Merge "Revert "adb: Do not use fs_config unless we are root."" into main

1 files changed, 10 insertions, 5 deletions

diff --git a/daemon/file_sync_service.cpp b/daemon/file_sync_service.cpp
index a549beee..5891d30e 100644
--- a/daemon/file_sync_service.cpp
+++ b/daemon/file_sync_service.cpp
@@ -68,9 +68,14 @@ using android::base::Dirname;
 using android::base::Realpath;
 using android::base::StringPrintf;
 
-static bool should_use_fs_config() {
-    // Only root has the necessary permissions to be able to apply fs_config.
-    return getuid() == 0;
+static bool should_use_fs_config(const std::string& path) {
+#if defined(__ANDROID__)
+    // TODO: use fs_config to configure permissions on /data too.
+    return !android::base::StartsWith(path, "/data/");
+#else
+    UNUSED(path);
+    return false;
+#endif
 }
 
 static bool update_capabilities(const char* path, uint64_t capabilities) {
@@ -114,7 +119,7 @@ static bool secure_mkdirs(const std::string& path) {
         }
         partial_path += path_component;
 
-        if (should_use_fs_config()) {
+        if (should_use_fs_config(partial_path)) {
             adbd_fs_config(partial_path.c_str(), 1, nullptr, &uid, &gid, &mode, &capabilities);
         }
         if (adb_mkdir(partial_path.c_str(), mode) == -1) {
@@ -525,7 +530,7 @@ static bool send_impl(int s, const std::string& path, mode_t mode, CompressionTy
         uid_t uid = -1;
         gid_t gid = -1;
         uint64_t capabilities = 0;
-        if (should_use_fs_config() && !dry_run) {
+        if (should_use_fs_config(path) && !dry_run) {
             adbd_fs_config(path.c_str(), 0, nullptr, &uid, &gid, &mode, &capabilities);
         }