From 7d5c341962e9721bdeecdb36c37511e1d8c25e23 Mon Sep 17 00:00:00 2001
From: Tianjie Xu <xunchang@google.com>
Date: Tue, 29 Oct 2019 21:44:39 -0700
Subject: Start adbd in user mode if bootloader is unlocked

During automatic tests, we sometimes want to reboot the device out of
the rescue party remotely. And per http://go/recovery-adb-access, one
option is to start adbd in user build if the device has an unlocked
bootloader. This should not add more surface of attack. Because verified
boot is off with the unlocked bootloader, and the user can always flash
a custom recovery image that always starts adbd.

Bug: 141247819
Test: check adbd doesn't start in user build, unlock bootloader, and
check adbd starts.

Change-Id: I851746245f862cb4dfb01e6c3ad035f2c9f9ccec
---
 etc/init.rc       | 4 ++++
 recovery_main.cpp | 8 +++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/etc/init.rc b/etc/init.rc
index 0822aba03..9786f6104 100644
--- a/etc/init.rc
+++ b/etc/init.rc
@@ -99,6 +99,10 @@ on property:service.adb.root=1
 on fs && property:ro.debuggable=1
     setprop sys.usb.config adb
 
+# Also start adbd on user build with an unlocked bootloader
+on fs && property:ro.debuggable=0 && androidboot.verifiedbootstate=orange
+    setprop sys.usb.config adb
+
 on fs && property:sys.usb.configfs=1
     mount configfs none /config
     mkdir /config/usb_gadget/g1 0770 shell shell
diff --git a/recovery_main.cpp b/recovery_main.cpp
index 89253dcd2..30a1fc0a4 100644
--- a/recovery_main.cpp
+++ b/recovery_main.cpp
@@ -69,6 +69,10 @@ static bool IsRoDebuggable() {
   return android::base::GetBoolProperty("ro.debuggable", false);
 }
 
+static bool IsDeviceUnlocked() {
+  return "orange" == android::base::GetProperty("ro.boot.verifiedbootstate", "");
+}
+
 static void UiLogger(android::base::LogId /* id */, android::base::LogSeverity severity,
                      const char* /* tag */, const char* /* file */, unsigned int /* line */,
                      const char* message) {
@@ -463,7 +467,9 @@ int main(int argc, char** argv) {
   listener_thread.detach();
 
   while (true) {
-    std::string usb_config = fastboot ? "fastboot" : IsRoDebuggable() ? "adb" : "none";
+    // We start adbd in recovery for the device with userdebug build or a unlocked bootloader.
+    std::string usb_config =
+        fastboot ? "fastboot" : IsRoDebuggable() || IsDeviceUnlocked() ? "adb" : "none";
     std::string usb_state = android::base::GetProperty("sys.usb.state", "none");
     if (usb_config != usb_state) {
       if (!SetUsbConfig("none")) {
-- 
cgit v1.2.3