search

GrapheneOS / os-issue-tracker

Issue tracker for GrapheneOS Android Open Source Project hardening work. Standalone projects like Auditor, AttestationServer and hardened_malloc have their own dedicated trackers.
https://grapheneos.org/
358 stars 21 forks source link

OS installer should check if board is a mass production variant #831

Closed flawedworld closed 1 year ago

flawedworld commented 2 years ago

Google Pixel devices declare their board variants in fastboot and board variants can be obtained via device props. An example is given below.

[ro.boot.hardware.revision]: [MP1.0]
[ro.boot.revision]: [MP1.0]
[ro.revision]: [MP1.0]

Rarely, users buy devices which are EVT, PVT, DVT or other pre-production/development variants from auction sites or flea markets which are not for production usage and have hardware/firmware/software/security issues by their very nature. We should ensure that we warn users who may be running non MP hardware and implement such checks at installation time.

thestinger commented 1 year ago

I think it's enough that the OS shows it.

thestinger commented 1 year ago

They will find out once they install GrapheneOS.