Merge "adb: Do not use fs_config unless we are root (try 2)." into main

3 files changed, 16 insertions, 23 deletions

diff --git a/daemon/file_sync_service.cpp b/daemon/file_sync_service.cpp
index 5891d30e..ab20e582 100644
--- a/daemon/file_sync_service.cpp
+++ b/daemon/file_sync_service.cpp
@@ -68,16 +68,6 @@ using android::base::Dirname;
 using android::base::Realpath;
 using android::base::StringPrintf;
 
-static bool should_use_fs_config(const std::string& path) {
-#if defined(__ANDROID__)
-    // TODO: use fs_config to configure permissions on /data too.
-    return !android::base::StartsWith(path, "/data/");
-#else
-    UNUSED(path);
-    return false;
-#endif
-}
-
 static bool update_capabilities(const char* path, uint64_t capabilities) {
 #if defined(__ANDROID__)
     if (capabilities == 0) {
@@ -119,9 +109,7 @@ static bool secure_mkdirs(const std::string& path) {
         }
         partial_path += path_component;
 
-        if (should_use_fs_config(partial_path)) {
-            adbd_fs_config(partial_path.c_str(), 1, nullptr, &uid, &gid, &mode, &capabilities);
-        }
+        adbd_fs_config(partial_path.c_str(), true, nullptr, &uid, &gid, &mode, &capabilities);
         if (adb_mkdir(partial_path.c_str(), mode) == -1) {
             if (errno != EEXIST) {
                 return false;
@@ -530,8 +518,8 @@ static bool send_impl(int s, const std::string& path, mode_t mode, CompressionTy
         uid_t uid = -1;
         gid_t gid = -1;
         uint64_t capabilities = 0;
-        if (should_use_fs_config(path) && !dry_run) {
-            adbd_fs_config(path.c_str(), 0, nullptr, &uid, &gid, &mode, &capabilities);
+        if (!dry_run) {
+            adbd_fs_config(path.c_str(), false, nullptr, &uid, &gid, &mode, &capabilities);
         }
 
         result = handle_send_file(s, path.c_str(), &timestamp, uid, gid, capabilities, mode,
diff --git a/libs/libadbd_fs/adbd_fs.cpp b/libs/libadbd_fs/adbd_fs.cpp
index 8e62d40d..e2425ef3 100644
--- a/libs/libadbd_fs/adbd_fs.cpp
+++ b/libs/libadbd_fs/adbd_fs.cpp
@@ -17,14 +17,19 @@
 #include <adbd_fs.h>
 
 #include <private/fs_config.h>
+#include <unistd.h>
 
 void adbd_fs_config(const char* path, int dir, const char* target_out_path, uid_t* uid, gid_t* gid,
                     mode_t* mode, uint64_t* capabilities) {
-  unsigned uid_hack;
-  unsigned gid_hack;
-  unsigned mode_hack;
-  fs_config(path, dir, target_out_path, &uid_hack, &gid_hack, &mode_hack, capabilities);
-  *uid = uid_hack;
-  *gid = gid_hack;
-  *mode = mode_hack;
+  // Only root has the necessary permissions to be able to apply fs_config.
+  if (getuid() != 0) {
+    return;
+  }
+  struct fs_config conf;
+  if (get_fs_config(path, dir, target_out_path, &conf)) {
+    *uid = conf.uid;
+    *gid = conf.gid;
+    *mode = conf.mode;
+    *capabilities = conf.capabilities;
+  }
 }
diff --git a/libs/libadbd_fs/include/adbd_fs.h b/libs/libadbd_fs/include/adbd_fs.h
index 6158d720..1c0895c6 100644
--- a/libs/libadbd_fs/include/adbd_fs.h
+++ b/libs/libadbd_fs/include/adbd_fs.h
@@ -20,7 +20,7 @@
 #include <sys/types.h>
 
 extern "C" {
-// Thin wrapper around libcutils fs_config.
+// Thin wrapper around libcutils get_fs_config.
 void adbd_fs_config(const char* path, int dir, const char* target_out_path, uid_t* uid, gid_t* gid,
                     mode_t* mode, uint64_t* capabilities);
 }