Conversation

Some Pixel users are upset by the fact that the Pixel 6 cannot revert from Android 13 back to Android 12. I thought it might be helpful to write a short thread on anti-rollback counters, what they are and why they should be used a lot more. 🧵 1/7

130

691

Replying to

Isn't rollback protection exist in android from long time? I have been seeing this written in AVB 2.0 specs that recommends to store the magic number of major updates in tamper resistant storage like eFuse to prevent downgrade. What will happen if the SoC runs out of eFuse?

Replying to

and

Pixels provide rollback protection for the OS via the secure element. It's enforced when the device is locked and the values can be decreased when the device is unlocked. Not done with fuses. Secure element firmware has actively used rollback protection that's not reversible.

Replying to

and

This is the first time they've incremented rollback counter for the boot chain firmware. They previously weren't using the capability to do it because it's inconvenient for development since you can't flash the older factory images anymore. It was there but not used as intended.

3:29 PM · Aug 19, 2022Twitter Web App

Replying to

and

They did cause some backwards incompatibility with prior OS versions via secure element upgrades that aren't reversible. The old OS versions still boot but if you try to use StrongBox key attestation on Android 11 after updating to Android 12 Beta or Android 12, it doesn't work.