Android12 禁用adb

时间:2024-07-16 07:51:11

这种做法没有删除任何adb相关的东西,只是设置persist.sys.usb.config中的adb相关属性时添加宏控制。
userdebug版本一样可以禁用

添加宏开关
  • device/mediatek/mt6761/BoardConfig.mk
# for adb
ADB_ENABLE:=false
添加ro.adb.enabled属性
  • build/make/core/main.mk
# for adb
ifeq (true,$(strip $(ADB_ENABLE)))
  ADDITIONAL_SYSTEM_PROPERTIES += ro.adb.enabled=1
else
  ADDITIONAL_SYSTEM_PROPERTIES += ro.adb.enabled=0
endif
根据ro.adb.enabled设置persist.sys.usb.config
  • system/core/init/property_service.cpp
static uint32_t PropertySet(const std::string& name, const std::string& value, std::string* error) {
	// for adb 
    if (name == "persist.sys.usb.config" /*|| name == "sys.usb.config"*/){
        LOG(INFO) << " name= " << name << " value= " << value;
        std::string adb_value = GetProperty("ro.adb.enabled", "0");
        if (adb_value == "0"){
            if (value.find("adb") != std::string::npos){
                LOG(ERROR) << " ro.adb.enabled is 0, adb is not allowed ";
                return PROP_SUCCESS;
            }
        }
    }
	// end
	
    size_t valuelen = value.size();

    if (!IsLegalPropertyName(name)) {
        *error = "Illegal property name";
        return PROP_ERROR_INVALID_NAME;
    }

    if (auto result = IsLegalPropertyValue(name, value); !result.ok()) {
        *error = result.error().message();
        return PROP_ERROR_INVALID_VALUE;
    }
#ifdef MTK_LOG
    SnapshotPropertyFlowTraceLog("_spf");
#endif
    prop_info* pi = (prop_info*) __system_property_find(name.c_str());
    if (pi != nullptr) {
        // ro.* properties are actually "write-once".
        if (StartsWith(name, "ro.")) {
            *error = "Read-only property was already set";
            return PROP_ERROR_READ_ONLY_PROPERTY;
        }

#ifdef MTK_LOG
        SnapshotPropertyFlowTraceLog("_spu");
#endif
        __system_property_update(pi, value.c_str(), valuelen);
    } else {
#ifdef MTK_LOG
        SnapshotPropertyFlowTraceLog("_spa");
#endif
        int rc = __system_property_add(name.c_str(), name.size(), value.c_str(), valuelen);
        if (rc < 0) {
            *error = "__system_property_add failed";
            return PROP_ERROR_SET_FAILED;
        }
    }

    // Don't write properties to disk until after we have read all default
    // properties to prevent them from being overwritten by default values.
    if (persistent_properties_loaded && StartsWith(name, "persist.")) {
        WritePersistentProperty(name, value);
    }
    // If init hasn't started its main loop, then it won't be handling property changed messages
    // anyway, so there's no need to try to send them.
    auto lock = std::lock_guard{accept_messages_lock};
    if (accept_messages) {
#ifdef MTK_LOG
        SnapshotPropertyFlowTraceLog("SPC");
#endif
        PropertyChanged(name, value);
    }

#ifdef MTK_LOG
    if (GetMTKLOGDISABLERATELIMIT()) // MTK add log
        PropSetLog(name, value, error);
#endif

    return PROP_SUCCESS;
}
相关UI及开发者模式控制
  • frameworks/base/core/java/android/os/Build.java
 /*
  * True if Adb is enabled
  */
  public static final boolean IS_ADB_ENABLED =
        SystemProperties.getInt("ro.adb.enabled", 0) == 1;  
        
  • vendor/mediatek/proprietary/packages/apps/MtkSettings/src/com/android/settings/SettingsActivity.java
 // True if Adb is enabled
 final boolean showDev = Build.IS_ADB_ENABLED/*DevelopmentSettingsEnabler.isDevelopmentSettingsEnabled(this)
              && !Utils.isMonkeyRunning()*/;
 somethingChanged = setTileEnabled(changedList, new ComponentName(packageName,
                 Settings.DevelopmentSettingsDashboardActivity.class.getName()),
              showDev, isAdmin)
              || somethingChanged;
  • vendor/mediatek/proprietary/packages/apps/MtkSettings/src/com/android/settings/connecteddevice/usb/UsbDetailsFunctionsController.java
 @Override
 public boolean isAvailable() {
 	// for adb
    // True if Adb is enabled
    return Build.IS_ADB_ENABLED/*!Utils.isMonkeyRunning()*/;
 }
  • vendor/mediatek/proprietary/packages/apps/MtkSettings/src/com/android/settings/deviceinfo/BuildNumberPreferenceController.java
 @Override
 public boolean handlePreferenceTreeClick(Preference preference) {
 	 // for adb
     if (preference.getKey().equals("build_number")){
         if (!Build.IS_ADB_ENABLED){
             preference.setSelectable(false);
         }
     }
	 // end
     if (!TextUtils.equals(preference.getKey(), getPreferenceKey())) {
         return false;
     }
     ...
 }

修改完后,连接USB不会显示功能选择列表,无法连点调出开发者模式。

测试

编译完成后,build.prop中显示

ro.adb.enabled=0
... 
# Auto-added by post_process_props.py
persist.sys.usb.config=adb
# end of file

命令窗口显示

C:\Users\dell>adb devices
List of devices attached


C:\Users\dell>