Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_core / 9b30c0a7e6e72c9a66a7d18ef2f1d41fd00a875b^! / . / adb / Android.bp
commit9b30c0a7e6e72c9a66a7d18ef2f1d41fd00a875b[log] [tgz]
authorBowgo Tsai <bowgotsai@google.com>Tue Mar 12 04:25:33 2019 +0800
committerBowgo Tsai <bowgotsai@google.com>Fri Mar 15 03:04:46 2019 +0800
tree9b1f6ac0aa21de24890ba84026048e5ba4084f8e
parent9d3310c019839ec342b5c0712f3ba59cfd5ca4a0 [diff] [blame]
adbd: allowing adb root when the device is unlocked

As there is no security guarantee when the device is unlocked,
allowing adb root gives us more rooms to debug a USER build images.

Also, this makes it possible to run VTS on a USER build GSI, with
setting ro.debuggable=1 and unlocking the device.

This basically re-lands a reverted change:
https://android-review.googlesource.com/c/platform/system/core/+/437815

Which isn't needed after we moved /sbin/adbd to /system/bin/adbd in
USERDEBUG GSI. But it's still needed for USER build GSI.

Bug: 126493225
Test: unlock a USER build device, check 'adb root' can work
Change-Id: I93f12c8a3fe65c96c947e4602795eadfe591c521

diff --git a/adb/Android.bp b/adb/Android.bp
index 1e085a7..01e00dd 100644
--- a/adb/Android.bp
+++ b/adb/Android.bp

@@ -24,7 +24,8 @@
         "-Wno-missing-field-initializers",
         "-Wthread-safety",
         "-Wvla",
-        "-DADB_HOST=1", // overridden by adbd_defaults
+        "-DADB_HOST=1",         // overridden by adbd_defaults
+        "-DALLOW_ADBD_ROOT=0",  // overridden by adbd_defaults
     ],
     cpp_std: "experimental",
 
@@ -79,7 +80,8 @@
     product_variables: {
         debuggable: {
             cflags: [
-                "-DALLOW_ADBD_ROOT",
+                "-UALLOW_ADBD_ROOT",
+                "-DALLOW_ADBD_ROOT=1",
                 "-DALLOW_ADBD_DISABLE_VERITY",
                 "-DALLOW_ADBD_NO_AUTH",
             ],