make persist.adb.tls_server.enable system property non-persistent

muhomorr · thestinger · commit 452779a46114 · 2024-03-04T21:21:52.000-05:00
persist.adb.tls_server.enable sysprop enables persistent network ADB, which severely weakens
verified boot.

Network ADB is disabled after each reboot by the system_server, but in a fragile way, see
frameworks/base/services/core/java/com/android/server/adb/AdbService.java

It's not clear whether this system_server behavior is intentional.
diff --git a/init/property_service.cpp b/init/property_service.cpp
@@ -1428,6 +1428,9 @@ static void HandleInitSocket() {
             auto persistent_properties = LoadPersistentProperties();
             for (const auto& property_record : persistent_properties.properties()) {
                 auto const& prop_name = property_record.name();
+                if (prop_name == "persist.adb.tls_server.enable") {
+                    continue;
+                }
                 auto const& prop_value = property_record.value();
                 InitPropertySet(prop_name, prop_value);
             }
