From a933b43c02726c9ec412d3074833d941cd8c1ec2 Mon Sep 17 00:00:00 2001
From: Tianjie Xu <xunchang@google.com>
Date: Wed, 30 Oct 2019 10:37:32 -0700
Subject: [PATCH] Grant adb auth under recovery for unlocked & userdebug
 devices

During automatic tests, we sometimes want to reboot the device out of
the rescue party remotely. And per http://go/recovery-adb-access, we
need to grant the adb authorization to enable the adb access. The auth
are only granted for userdebug devices and those with an unlocked
bootloader. Since the user can always flash a custom recovery image if
the bootloader is unlocked.

This cl ignores the ro.adb.secure property under recovery. The other
option is to default this property to 0 when building the boot/recovery
image.

Bug: 141247819
Test: unlock bootloader, run adb under recovery in user build
Change-Id: I424cfed5bf51a1e31d8687256ae4c6eaaa5e6249
---
 adb/daemon/main.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/adb/daemon/main.cpp b/adb/daemon/main.cpp
index 9ebab740e..cbb5e693f 100644
--- a/adb/daemon/main.cpp
+++ b/adb/daemon/main.cpp
@@ -205,7 +205,11 @@ int adbd_main(int server_port) {
     // descriptor will always be open.
     adbd_cloexec_auth_socket();
 
-#if defined(ALLOW_ADBD_NO_AUTH)
+#if defined(__ANDROID_RECOVERY__)
+    if (is_device_unlocked() || __android_log_is_debuggable()) {
+        auth_required = false;
+    }
+#elif defined(ALLOW_ADBD_NO_AUTH)
     // If ro.adb.secure is unset, default to no authentication required.
     auth_required = android::base::GetBoolProperty("ro.adb.secure", false);
 #elif defined(__ANDROID__)