Commit Graph

31 Commits

Author SHA1 Message Date
Elliott Hughes ccecf14254 system/core 64-bit cleanup.
This cleans up most of the size-related problems in system/core.
There are still a few changes needed for a clean 64-bit build,
but they look like they might require changes to things like the
fastboot protocol.

Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
2014-01-16 12:54:18 -08:00
David 'Digit' Turner 818d641c42 adb: Check sender's socket id when receiving packets.
handle_packet() in adb.c didn't check that when an A_WRTE packet is
received, the sender's local-id matches the socket's peer id.

This meant that a compromised adbd server could sent packets to
the host adb server, spoofing the identity of another connected
device if it could "guess" the right host socket id.

This patch gets rid of the issue by enforcing even more checks
to ensure that all packets comply with the description in
protocol.txt.

+ Fix a bug where closing a local socket associated with a
  remote one would always send an A_CLSE(0, remote-id, "")
  message, though protocol.txt says that should only happen
  for failed opens.

  The issue was that local_socket_close() called
  remote_socket_close() after clearing the remote socket's
  'peer' field.

  The fix introduces a new asocket optional callback,
  named 'shutdown' that is called before that, and is
  used to send the A_CLSE() message with the right ID
  in remote_socket_shutdown().

  Also add some code in handle_packet() to detect
  invalid close commands.

Change-Id: I9098bc8c6e81f8809334b060e5dca4fc92e6fbc9
2013-12-16 17:58:08 +01:00
Benoit Goby 9470c2f1ab adb: Cleanup dead code
dns_service is unused and recover_service has been replaced by adb
sideload

Change-Id: Ie90000d7f672e8299ee1622a9690c7371b214dc1
2013-04-24 21:31:45 -07:00
Benoit Goby 66086a586f am 504dccec: am aeceb517: adb: Fix adb tcpip command
* commit '504dccec97c12283f348838ba0bf88536322ee6b':
  adb: Fix adb tcpip command
2012-06-12 16:46:48 -07:00
Benoit Goby aeceb51745 adb: Fix adb tcpip command
When running "adb tcpip 5555", adb create a service socket named
"tcpip:5555". Only compare the 6 first chars "tcpip:" to decide if
we enable exit_on_close.

Bug: 6650130
Change-Id: I0835973de044f1cfde0e859ff0277c0ccc2630a3
2012-06-12 16:14:58 -07:00
Scott Anderson 0e9e13eb46 am 2ca3e6b3: adb: Generalizing -s to take qualifiers.
* commit '2ca3e6b35f79136418ebc32fef57580698dbd045':
  adb: Generalizing -s to take qualifiers.
2012-06-05 16:21:04 -07:00
Scott Anderson 2ca3e6b35f adb: Generalizing -s to take qualifiers.
Prior to this change, -s could take either a serial number or a
device path (e.g. "-s 01498B1F02015015" or "-s usb:1-4.2").  This
change extends -s to also allow product, model or device names
(e.g. "-s product:mysid").  These new qualifiers will only be
available on devices that are running an adb daemon that provides
properties in the connect message per Change-Id:
    I09200decde4facb8fc9b4056fdae910155f2bcb9

The product, model and device are derived from the
ro.product.name, ro.product.model and ro.product.device
properties respectively.  They are prefixed with "product:",
"model:" or "device:" as appropriate.  In addition, any
non-alphanumerics in the model are changed to underscores.

If the -s parameter matches multiple devices, the result will be
the same as when multiple devices are connected but no -d, -e or
-s option is specified.  In general, this means the user will get
"error: more than one device".  However for get-state,
get-devpath and get-serialno, they will get "unknown".

The format of "devices -l" was changed to list all of the
qualifiers that are available.  The following example output
(with the last digits of the serial numbers replaced with X's) is
with a Galaxy Prime with an older adb daemon and another Galaxy
Prime and Galaxy S both with the enhanced adb daemons:

List of devices attached
016B75D60A0060XX       device usb:2-5 product:mysid model:Galaxy_Nexus device:toro
3731B535FAC200XX       device usb:1-4.2 product:soju model:Nexus_S device:crespo
01498B1F020150XX       device usb:1-4.1

Note that the serial number and state are now column oriented
instead of tab delimited.  After the serial number and state, all
qualifiers are listed with each preceded by a space.  The output
of the original devices command (without -l) is unchanged.

Change-Id: Iceeb2789874effc25a630d514a375d6f1889dc56
Signed-off-by: Scott Anderson <saa@android.com>
2012-06-05 11:13:40 -07:00
Scott Anderson e5867141c9 am 3608d832: adb: Fix two problems with device path implementation.
* commit '3608d832425ca3a6d00c4040f3bb979c5aa49899':
  adb: Fix two problems with device path implementation.
2012-06-01 11:08:08 -07:00
Scott Anderson 3608d83242 adb: Fix two problems with device path implementation.
The commands that use "host-serial:<serial-number>:<request>"
service did not handle "-s usb:<path>".  The -s parameter is
passed as the serial number in the protocol and then matched
against either the serial number or device path.  However,
skip_host_serial() in sockets.c did not know about the usb:
syntax, the serial number was parsed incorrectly.  Before this
change:
	$ adb -s usb:1-4.1 get-state
	error: unknown host service
After:
	$ adb -s usb:1-4.1 get-state
	device

Code was added in find_transport() in transport.c to match device
paths, but find_transport() is only used for socket connections
so matching device paths is not needed.

Change-Id: I922cec963659dafadd0fbc8fa36dee3b55fe366c
Signed-off-by: Scott Anderson <saa@android.com>
2012-05-31 14:06:07 -07:00
JP Abgrall f91259a8f0 adb: fix non-linux builds. tcpip:, root:, usb: are not for ADB_HOST
The handling of adb root:/tpcip:/usb: is normally only for non-ADB_HOST.
This avoids getuid() being invoked on windows builds.

Change-Id: I365b81d9f70de99b9347d3eac82e690a8ac5e747
2012-03-30 13:19:11 -07:00
JP Abgrall d7f1feb5c8 adb: fix exit of "adb root" when it is a no-op.
"adb root" creates a socket, then starts the service.
Socket creation should not set the exit_on_close when the service will be
a no-op.

Bug: 6259353
Change-Id: Ie526d2fad64f39a48051ed0ff6fb3405c2802ced
2012-03-30 11:19:16 -07:00
Benoit Goby f366b3698b adb: Don't synchronize with transport using sleep
Services that cause adbd to reboot are currently implemented this way:
    write(fd, response)
    close(fd)
    sleep(1)
    exit(1)
sleep(1) is necessary to leave time for the transport to transmit
the response before the daemon exits. This is slow and unreliable.
Instead, add a flag to the asocket to make it exit the daemon only
after the socket is closed.

Change-Id: I9df45ea6221f0d9b828703b9b2316a5d4fe59352
2012-03-16 15:30:05 -07:00
Mike Lockwood 07edefe4ce Revert "adb: kick the transport after sending the "adb root" command"
This reverts commit d15e6ac95d.

Also increment adb version to 1.0.29

Change-Id: I890643f0c18a2fe90f170134df039c54116cecda
Signed-off-by: Mike Lockwood <lockwood@android.com>
2011-06-22 07:15:44 -04:00
Christopher Tate 5b811fa5dd Tidy up the end-of-data handling in backup
* Increase transfer buffer size to 32K
* Add logging about error conditions and fd teardown
* Pass the fd number as a command line option to the 'bu' subprocess
* Properly harvest the 'bu' subprocess after it's done

Change-Id: Id44dde25778ecf43c5604fd9d01d726ba58861e5
2011-06-20 16:19:42 -07:00
Kenny Root b0a8aae3ed Use adb_sleep_ms for Cygwin compat
Change-Id: Iabb2cddfb6740a35e4b6b1563a81b64972c29453
2011-06-15 20:03:49 -07:00
Mike Lockwood d15e6ac95d adb: kick the transport after sending the "adb root" command
This is needed because the USB driver on the device no longer resets the bus
when exits and restarts.
Since the host side adb no longer detects that adbd has restarted we need
to reset the connection on the host side now.

Change-Id: I1a8eabd292e8b45c34fa07a8a8b8c609cc15648d
Signed-off-by: Mike Lockwood <lockwood@android.com>
2011-06-12 16:09:27 -04:00
Nick Kralevich 37b9fc6e7c am 4ba5a8ac: am eafcbe10: am 072a0fac: Merge "Fixed adb crash due to accessing freed memory"
* commit '4ba5a8acba033127befd184f2f78cf0580995b07':
  Fixed adb crash due to accessing freed memory
2011-06-09 11:27:11 -07:00
Tom Marlin 49f1857dd8 Fixed adb crash due to accessing freed memory
Reset peers to NULL after closing them down. This prevents
other code from attempting to access that freed memory
(which prevents crashes). Previously, it left pointers to
freed memory and the "if (s->peer)" guards could not block
the attempt to access that memory later. Resolves many
crashes seen while taking repeated screenshots on WinXP.

Change-Id: I32553f4d19f6ddc9b05b6ab4dc1e9efe69e5be4f
2011-06-03 11:29:17 -05:00
JP Abgrall 112445b8a7 adb: Don't allow a forced exit if data is still in the socket
Fixes the  http://b/4271011 "adb shell cat /init.rc output gets truncated"


Change-Id: I6df64374b60789595fb18f96d429315dec032443
Signed-off-by: JP Abgrall <jpa@google.com>
2011-04-12 22:01:58 -07:00
Terence Haddock e994f18c53 In serial, skip over port as well if numbers found after colon.
Change-Id: Icd45f570a9527790eb0cd614a3f77da1a72375b1
2011-04-06 16:18:25 +02:00
JP Abgrall 408fa57864 adb: fix subprocess exit handling, oom adjust fixes, extra debugging.
* Add support for correctly handling subprocess termination in shell service  (b/3400254 b/3482112 b/2249397)
 - have a waitpid() track the subprocess, then notify the fdevent via a socket
 - force an eof on the pty master in fdevent's new subproc handler.
 - modify fdevent to force-read the pty after an exit.
* Migrate the "shell:blabla" handling to "#if !ADB_HOST" sections, where it
 belongs.
* Fix the race around OOM adjusting.
  - Do it in the child before exec() instead of the in the parent as the
   child could already have started or not (no /proc/pid/... yet).
* Allow for multi-threaded D() invocations to not clobber each other.
  - Allow locks across object files.
  - Add lock within D()
  - Make sure sysdesp init (mutex init also) is called early.
* Add some missing close(fd) calls
  - Match similar existing practices near dup2()
* Add extra D() invocations related to FD handling.
* Warn about using debugging as stderr/stdout is used for protocol.
* Fix some errno handling and make D() correctly handle it.
* Add new adb trace_mask: services.
* Make fdevent_loop's handle BADFDs more gracefully (could occur some subproc closed its pts explicitely).
* Remove obsolete commandline args reported in help. (b/3509092)


Change-Id: I928287fdf4f1a86777e22ce105f9581685f46e35
2011-03-28 14:12:22 -07:00
Terence Haddock 28e1390e68 In serial, skip over port as well if numbers found after colon.
Change-Id: Icd45f570a9527790eb0cd614a3f77da1a72375b1
2011-03-16 09:43:56 +01:00
JP Abgrall 0e7c4274c6 Revert "Fix adb hang when subprocess dies early."
This is for http://b/3482112 "adb interactions with device causing test harness failures".

This reverts commit 69c5c4c45b.

Change-Id: I630bf2e04d2ecf0223bd2af4e87136754ff880d3
2011-02-23 18:49:00 -08:00
JP Abgrall 69c5c4c45b Fix adb hang when subprocess dies early.
* Handling of the subprocess and its FD.
  This fixes http://b/3400254 "Many bugreports getting hung at the end in monkey"
  -  Start up a service thread that waits on the subprocess to terminate,
then closes the FD associated with it.
  -  Have the event handler select() with a timeout so that it can
  detect the closed FD. Select() with no timeout does not return when an FD is closed.
  - Have the event handler force a read on the closed FD to trigger the close sequence.
  - Migrate the "shell:blabla" handling to "#if !ADB_HOST" sections.
* Fix the race around OOM adjusting.
  - Do it in the child before exec() instead of the in the parent as the
   child could already have started or not (no /proc/pid/... yet).
* Allow for multi-threaded D() invocations to not clobber each other.
  - Allow locks across object files.
  - Add lock within D()
* Add some missing close(fd) calls
  - Match similar existing practices near dup2()
* Add extra D() invocations related to FD handling.
* Warn about using debugging as stderr/stdout is used for protocol.

Change-Id: Ie5c4a5e6bfbe3f22201adf5f9a205d32e069bf9d
Signed-off-by: JP Abgrall <jpa@google.com>
2011-02-18 14:16:59 -08:00
André Goddard Rosa 8182829ccb adb: optimize socket-list-walking code
Change-Id: I8bbb8b671c1ce7a2ce736b60b0cdb7b21ccdc372
Signed-off-by: André Goddard Rosa <andre.goddard@gmail.com>
2010-06-14 09:59:34 -07:00
André Goddard Rosa 8e78dc64d2 adb: remove unneeded assignment of id to zero
... as memory was already obtained zero'ed by calloc().

Change-Id: Ic73bad09b54cb778fd40bdf86bb40888ea504c5f
Signed-off-by: André Goddard Rosa <andre.goddard@gmail.com>
2010-06-14 09:56:14 -07:00
André Goddard Rosa c419e2a210 adb: clean up 0 --> NULL for pointers
Change-Id: I9216fdf534d807a55dfbc6800b5c3ef5f8c83368
2010-06-14 09:55:42 -07:00
The Android Open Source Project dd7bc3319d auto import from //depot/cupcake/@135843 2009-03-03 19:32:55 -08:00
The Android Open Source Project e54eebbf1a auto import from //depot/cupcake/@135843 2009-03-03 18:29:04 -08:00
The Android Open Source Project 35237d1358 Code drop from //branches/cupcake/...@124589 2008-12-17 18:08:08 -08:00
The Android Open Source Project 4f6e8d7a00 Initial Contribution 2008-10-21 07:00:00 -07:00