Reinstating the __ANROID_RECOVERY__ part of b/158156979 (removal of preprocessor guards for root/secure: https://android-review.googlesource.com/c/platform/system/core/+/1324037/).
Bug: 188703874
Test: Recovery execution path tested by williamhester@
adbd regression testing for non-recovery execution (TBD)
Signed-off-by: Shaju Mathew <shaju@google.com>
Change-Id: I3b7cc1f49f25dbfa3c5da954242461721aa3761f
diff --git a/daemon/main.cpp b/daemon/main.cpp
index 4b3cf6d..d97e8f9 100644
--- a/daemon/main.cpp
+++ b/daemon/main.cpp
@@ -207,10 +207,18 @@
adbd_cloexec_auth_socket();
#if defined(__ANDROID__)
- // If we're on userdebug/eng or the device is unlocked, permit no-authentication.
- bool device_unlocked = "orange" == android::base::GetProperty("ro.boot.verifiedbootstate", "");
- if (__android_log_is_debuggable() || device_unlocked) {
+ bool device_unlocked = android::base::GetProperty("ro.boot.verifiedbootstate", "") == "orange";
+ if (device_unlocked || __android_log_is_debuggable()) {
+#if defined(__ANDROID_RECOVERY__)
+ auth_required = false; // Bypass authorization when the device transitions to
+ // fastbootd (from recovery). A corrupt userdata image can potentially
+ // result in the device falling into rescue, and a subsequent fastboot
+ // state should not require authorization - otherwise, it will force the
+ // need for manual intervention(b/188703874).
+#else
+ // If we're on userdebug/eng or the device is unlocked, permit no-authentication.
auth_required = android::base::GetBoolProperty("ro.adb.secure", false);
+#endif
}
#endif
