Gitiles
Code Review Sign In
review.blissroms.org / platform_system_core_old / 0c0aa2f8f2970eff0c3c067edafc521db21d5fd1^1..0c0aa2f8f2970eff0c3c067edafc521db21d5fd1 / .
commit0c0aa2f8f2970eff0c3c067edafc521db21d5fd1[log] [tgz]
authorBowgo Tsai <bowgotsai@google.com>Thu Aug 31 08:30:33 2017 +0000
committerandroid-build-merger <android-build-merger@google.com>Thu Aug 31 08:30:33 2017 +0000
tree67c1952ca53739bb71e9fbc2e3b27a7112f6ae80
parent1ed5ff6daf83bd4e44895535483235877dd2d57c [diff]
parente441add700046c9f41323d98502c5ab78e04cfdf [diff]
Merge "Revert "adbd: lessen security constraints when the device is unlocked"" am: 9638729a9d
am: 08a8c4209f

Change-Id: I22a007674b17d7bb1d23ddd49d73ba3a918cfe33

diff --git a/adb/Android.mk b/adb/Android.mk
index 64cf6d8..2b6df70 100644
--- a/adb/Android.mk
+++ b/adb/Android.mk

@@ -345,11 +345,11 @@
     -D_GNU_SOURCE \
     -Wno-deprecated-declarations \
 
-LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=$(if $(filter userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)
 LOCAL_CFLAGS += -DALLOW_ADBD_NO_AUTH=$(if $(filter userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)
 
 ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))
 LOCAL_CFLAGS += -DALLOW_ADBD_DISABLE_VERITY=1
+LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=1
 endif
 
 LOCAL_MODULE := adbd

diff --git a/adb/daemon/main.cpp b/adb/daemon/main.cpp
index e0629ab..1c94298 100644
--- a/adb/daemon/main.cpp
+++ b/adb/daemon/main.cpp

@@ -49,23 +49,17 @@
 
 static const char* root_seclabel = nullptr;
 
-static inline bool is_device_unlocked() {
-    return "orange" == android::base::GetProperty("ro.boot.verifiedbootstate", "");
-}
-
 static void drop_capabilities_bounding_set_if_needed(struct minijail *j) {
-    if (ALLOW_ADBD_ROOT || is_device_unlocked()) {
-        if (__android_log_is_debuggable()) {
-            return;
-        }
+#if defined(ALLOW_ADBD_ROOT)
+    if (__android_log_is_debuggable()) {
+        return;
     }
+#endif
     minijail_capbset_drop(j, CAP_TO_MASK(CAP_SETUID) | CAP_TO_MASK(CAP_SETGID));
 }
 
 static bool should_drop_privileges() {
-    // "adb root" not allowed, always drop privileges.
-    if (!ALLOW_ADBD_ROOT && !is_device_unlocked()) return true;
-
+#if defined(ALLOW_ADBD_ROOT)
     // The properties that affect `adb root` and `adb unroot` are ro.secure and
     // ro.debuggable. In this context the names don't make the expected behavior
     // particularly obvious.
@@ -95,6 +89,9 @@
     }
 
     return drop;
+#else
+    return true; // "adb root" not allowed, always drop privileges.
+#endif // ALLOW_ADBD_ROOT
 }
 
 static void drop_privileges(int server_port) {
@@ -161,10 +158,7 @@
     // descriptor will always be open.
     adbd_cloexec_auth_socket();
 
-    // Respect ro.adb.secure in userdebug/eng builds (ALLOW_ADBD_NO_AUTH), or when the
-    // device is unlocked.
-    if ((ALLOW_ADBD_NO_AUTH || is_device_unlocked()) &&
-        !android::base::GetBoolProperty("ro.adb.secure", false)) {
+    if (ALLOW_ADBD_NO_AUTH && !android::base::GetBoolProperty("ro.adb.secure", false)) {
         auth_required = false;
     }