adb: Use Minijail for privilege dropping.
By using Minijail we avoid writing the same priv-dropping code over
and over again. This also enables future hardening opportunities.
We're already using Minijail for priv-dropping on Brillo.
Minijail is unit- and integration-tested on the
Chrome OS CI infrastructure (pulling from the same repo, see
https://wmatrix.googleplex.com/security?tests=security_Minijail0).
Once CI comes to Android, it will be continuously tested there as well.
Both 'adb root' and 'adb unroot' still work.
Bug: 26099611
Change-Id: I52c456ea272d27bd6fbc71200f4fdd928a592158
diff --git a/adb/Android.mk b/adb/Android.mk
index fe3c9cc..cb6da62 100644
--- a/adb/Android.mk
+++ b/adb/Android.mk
@@ -346,6 +346,9 @@
libsquashfs_utils \
libcutils \
libbase \
- libcrypto_static
+ libcrypto_static \
+ libminijail \
+ libminijail_generated \
+ libcap
include $(BUILD_EXECUTABLE)