ubuntu-device-flash should verify signature in cache matches current keyring before flashing
Bug #1455605 reported by
Dave Morley
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
goget-ubuntu-touch (Ubuntu) |
Confirmed
|
Critical
|
Unassigned |
Bug Description
Now and then an image will fail to flash everything looks good but the image is corrupt. This leads to a gpg check on the phone failing and the image not installing and a non functioning device.
If there is an issue it should throw up an error that asks the user to remove .cache/ubuntuimages and try again.
description: | updated |
affects: | phablet-tools (Ubuntu) → goget-ubuntu-touch (Ubuntu) |
summary: |
- ubuntu-device-flash should run a checksum before it starts flashing + ubuntu-device-flash should verify signature in cache matches current + keyring before flashing |
Changed in goget-ubuntu-touch (Ubuntu): | |
importance: | Undecided → Critical |
To post a comment you must log in.
It should not ask the user to manually remove .cache/ ubuntuimages. udf should manage this cache directly, and if anything fails integrity checks on download it should not be committed to the .cache.
udf should also check when /reading/ a file from the cache that it passes the integrity checks while writing it to the connected device.
Note that the trigger for filing this bug report was a BQ phone whose recovery partition (correctly!) failed to flash the ubuntu partition with an image that failed gpg signature check. But ideally this image would not have gotten onto the phone in the first place if it was corrupted. (I'm assuming this was what happened - Dave, you tried flashing the image onto the device more than once?)