From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Dmitry Muhomor <muhomor.dmitry@gmail.com>
Date: Tue, 27 Dec 2022 11:40:14 +0200
Subject: [PATCH] don't allow updating system packages to the same versionCode

versionCode of many system packages, including privileged ones, is set to the current SDK version
and is thus not incremented during non-major OS upgrades.
This allowed to downgrade them to the older version that had the same versionCode.
---
 .../java/com/android/server/pm/InstallPackageHelper.java   | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/services/core/java/com/android/server/pm/InstallPackageHelper.java b/services/core/java/com/android/server/pm/InstallPackageHelper.java
index 7da5f51bcbc2..0f3802ac794b 100644
--- a/services/core/java/com/android/server/pm/InstallPackageHelper.java
+++ b/services/core/java/com/android/server/pm/InstallPackageHelper.java
@@ -2466,6 +2466,13 @@ final class InstallPackageHelper {
                     }
                 }
             }
+
+            if (!Build.isDebuggable() && dataOwnerPkg != null && dataOwnerPkg.isSystem()) {
+                if (dataOwnerPkg.getLongVersionCode() == pkgLite.getLongVersionCode()) {
+                    return Pair.create(INSTALL_FAILED_SESSION_INVALID,
+                            "Not allowed to update system package to the same versionCode");
+                }
+            }
         }
         return Pair.create(PackageManager.INSTALL_SUCCEEDED, null);
     }