The initial PQ2A.190405.003.2019.04.01.19 release of GrapheneOS for the Pixel 2 and 2 XL is ready and I'm hard at work on finalizing it for the Pixel 3 and 3 XL. I'll be doing the official announcement once everything is actually released. There are some issues left to resolve.
Conversation
Replying to
There's a serious issue when doing an over-the-air update from the March release of the AndroidHardening project to GrapheneOS. It doesn't occur when sideloading, despite both using essentially the same update_engine implementation. Thankfully, I always test the upgrade path.
1
For each release, I always upload the releases to the update server and use a special testing channel not exposed via the app UI to make sure the update package works as an over-the-air update. Afterwards, I test that the future upgrade path works to temporary sample releases.
1
1
This is my priority when testing, above everything else. It's very important to maintain the upgrade path. I used to test the incremental updates too, which I'll do again when GrapheneOS starts using them. That's why I switched to only using incrementals for previous -> current.
1
1
I also plan to add support for multiple update domains, with it choosing a random one and perhaps cycling through them on failure. Relying on a single domain was an exploitable weakness used cripple the project before. It was a mistake to trust the company sponsoring the project.
2