make persist.adb.tls_server.enable system property non-persistent

muhomorr · thestinger · commit cbbe8d97ad54 · 2024-06-11T13:18:34.000-04:00
persist.adb.tls_server.enable sysprop enables persistent network ADB, which severely weakens
verified boot.

Network ADB is disabled after each reboot by the system_server, but in a fragile way, see
frameworks/base/services/core/java/com/android/server/adb/AdbService.java

It's not clear whether this system_server behavior is intentional.
diff --git a/init/property_service.cpp b/init/property_service.cpp
@@ -1425,6 +1425,9 @@ static void HandleInitSocket() {
             for (const auto& property_record : persistent_properties.properties()) {
                 auto const& prop_name = property_record.name();
                 auto const& prop_value = property_record.value();
+                if (prop_name == "persist.adb.tls_server.enable") {
+                    continue;
+                }
                 InitPropertySet(prop_name, prop_value);
             }
 

Original file line number	Diff line number	Diff line change
`@@ -1425,6 +1425,9 @@ static void HandleInitSocket() {`
`1425`	`1425`	`for (const auto& property_record : persistent_properties.properties()) {`
`1426`	`1426`	`auto const& prop_name = property_record.name();`
`1427`	`1427`	`auto const& prop_value = property_record.value();`
	`1428`	`+ if (prop_name == "persist.adb.tls_server.enable") {`
	`1429`	`+ continue;`
	`1430`	`+ }`
`1428`	`1431`	`InitPropertySet(prop_name, prop_value);`
`1429`	`1432`	`}`
`1430`	`1433`