Use BUILDINFO to make sure we are not going backwards in time.

Input & OK deraadt

1 files changed, 12 insertions, 3 deletions

diff --git a/usr.sbin/sysupgrade/sysupgrade.sh b/usr.sbin/sysupgrade/sysupgrade.sh
index a30d13fad2f..8f43cad7cd8 100644
--- a/usr.sbin/sysupgrade/sysupgrade.sh
+++ b/usr.sbin/sysupgrade/sysupgrade.sh
@@ -1,6 +1,6 @@
 #!/bin/ksh
 #
-# $OpenBSD: sysupgrade.sh,v 1.50 2024/06/08 06:05:40 florian Exp $
+# $OpenBSD: sysupgrade.sh,v 1.51 2024/06/18 14:57:59 florian Exp $
 #
 # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback
 # Copyright (c) 2015 Robert Peichaer <rpe@openbsd.org>
@@ -161,9 +161,9 @@ if cmp -s /var/db/installed.SHA256 SHA256 && ! $FORCE; then
 	exit 0
 fi
 
-# INSTALL.*, bsd*, *.tgz
+# BUILDINFO INSTALL.*, bsd*, *.tgz
 SETS=$(sed -n -e 's/^SHA256 (\(.*\)) .*/\1/' \
-    -e '/^INSTALL\./p;/^bsd/p;/\.tgz$/p' SHA256)
+    -e '/^BUILDINFO$/p;/^INSTALL\./p;/^bsd/p;/\.tgz$/p' SHA256)
 
 OLD_FILES=$(ls)
 OLD_FILES=$(rmel SHA256 $OLD_FILES)
@@ -187,6 +187,15 @@ if [[ -n ${DL} ]]; then
 	unpriv cksum -qC SHA256 ${DL}
 fi
 
+if [[ -e /var/db/installed.BUILDINFO && -e BUILDINFO ]]; then
+	installed_build_ts=$(cut -f3 -d' ' /var/db/installed.BUILDINFO)
+	build_ts=$(cut -f3 -d' ' BUILDINFO)
+	if (( $build_ts < $installed_build_ts )) && ! $FORCE; then
+		echo "New snapshot is older than installed snapshot. Use -f to force upgrade."
+		exit 1
+	fi
+fi
+
 cat <<__EOT >/auto_upgrade.conf
 Location of sets = disk
 Pathname to the sets = ${SETSDIR}/