Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9fa61b4d authored by Bowgo Tsai's avatar Bowgo Tsai
Browse files

Revert "adbd: lessen security constraints when the device is unlocked" 

This reverts commit f1d3dbc3.

With the following changes to move /sbin/adbd to /system/bin/adbd,
we don't need this workaround anymore.

  https://android-review.googlesource.com/#/q/topic:move-adbd-to-system+(status:open+OR+status:merged)

Bug: 63313955
Bug: 63381692
Bug: 64822208
Test: 'adb root' works in VTS for a non-A/B device (userdebug GSI + user boot.img)

Change-Id: Ic1249d6abd7d6e6e7380a661df16d25447853a48
Merged-In: Ic1249d6abd7d6e6e7380a661df16d25447853a48
(cherry picked from commit 0603ec42)
parent a2f13358

adb/Android.mk

+1 −1
Original line number Diff line number Diff line
@@ -350,11 +350,11 @@ LOCAL_CFLAGS := \ 
    -D_GNU_SOURCE \

    -Wno-deprecated-declarations \



LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=$(if $(filter userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)

LOCAL_CFLAGS += -DALLOW_ADBD_NO_AUTH=$(if $(filter userdebug eng,$(TARGET_BUILD_VARIANT)),1,0)



ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))

LOCAL_CFLAGS += -DALLOW_ADBD_DISABLE_VERITY=1

LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=1

endif



LOCAL_MODULE := adbd

adb/daemon/main.cpp

+9 −15
Original line number Diff line number Diff line
@@ -49,23 +49,17 @@ 


static const char* root_seclabel = nullptr;



static inline bool is_device_unlocked() {

    return "orange" == android::base::GetProperty("ro.boot.verifiedbootstate", "");

}



static void drop_capabilities_bounding_set_if_needed(struct minijail *j) {

    if (ALLOW_ADBD_ROOT || is_device_unlocked()) {

#if defined(ALLOW_ADBD_ROOT)

    if (__android_log_is_debuggable()) {

        return;

    }

    }

#endif

    minijail_capbset_drop(j, CAP_TO_MASK(CAP_SETUID) | CAP_TO_MASK(CAP_SETGID));

}



static bool should_drop_privileges() {

    // "adb root" not allowed, always drop privileges.

    if (!ALLOW_ADBD_ROOT && !is_device_unlocked()) return true;



#if defined(ALLOW_ADBD_ROOT)

    // The properties that affect `adb root` and `adb unroot` are ro.secure and

    // ro.debuggable. In this context the names don't make the expected behavior

    // particularly obvious.
@@ -95,6 +89,9 @@ static bool should_drop_privileges() { 
    }



    return drop;

#else

    return true; // "adb root" not allowed, always drop privileges.

#endif // ALLOW_ADBD_ROOT

}



static void drop_privileges(int server_port) {
@@ -161,10 +158,7 @@ int adbd_main(int server_port) { 
    // descriptor will always be open.

    adbd_cloexec_auth_socket();



    // Respect ro.adb.secure in userdebug/eng builds (ALLOW_ADBD_NO_AUTH), or when the

    // device is unlocked.

    if ((ALLOW_ADBD_NO_AUTH || is_device_unlocked()) &&

        !android::base::GetBoolProperty("ro.adb.secure", false)) {

    if (ALLOW_ADBD_NO_AUTH && !android::base::GetBoolProperty("ro.adb.secure", false)) {

        auth_required = false;

    }