upgrading" OS version to zero, to support upgrading from proper
+        // numbered releases to unnumbered development and preview releases.
+
+        int key_os_version_pos = sw_enforced.find(TAG_OS_VERSION);
+        if (key_os_version_pos != -1) {
+            uint32_t key_os_version = sw_enforced[key_os_version_pos].integer;
+            if (key_os_version != 0) {
+                sw_enforced[key_os_version_pos].integer = os_version_;
+                set_changed = true;
+            }
+        }
+    }
+
     if (!UpgradeIntegerTag(TAG_OS_VERSION, os_version_, &sw_enforced, &set_changed) ||
         !UpgradeIntegerTag(TAG_OS_PATCHLEVEL, os_patchlevel_, &sw_enforced, &set_changed))
         // One of the version fields would have been a downgrade. Not allowed.
-- 
cgit v1.2.3