Commands chained with && need to be passed through literally instead
of always being quoted.
Bug: 15479704
Change-Id: I2998e40a92a3bfd092098cd526403b469c86c9a6
Arguments with embedded spaces need to be wrapped in quotes, which
changes the overall escaping strategy. Instead of mixing the two
strategies, just always wrap arguments in quotes.
Bug: 15479704
Change-Id: I03eacfa1bd6c220d4ec6617b825ebb0c43c7221e
If an adb shell connection comes in while taking a screenshot,
an open pipe file descriptor will be leaked to the shell process.
This causes SELinux denials of the form:
avc: denied { read } for path="pipe:[21838]" dev="pipefs" ino=21838 scontext=u:r:shell:s0 tcontext=u:r:adbd:s0 tclass=fifo_file permissive=0
avc: denied { write } for path="pipe:[21838]" dev="pipefs" ino=21838 scontext=u:r:shell:s0 tcontext=u:r:adbd:s0 tclass=fifo_file permissive=0
Set O_CLOEXEC on the pipe connections, to avoid leaking them
across an exec boundary.
Bug: 15437785
Change-Id: Id2304b316bd7082d8baac246dce1f0e0e26e9197
To facilitate device scripts that want to read/write binary data from
the host side, this change introduces a new "exec" service that
behaves like "shell" but without creating a pty, which would otherwise
mangle binary data.
After forking, it hooks up stdin/stdout of the child process to
the socket connected through to the host. The adb transport doesn't
support shutdown(), so the host can't half-close the socket and wait
for device termination. Instead, the host side now has two explicit
commands "exec-in" and "exec-out" for either sending or receiving
data.
Teach host side copy_to_file() to deal with stdin/stdout special
cases. Switch device side backup/restore services to use the new
create_subproc_raw under the hood.
Change-Id: I5993049803519d3959761f2363037b02c50920ee
This flag needs to be passed through to the package manager.
Without this change, the argument to this flag is interpreted
as a filename.
NOTE: If we don't want to add special treatment for this flag,
we'll have to assume that all flags with a -- prefix have an
argument, and that isn't necessarily true.
Change-Id: I78c3fa842bc24148d83d7278e6dee395686240a0
This implements the logical opposite of 'adb forward', i.e.
the ability to reverse network connections from the device
to the host.
This feature is very useful for testing various programs
running on an Android device without root or poking at the
host's routing table.
Options and parameters are exactly the same as those for
'adb forward', except that the direction is reversed.
Examples:
adb reverse tcp:5000 tcp:6000
connections to localhost:5000 on the device will be
forwarded to localhost:6000 on the host.
adb reverse --no-rebind tcp:5000 tcp:6000
same as above, but fails if the socket is already
bound through a previous 'adb reverse tcp:5000 ...'
command.
adb reverse --list
list all active reversed connections for the target
device. Note: there is no command to list all
reversed connections for all devices at once.
adb reverse --remove tcp:5000
remove any reversed connection on the device from
localhost:5000
adb reverse --remove-all
remove all reversed connections form the current
device.
Reversed connections are tied to a transport, in other
words, they disappear as soon as a device is disconnected.
Simple testing protocol:
adb forward tcp:5000 tcp:6000
adb reverse tcp:6000 tcp:7000
nc -l localhost 7000
in another terminal:
echo "Hello" | nc localhost 5000
Will print "Hello" on the first terminal.
Change-Id: I761af790cdb06829b68430afa4145a919fa0e6d5
After a disconnect, the initial blocking connect takes
a long time to return, while subsequent calls return
quicks. Switch to a non-blocking connect to make the
re-connect time more consistent and faster overall.
Change-Id: I21d02b22a8eb9a457c2f1fa95eb17894d5612ccd
Signed-off-by: Ken Lierman <ken.lierman@windriver.com>
Reviewed-by: Gumbel, Matthew K <matthew.k.gumbel@intel.com>
Reviewed-by: Jovanovic, Radivoje <radivoje.jovanovic@intel.com>
Reviewed-by: Boie, Andrew P <andrew.p.boie@intel.com>
Under Linux, ADB manually parses USB Descriptors to check for
possible ADB USB Interfaces. USB Devices connected with SuperSpeed
will exhibit extra USB SuperSpeed Endpoint Companion Descriptors.
This patch handles these USB SuperSpeed specific USB Descriptors.
Change-Id: Icd1e5fdde0b324c7df4f933583499f2c52a922f3
Signed-off-by: Ingo Rohloff <lundril@gmx.de>
1. Close pipe fds[1] as soon as possible. Otherwise it may block when
reading from fds[0] even though the child process has exited early
and closed its copy of fds[1].
2. Waitpid after pipe is closed. Otherwise the screencap child process
may block while writing fds[1], because the fds[0] is not closed
yet. If we close fds[0] first, then the screencap child process will
die because of SIGPIPE, and waitpid will return correctly.
Change-Id: I433c95a5ba2eb3045727fc39a49fd9557fb1a1d1
Signed-off-by: Bao Haojun <baohaojun@gmail.com>
The BIO_CTRL_FLUSH function for files doesn't return anything useful
from the underlying fflush call, so it is safe to ignore this.
Change-Id: If33a7efbbaaf158e3da1cd72d0a56da1d3b82fd9
Fix the win_sdk host build by replacing utimes() with utime(). utime()
is functionally equivalent to utimes() when dealing with non-fractional
second timestamps, and is supported by the Windows CRT.
(The Windows CRT uses the nonstandard name _utime(), but mingw creates
aliases to the POSIX names.)
Change-Id: I513c6c5de05376c34cbb0894a94259acba8ae6f1
adb root command will terminate adbd when closing the socket if current
user id is not root. This works for userdebug build, as adb root causes
re-enumeration.
But for user build, adb root command won't cause re-enumeration, and if
adbd is terminated and restarted, it will be in offline state, thus it
won't send any thing to host.
Change-Id: I81216a3b3da888cd9b236060cf745175f6d93c60
Author: jzhuan5 <jin.can.zhuang@intel.com>
Signed-off-by: Bo Huang <bo.b.huang@intel.com>
The original definition of VENDOR_ID_COMPAL is for Compal Communications, Inc.
But Compal Communications, Inc(CCI) had been merged into Compal Electronics, Inc(CEI) at April of 2014
So VENDOR_ID_COMPAL should be changed from 0x1219(CCI's VID) to 0x04B7(CEI's VID).
And add one new definition(VENDOR_ID_COMPALCOMM) for CCI to maintain old devices that use CCI's VID.
modified: adb/usb_vendors.c
Change-Id: I9e9a96f6cc81273ff2c9353a13e7ce3b0583396b
Added -a flag to adb pull that preserves time and mode. Mode is
subjected to umask for security. We only receive modification
time from adb server, so creation time will be set to the modification
time as well.
Change-Id: I37c0b94741ed464f19025d25dea3ff2f6ac43e7f
Signed-off-by: Lajos Molnar <lajos@google.com>
In the SERVICES.TXT a missing documentation file is mentioned - SYNC.TXT. This file is supposed to contain all the godie bits of the adb protocol for pushing and pulling files. I've read the source code and documented this in the file SYNC.TXT. I've used my own documentation to create a java implementation to verify the documentation here: https://github.com/vidstige/jadb
Added line breaks at 78 characters. Added comments about remote files might be deleted.
Change-Id: I48c87c2a9fb5b59b85c72679124dfbbfa9a701bc
Signed-off-by: Samuel Carlsson <samuel.carlsson@gmail.com>
When the ADB server starts, it probes the localhost ports to find
existing emulator instances, starting from 5555 with increments of
2, and stopping after ADB_LOCAL_TRANSPORT_MAX tries, which was
set to 16.
This means that the ADB server could not detect on startup more
than 16 existing emulator instances.
This increases the limit to 64, to match a corresponding change
on the emulator side.
See https://android-review.googlesource.com/#/c/83553/
Change-Id: I35c69f8017298c3e5797bd396b8d788d44eaa00f
Added a new '-p' switch to the 'push' and 'pull' commands that outputs
the file transfer progress (bytes transmitted, total bytes, and % done).
This provides useful feedback when transferring large files, and also
makes it possible for other tools to easily monitor the progress of a
forked push/pull command.
Change-Id: Iee6f42f5bd41292e5bc80fba779f526f0072e356
adb push some_disk_image /dev/block/mmcblk0p9
should not unlink the dev just because adb was ctrl-c'd.
Change-Id: I1b6669e8dba1f80fc1438b8deb618180b7e9a1b2
Signed-off-by: JP Abgrall <jpa@google.com>
In the past, an adb push would ALWAYS unlink the target path.
Now, we only links and regular files (and links).
This allows the following to work:
adb shell ls -l /dev/block/mmcblk0p8
# brw------- root root 179, 8 2013-11-28 07:43 mmcblk0p8
adb push n7.jpa.mda.post_jb_encryption.raw /dev/block/mmcblk0p8
Bug: 11984121
Change-Id: I982c7a1cd87986621f2bebdcb41c4e281f67f772
EWOULDBLOCK is not there on windows.
It gets translated by the adb_write() wrapper into EGAIN.
But the Linux one does not translate EWOULDBLOCK into EGAIN.
Without EWOULDBLOCK, it works just fine.
Change-Id: Ic293be392aa4364637428ea94ef87890ffa09b9b
Signed-off-by: JP Abgrall <jpa@google.com>
Since ca8e66a8b0, init has
been handling reboots and filesystem unmounts. Remove obsolete
call to vdc.
Bug: 12504045
Change-Id: If8704ca042cb3a68857743b9973e48c52e7eb881
(cherry picked from commit 225459a5da)
The list action had some problems with large numbers of forwards:
* adb_query() limited replies to 1024 B (and the print was useless)
* the reply header's length could overflow (also in other commands)
* ...and the client had no way of detecting it
* writex() didn't retry on EAGAIN ("Resource temporarily unavailable")
This patch makes all "OKAY%04x" replies use a common function which
checks the length and limits it to 0xffff. This means that the client
can easily check for truncated replies.
Before: forward --list starts failing at 15-30 forwards (depending on
device serial and forward spec lengths).
After: no problems with forward --list.
Change-Id: Ie1e82c4d622f5c56e51abb26533ba17d40459914
libselinux selinux_android_restorecon API is changing to the more
general interface with flags and dropping the older variants.
Also get rid of the old, no longer used selinux_android_setfilecon API
and rename selinux_android_setfilecon2 to it as it is the only API in use.
Change-Id: I1e71ec398ccdc24cac4ec76f1b858d0f680f4925
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
* commit '7b9bb36ade6c8fa2e77416143847b019ddda9e95': (29 commits)
libsysutils: SocketListener export release
libsysutils: Add iovec/runOnEachSocket
liblog: support struct logger_event_v2 format
liblog: update timestamp on NOTICE file
libcutils: resolve warning in iosched_policy.c
liblog: Add const pedantics
logcat: Add -T flag (-t w/o assumption of -d)
logcat: Add logcat test suite
liblog: Add cpu utilization test
liblog: Add liblog test suite
debuggerd: Support newline split in log messages
liblog: deprecate export LOGGER ioctl definitions
liblog: deprecate export of LOGGER_LOG_* defines
liblog: Add README
liblog: resolve build warning messages
liblog: high CPU usage from logcat
liblog: fix build again
liblog: drop use of sys/cdefs.h
liblog: git_master@964770 build problem
logcat: Incorporate liblog reading API
...
* changes:
libsysutils: SocketListener export release
libsysutils: Add iovec/runOnEachSocket
liblog: support struct logger_event_v2 format
liblog: update timestamp on NOTICE file
libcutils: resolve warning in iosched_policy.c
liblog: Add const pedantics
logcat: Add -T flag (-t w/o assumption of -d)
logcat: Add logcat test suite
liblog: Add cpu utilization test
liblog: Add liblog test suite
debuggerd: Support newline split in log messages
liblog: deprecate export LOGGER ioctl definitions
liblog: deprecate export of LOGGER_LOG_* defines
liblog: Add README
liblog: resolve build warning messages
liblog: high CPU usage from logcat
liblog: fix build again
liblog: drop use of sys/cdefs.h
liblog: git_master@964770 build problem
logcat: Incorporate liblog reading API
debuggerd: Incorporate liblog reading API
liblog: Interface to support abstracting log read
adb: deprecate legacy log service interface
adb: regression from Move list.c to inlines
liblog: whitespace cleanup
libcutils: bug str_parms.c:str_parms_get_float().
libcutils: UNUSED argument warnings
libsysutils: Get rid of warnings
libcutils: Move list.c to inlines on list.h
When adbd runs as root, it should transition into the
su domain. This is needed to run the adbd and shell
domains in enforcing on userdebug / eng devices without
breaking developer workflows.
Introduce a new device_banner command line option.
Change-Id: Ib33c0dd2dd6172035230514ac84fcaed2ecf44d6
Don't assume that calling chown(filename, getuid(), getgid())
will always succeed. In the case of /sdcard, a file you create
will be owned by root, so the chown call will fail.
Instead, use uid=gid=-1 so that the chown call is truly a no-op.
Ignore the results of calling chmod. Again, for /sdcard, the
chmod call will never succeed, because the file isn't owned by
the shell user.
Bug: 12441485
Change-Id: I11eaf1d6f6049c1158afc29754fbb7af2baf2c78
This cleans up most of the size-related problems in system/core.
There are still a few changes needed for a clean 64-bit build,
but they look like they might require changes to things like the
fastboot protocol.
Change-Id: I1560425a289fa158e13e2e3173cc3e71976f92c0
Since ca8e66a8b0, init has
been handling reboots and filesystem unmounts. Remove obsolete
call to vdc.
Bug: 12504045
Change-Id: If8704ca042cb3a68857743b9973e48c52e7eb881
In case of bulk read/write failure or disconnect, transport_usb
calls usb_ffs_kick in order to force the daemon to re-open the
FunctionFS ep files as a way to soft restart the kernel driver.
However, there's no reason to always close the ep0 file, as it
would need to be reopened and the descriptors rewritten--this
is unnecessary, especially in the simple/frequent case of cable
disconnect, and causes the kernel driver to unbind and bind *all*
of the function drivers. This is causing USB Chapter 9 tests to fail.
Thus, try to reuse the same ep0 file handle across reconnects. In
case there is a failure, the ep1/ep2 opens would fail and all the
file handles get dropped. For the adb root case, the entire daemon
gets restarted anyway.
Change-Id: I0840085c52a0795dcb2d751c39aa4a436c039ee2
* commit '491ecd0b7275a98b7fda9b1e807724f7f06b1469':
adb: Add USB vendor ID for YotaDevices
adb: Add USB vendor ID for TechFaith
adb: Add USB vendor ID for Rockchip
adb: Add USB vendor ID for EMERGING Technology (Holdings) Ltd.
adb: Add USB vendor ID for Allwinner
adb: Add USB vendor ID for Amlogic
added Gigaset's USB vendor ID
adb: alphabetically sort usb vendors lists
adbd changes the permissions of files uploaded by copying
owner's permission to group and other. This causes kernel
load failure if any changes are made to kernel modules
followed by ``adb push'' or ``adb sync'' because file mode
644 would become 666.
The change uses fs_config to get the target mode of files.
In addition, the SELinux file label is set incorrectly
on synced files. Set the label properly.
Change-Id: I354db848f39adfbf189d7e8d3b028e8d763c772f
Signed-off-by: Liang Cheng <licheng@nvidia.com>
Bug: 12264775
handle_packet() in adb.c didn't check that when an A_WRTE packet is
received, the sender's local-id matches the socket's peer id.
This meant that a compromised adbd server could sent packets to
the host adb server, spoofing the identity of another connected
device if it could "guess" the right host socket id.
This patch gets rid of the issue by enforcing even more checks
to ensure that all packets comply with the description in
protocol.txt.
+ Fix a bug where closing a local socket associated with a
remote one would always send an A_CLSE(0, remote-id, "")
message, though protocol.txt says that should only happen
for failed opens.
The issue was that local_socket_close() called
remote_socket_close() after clearing the remote socket's
'peer' field.
The fix introduces a new asocket optional callback,
named 'shutdown' that is called before that, and is
used to send the A_CLSE() message with the right ID
in remote_socket_shutdown().
Also add some code in handle_packet() to detect
invalid close commands.
Change-Id: I9098bc8c6e81f8809334b060e5dca4fc92e6fbc9
The reboot commands return too fast, interfering with testing.
Add a pause(), which will allow the device time to complete the
reboot.
Change-Id: Ie9cc6eea67b7ff662ec71ea2329cbb94f8d55404
Bug: 11369303
- adds a library to compute the SHA-256 hash
- updates the RSA verifier to take an argument specifying either SHA-1
or SHA-256
- updates DumpPublicKey to with new "key" version numbers for
specifying SHA-256
- adds new argument to adb auth code to maintain existing behavior
(cherry picked from commit 515e1639ef)
Change-Id: Ib35643b3d864742e817ac6e725499b451e45afcf
readx() treats a partial read as an error but also consumes the data,
Now exactly the amount of data needed for the screendump is requested.
This bug showed up for framebuffers that were not a multiple of 640
bytes.
Also fix a compiler warning related to handing pipe() failure.
Change-Id: I8b1713923e156d4e3424784152e5dc5cbc7d478d
Move the liblog headers to log/ instead of cutils/ to complete
the separation of libcutils and liblog. cutils/log.h still
exists and includes log/log.h in order to support the many existing
modules that use cutils/log.h.
Change-Id: I2758c9f4aedcb809ca7ba8383d0f55041dd44345
When transferring files over 4 GiB with adb, the size of the transfer
is misreported.
Change-Id: Ia3d4cae1e9f82b4f7432341820b101ea9a44f85b
Signed-off-by: Jeff Smith <whydoubt@gmail.com>
When building for the host, don't make reference to
property_get / property_set. I'm in the process of removing
host side support for properties.
Change-Id: I691c5872b5fd538e78bc38a3fe72574cdc7f43c3
adb connect calls connect() in the event loop. If you pass a wrong ip
address or the server is slow to respond, this will block the event loop
and you can't even kill the adb server with adb kill-server. Handle connect
requests in a service thread instead.
Change-Id: I2ee732869a3dc22a6d3b87cf8ac80acaa7790037
When a filesystem is mounted read-only, make the underlying
block device read-only too. This helps prevent an attacker
who is able to change permissions on the files in /dev
(for example, symlink attack) from modifying the block device.
In particular, this change would have stopped the LG Thrill / Optimus
3D rooting exploit
(http://vulnfactory.org/blog/2012/02/26/rooting-the-lg-thrill-optimus-3d/)
as that exploit modified the raw block device corresponding to /system.
This change also makes UID=0 less powerful. Block devices cannot
be made writable again without CAP_SYS_ADMIN, so an escalation
to UID=0 by itself doesn't give full root access.
adb/mount: Prior to mounting something read-write, remove the
read-only restrictions on the underlying block device. This avoids
messing up developer workflows.
Change-Id: I135098a8fe06f327336f045aab0d48ed9de33807
Move the responsibility for rebooting the system from the
reboot command to init. Init is in a better position to take
actions to bring the system down cleanly, including making sure
filesystems are mounted read-only.
The only UIDs which can perform an init triggered reboot are
root, system, and shell.
Modify the reboot command so that it calls into init to perform
the reboot. The reboot command no longer requires CAP_SYS_BOOT.
Remove the -n reboot option and code which supports it. Anyone needing
to do an unclean shutdown can just do a 'echo c > /proc/sysrq-trigger'.
Modify adb so that it calls into init to perform a shutdown.
Bug: 8646621
Change-Id: I84c0513acb549720cb0e8c9fcbda0050f5c396f5
Add the OUYA VID to the list of known USB VIDs to allow developers with OUYA
consoles to have their device automatically recognized.
Change-Id: I499114d8071747b972c24681fc0771f000ad9f9d
Both CS_RECOVERY and CS_SIDELOAD where not being checked by
connection_state_name which resulted in adb get-state returning
unknown when a device is in those modes.
Change-Id: I00716024d6a0bdb68d6e2380c8cd7b5d056bd15f
Signed-off-by: trevd <trevd1234@gmail.com>
- adds a library to compute the SHA-256 hash
- updates the RSA verifier to take an argument specifying either SHA-1
or SHA-256
- updates DumpPublicKey to with new "key" version numbers for
specifying SHA-256
- adds new argument to adb auth code to maintain existing behavior
Change-Id: I5b1406cf57c2b8993f6032eda3e29139f7740839
adbd can receive multiple AUTH_RSAPUBLICKEY packets. This happens for
example when booting with usb attached when we retry authenticating
after the framework is done booting. Make sure usb_disconnect is only
registered once, otherwise this creates a loop in the disconnects list.
Bug: 8504991
Change-Id: Ia1f9a37005dd17b7eefee1493d622e1679263eea
Set the CAP_SYS_BOOT filesystem capability on the new reboot
command and keep CAP_SYS_BOOT in adb bounding set so that the
shell user can run it.
Change-Id: I1dd6143445ee2a952254f0452ab6e544318431dd
The adb sideload utility referes to the filename as 'sideload' in some
places. This patch changes the printouts to display the filename instead.
Change-Id: I38ada01a08bed53a8d9697c03f55ce8cee2abe12
Signed-off-by: Magnus Eriksson <eriksson.mag@gmail.com>
run-as: don't require CAP_DAC_OVERRIDE.
Prevent an adb spawned application from acquiring capabilities
other than
* CAP_NET_RAW
* CAP_SETUID
* CAP_SETGID
The only privileged programs accessible on user builds are
* /system/bin/ping
* /system/bin/run-as
and the capabilities above are sufficient to cover those
two programs.
If the kernel doesn't support file capabilities, we ignore
a prctl(PR_CAPBSET_DROP) failure. In a future CL, this could
become a fatal error.
Change-Id: I45a56712bfda35b5ad9378dde9e04ab062fe691a
When booting with usb attached, the secure adb authentication happens
long before the framework is done booting, so adb can't notify the
framework to install the public key.
Change-Id: Id2af6cebece345022f56cb0c4b5af24e1d7a425c
# By Ray Donnelly
# Via Android Git Automerger (2) and others
* commit '282caf3bd0dfd81b92ac74e0b3ea970d195fee7b':
Windows adb: include stdint.h for uint8_t on MinGW-w64
# By Ray Donnelly
# Via Android Git Automerger (2) and others
* commit '6c3d3ccfa5d1d77b80e5c7619909a48b976c69ec':
Windows adb: initialize on to 1 in disable_tcp_nagle
Add a new connection state, so that devices, that require confirmation
to allow adb, appear as "unauthorized" in the adb devices lists.
Change-Id: Ib4264bc5736dedecf05bcf8e31896f4d7a91fad8
The framework can now clear the user key list, so we need to reload the
key list on every auth request instead of loading it once when adbd
starts.
This also fixes issues with encrypted devices, where the user key file
is only readable after the user has unlocked the device.
Change-Id: I350c5aab986f8ca86b95f316398d03012553e581
There are serious multithreading issues between the fdevent and transport
subsystems which both manipulate struct asocket and struct fde concurrently.
The prevalent symptom being around multiple socket closures which stomp
on each other, typically causing:
"glibc detected *** adb: double free or corruption ..."
This HACK allows forcing CPU affinity via an env var. E.g.:
export ADB_CPU_AFFINITY_BUG6558362=0
which will cause ONLY the adb server and all its threads to be pegged
to CPU 0.
The result is visible in valgrind's helgrind: no *socket_close() related
data races. But tons of other races are still there.
Bug: 6558362
Change-Id: I0f112390a6a921c64b2a783297be9e99ce27fd56
ADB client: allow user to specify hostname and port number of remote
adb server.
ADB server: bind server to all network interfaces instead of just
localhost when user gives -a flag.
Primary use-case for this change is to support remote testing of USB
devices. HostA is running some test automation software which invokes adb
client. HostB has USB-only device attached and is running adb server. adb
client on HostA makes connection to adb server on HostB to talk to the
USB device.
Change-Id: I845cc8c00350b400317f8c18f813e6fd79bd5470
Signed-off-by: Dean Kwon <daex.i.kwon@intel.com>
Signed-off-by: Jim Bride <jim.bride@intel.com>
Signed-off-by: Matt Gumbel <matthew.k.gumbel@intel.com>
adb doesn't really use ncurses-libs, remove it.
Add -ldl for the symbols dlclose, dlerror, dlopen...
introduced from dso_dlfcn.c of libcrypto_static.a.
Change-Id: If1cc23987a9b35ec535bbf8f4e7db141b9f10af7
This adds a few new options/modes to 'adb forward':
adb forward --list
adb forward --remove <local>
adb forward --remove-all
adb forward --no-rebind <local> <remote>
For more context, see http://code.google.com/p/android/issues/detail?id=39631
Note that this only affects the host adb client and server programs,
i.e. it's compatible with devices running older adbd versions.
Change-Id: I9cda3ba12b5a8560a2061620bc7f948e5c1e70f7
Darwin doesn't define the TEMP_FAILURE_RETRY macro in unistd.h so we
need to add it everywhere. Joy!
(cherry picked from commit ec90f1dc11)
Change-Id: Ida554fc65193672cc4616dec79e6282e06cc1b28
Darwin doesn't define the TEMP_FAILURE_RETRY macro in unistd.h so we
need to add it everywhere. Joy!
Change-Id: Ida554fc65193672cc4616dec79e6282e06cc1b28
Secure adb using a public key authentication, to allow USB debugging
only from authorized hosts.
When a device is connected to an unauthorized host, the adb daemon sends
the user public key to the device. A popup is shown to ask the user to
allow debugging once or permanantly from the host. The public key is
installed on the device in the later case. Other keys may be installed
at build time.
On the host, the user public/private key pair is automatically generated,
if it does not exist, when the adb daemon starts and is stored in
$HOME/.android/adb_key(.pub) or in $ANDROID_SDK_HOME on windows. If needed,
the ADB_KEYS_PATH env variable may be set to a :-separated (; under
Windows) list of private keys, e.g. company-wide or vendor keys.
On the device, vendors public keys are installed at build time in
/adb_keys. User-installed keys are stored in /data/misc/adb/adb_keys.
ADB Protocol change:
If the device needs to authenticate the host, it replies to CNXN
packets with an AUTH packet. The AUTH packet payload is a random token.
The host signs the token with one of its private keys and sends an AUTH(0)
packet. If the signature verification succeeds, the device replies with
a CNXN packet. Otherwise, it sends a new AUTH packet with a new token so
that the host can retry with another private key. Once the host has tried
all its keys, it can send an AUTH(1) packet with a public key as
payload. adbd then sends the public key to the framework (if it has been
started) for confirmation.
Change-Id: I4e84d7621da956f66ff657245901bdaefead8395
Define /storage as top-level concept, so that we enforce permissions
uniformly. Moves external storage paths from headers to per-device
environment variables. Added missing mount flags, and we no longer
have adb-specific external storage.
Bug: 6925012
Change-Id: Ic7ca953be2f552d3f0ec9e69f89fef751daa1b29
Just print a warning if ADB_EXTERNAL_STORAGE is not defined when ADB
runs instead of segfaulting. If we really don't want to continue to
run, we can make this a fatal error instead.
Change-Id: Icfc5fb9e594b0a310029f1dca7e9476f27ceb7bc
Also remove mount() from adb, since it can come online long before
data partition is ready. Set EXTERNAL_STORAGE environment variable
to point to owner for backwards compatibility.
Bug: 7005701
Change-Id: I63444f6636624eb7ad89f053daa289663424639e
Secure adb using a public key authentication, to allow USB debugging
only from authorized hosts.
When a device is connected to an unauthorized host, the adb daemon sends
the user public key to the device. A popup is shown to ask the user to
allow debugging once or permanantly from the host. The public key is
installed on the device in the later case. Other keys may be installed
at build time.
On the host, the user public/private key pair is automatically generated,
if it does not exist, when the adb daemon starts and is stored in
$HOME/.android/adb_key(.pub) or in $ANDROID_SDK_HOME on windows. If needed,
the ADB_KEYS_PATH env variable may be set to a ;-separated list of private
keys, e.g. company-wide or vendor keys.
On the device, vendors public keys are installed at build time in
/adb_keys. User-installed keys are stored in /data/misc/adb/adb_keys.
ADB Protocol change:
If the device needs to authenticate the host, it replies to CNXN
packets with an AUTH packet. The AUTH packet payload is a random token.
The host signs the token with one of its private keys and sends an AUTH(0)
packet. If the signature verification succeeds, the device replies with
a CNXN packet. Otherwise, it sends a new AUTH packet with a new token so
that the host can retry with another private key. Once the host has tried
all its keys, it can send an AUTH(1) packet with a public key as
payload. adbd then sends the public key to the framework (if it has been
started) for confirmation.
Change-Id: Idce931a7bfe4ce878428eaa47838e5184ac6073f
Remount rootfs as recursively shared, so that mount changes are
propagated into child namespaces. Mount external storage for access
from adb.
Clean multi-user dependencies for use in Dalvik. Also define
external storage paths.
Bug: 6925012
Change-Id: I375de581a63f4f36667894c56a34a9dd45361e8f
(cherry picked from commit ae868a4045 in master)
Change-Id: I980c7c5e8affbc8627d17b1d9303b002adcdb29a
Signed-off-by: Mike J. Chen <mjchen@google.com>
Conflicts:
adb/adb.c
When using a third party screen capture program called androidscreencast
(http://code.google.com/p/androidscreencast/) to get the framebuffer of
the device, there are tons of screencap zombie processes got left behind.
The issue is also mentioned here: http://code.google.com/p/android/issues/detail?id=22836.
The cause of the issue is that adbd spawns off screencap processes,
and these child processes were not waited to be finished.
This change fixes the issue.
Change-Id: Ife928d65ecf6a2ff39b8b72ddba930fda6733a00
Signed-off-by: Yuriy Zabroda <yuriy.zabroda@ti.com>
When running "adb tcpip 5555", adb create a service socket named
"tcpip:5555". Only compare the 6 first chars "tcpip:" to decide if
we enable exit_on_close.
Bug: 6650130
Change-Id: I0835973de044f1cfde0e859ff0277c0ccc2630a3
A recent change use strtok_r which broke the Windows build.
Clear this potential landmine by adding adb_strtok_r to sysdeps.h
in the typical fashion. For Windows, the actual implementation
in sysdeps_win32.c was copied from bionic/libc/string/strtok.c.
Change-Id: Ibb71555bc429f7058c07c3d39e0b62859c79635c
Signed-off-by: Scott Anderson <saa@android.com>
Prior to this change, -s could take either a serial number or a
device path (e.g. "-s 01498B1F02015015" or "-s usb:1-4.2"). This
change extends -s to also allow product, model or device names
(e.g. "-s product:mysid"). These new qualifiers will only be
available on devices that are running an adb daemon that provides
properties in the connect message per Change-Id:
I09200decde4facb8fc9b4056fdae910155f2bcb9
The product, model and device are derived from the
ro.product.name, ro.product.model and ro.product.device
properties respectively. They are prefixed with "product:",
"model:" or "device:" as appropriate. In addition, any
non-alphanumerics in the model are changed to underscores.
If the -s parameter matches multiple devices, the result will be
the same as when multiple devices are connected but no -d, -e or
-s option is specified. In general, this means the user will get
"error: more than one device". However for get-state,
get-devpath and get-serialno, they will get "unknown".
The format of "devices -l" was changed to list all of the
qualifiers that are available. The following example output
(with the last digits of the serial numbers replaced with X's) is
with a Galaxy Prime with an older adb daemon and another Galaxy
Prime and Galaxy S both with the enhanced adb daemons:
List of devices attached
016B75D60A0060XX device usb:2-5 product:mysid model:Galaxy_Nexus device:toro
3731B535FAC200XX device usb:1-4.2 product:soju model:Nexus_S device:crespo
01498B1F020150XX device usb:1-4.1
Note that the serial number and state are now column oriented
instead of tab delimited. After the serial number and state, all
qualifiers are listed with each preceded by a space. The output
of the original devices command (without -l) is unchanged.
Change-Id: Iceeb2789874effc25a630d514a375d6f1889dc56
Signed-off-by: Scott Anderson <saa@android.com>
protocol.txt says that the connect message should have three
fields:
<systemtype>:<serialno>:<banner>
In reality, what is transmitted is simply:
<systemtype>::
The serialno is obtained via other means so doesn't really need
to be a part of the connect message. This change puts the
ro.product.name, ro.product.model and ro.product.device
properties in the <banner> for devices. Each property is
terminated by a semicolon (;) with the key and value separated by
an equals sign (=). Example message:
device::ro.product.name=<prd>;ro.product.model=<mdl>;ro.product.device=<dev>;
Making this change will enable the device list to provide more
information to the user and to give the potential for being able
to select which device to talk to with the -s option.
Change-Id: I09200decde4facb8fc9b4056fdae910155f2bcb9
Signed-off-by: Scott Anderson <saa@android.com>
This is the second version of a patch which demonstrates the possibility
of using adbd (Android Debug Bridge daemon) with a generic FunctionFS gadget
instead of a custom adb usb gadget in the Linux kernel. It contains changes
introduced after Benoit's review - thank you Benoit.
The patch adds a new usb access layer to adbd using FunctionFS. The former
usb access method is still available. The method is chosen at runtime
depending if /dev/usb-ffs/adb/ep0 or /dev/android_adb is accessible.
How to use on the target device:
$ insmod g_ffs.ko idVendor=<vendor ID> iSerialNumber=<some string>
$ mount -t functionfs adb /dev/usb-ffs/adb -o uid=2000,gid=2000
$ ./adbd
This patch requires a patch to bionic which adds <linux/usb_functionfs.h>
which is an exact copy of the relevant file in the linux kernel.
Change-Id: I4b42eb267ffa50fca7a5fba46f388a2f083e8b2d
Signed-off-by: Andrzej Pietrasiewicz <andrzej.p@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
[benoit@android.com: detect at runtime if functionfs is mounted
or fallback using f_adb]
Signed-off-by: Benoit Goby <benoit@android.com>
The commands that use "host-serial:<serial-number>:<request>"
service did not handle "-s usb:<path>". The -s parameter is
passed as the serial number in the protocol and then matched
against either the serial number or device path. However,
skip_host_serial() in sockets.c did not know about the usb:
syntax, the serial number was parsed incorrectly. Before this
change:
$ adb -s usb:1-4.1 get-state
error: unknown host service
After:
$ adb -s usb:1-4.1 get-state
device
Code was added in find_transport() in transport.c to match device
paths, but find_transport() is only used for socket connections
so matching device paths is not needed.
Change-Id: I922cec963659dafadd0fbc8fa36dee3b55fe366c
Signed-off-by: Scott Anderson <saa@android.com>
system/core/adb/adb.c: In function 'connect_device':
system/core/adb/adb.c:1001: warning: comparison between signed and unsigned integer expressions
Change-Id: I206f85395e1d7ad8d6ef130a26c95dcf0f498696
Signed-off-by: Scott Anderson <saa@android.com>
Windows adb connection could be lost if the target
side kernel enables the kmemleak.
The root cause is that kmemleak downgrades USB
performance, and lead to Windows adb host application
timeout because usb_write()/usb_read()'s timeout time is
very short. That issue is not reproducible in Linux
host because its usb_write() timeout is 5s and usb_read()
is blocked until return:
usb_write() usb_read()
Linux 5000ms blocked until return
Windows 500+len*8 ms 500+len*8 ms
To fix that issue, extend the Windows adb host usb_write
timeout time to 5 seconds and usb_read() as a blocked routine:
usb_write() usb_read()
Windows 5000ms blocked until return
Change-Id: If54e2b4c396a5a06318c0ee0b3326a00e7661fbc
Signed-off-by: Yu Wang <yu.y.wang@intel.com>
Signed-off-by: Jin Can Zhuang <jin.can.zhuang@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
For manufacturing and testing, there is a need to talk to
whatever device is connected to a given port on the host. This
change modifies adb's "-s" option to take either a serial
number or a device path. The device paths of the connected
devices can be listed using "adb devices -l" whose output
will resemble:
List of devices attached
016B75D60A00600D usb:2-5 device
3031D0B2E71D00EC usb:1-4.3 device
The second column lists the device paths. If the -l option is
not given, the output from "adb devices" will be the same as
it used to be (i.e. the paths will not be printed).
The device path can also be obtained with the get-devpath
command:
$adb -s 3031D0B2E71D00EC get-devpath
usb:1-4.3
Note that the format of the device paths are platform dependent.
The example above is from Linux. On OS-X, the paths will be
"usb:" followed by hex digits. For other platforms, the device
paths will be printed as "????????????" and the -s option will
not be able to select a device until someone implements the
underlying functionality.
Change-Id: I057d5d9f8c5bb72eddf5b8088aae110763f809d7
Signed-off-by: Scott Anderson <saa@android.com>
Init is going to be modified to set the umask to 077.
This will impact adb, as "adb install" and "adb sync"
assume that files will be world-readable / writable.
Keep adb's umask at 000 for now.
Bug: 3272072
Change-Id: I75978e8dd7bbdf4dbe7c9a691ef516235f207da2
The handling of adb root:/tpcip:/usb: is normally only for non-ADB_HOST.
This avoids getuid() being invoked on windows builds.
Change-Id: I365b81d9f70de99b9347d3eac82e690a8ac5e747
"adb root" creates a socket, then starts the service.
Socket creation should not set the exit_on_close when the service will be
a no-op.
Bug: 6259353
Change-Id: Ie526d2fad64f39a48051ed0ff6fb3405c2802ced
If an error occurs during the verification of an APK, it could be left
in the temporary installation directory.
Change-Id: I4afa5535fc0b978532b31d5b8fb63776963c39db
Services that cause adbd to reboot are currently implemented this way:
write(fd, response)
close(fd)
sleep(1)
exit(1)
sleep(1) is necessary to leave time for the transport to transmit
the response before the daemon exits. This is slow and unreliable.
Instead, add a flag to the asocket to make it exit the daemon only
after the socket is closed.
Change-Id: I9df45ea6221f0d9b828703b9b2316a5d4fe59352
BUILD_ADBD is always true
ANDROID_GADGET is not used in the code anymore. adbd now checks at
runtime if /dev/android_adb is present
Change-Id: If6c3278606c79cc74d1ef5978e7b8e3a4513aef8
whitelist connection for
1) emulator
2) "eng" or "tests" build, or
3) IP matches with "persist.service.adb.client_ip"
Change-Id: I8ac149149873f3bd206bd4d5abc063e5274fb468
Signed-off-by: Wei Zhong <wzhong@google.com>
When running inside the emulator, guest's adbd can connect to 'adb-debug' qemud
service that can display adb trace messages on condition that emulator has been
started with '-debug adb' option.
This CL enables that functionality in ADB code.
Change-Id: I59b4a76d3c887ad28b8aa8e2a01dfa814e75faa1
This patch adds Intel USB Vendor ID into the support
list for adb and fastboot.
Signed-off-by: Wu, Hao <hao.wu@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Recovery will soon support a minimal implementation of adbd which will
do nothing but accept downloads from the "adb sideload" command and
install them. This is the client side command (mostly resurrected out
of the old circa-2007 "adb recover" command) and the new connection
state.
Change-Id: I4f67b63f1b3b38d28c285d1278d46782679762a2
People are being confused about the silent failure of backup/restore
when they didn't know they had to unlock the device & confirm the
backup/restore operation, so now adb prints a brief reminder.
Change-Id: I1b32913f0ad0cf6e30bf235dc975b9e983b533fd
Use the same call sequence that 'adb pull' uses for creating the
output file. adb_open_mode() apparently does not work on Windows
hosts.
Bug 5733007
Change-Id: I48d719c4657c93e19f6790cf1c6da610d49f5806
The reason for the crash is that ADB on Windows uses WaitForMultipleObjects to
wait on connection events. When number of connections exceeds 64, ADB crashes,
because WaitForMultipleObjects API doesn't support more than 64 handles. This
CL contains a fixer routine that allows waiting on an arbitrary number of
handles.
(cherry picked from commit ac52833e48)
Change-Id: I8ad264765e5b38d01a31e42b445f97ea86e49948
The reason for the crash is that ADB on Windows uses WaitForMultipleObjects to
wait on connection events. When number of connections exceeds 64, ADB crashes,
because WaitForMultipleObjects API doesn't support more than 64 handles. This
CL contains a fixer routine that allows waiting on an arbitrary number of
handles.
Change-Id: I83f712e552018df308318154c27df184015a16ee
Normally only bandwidth stats for the uid reading .../stats is returned.
With the extra group, adb shell will be able to read stats from
all UIDs.
This is to be used to offer data usage profiling to developers.
Change-Id: If3d2941ce5aa4dbb1a23947b97b893149ba224f7
Documentation-only change that supports the new framework-side
feature to omit system packages when you're using adb backup -all.
Bug 5361503.
Change-Id: I86bca8883a7fb8c713ca352ad5980e92fd640d18
A command line flag with an argument was checked in the Pm.java code,
but it wasn't being checked by "adb install" so attempts to use it
failed.
Change-Id: I0b84a4203a416f7323fa823c0f1f1750670d0c76
The host side wasn't properly checking for argument-list sufficiency
*after* removing any [-f filename] sequence.
Fixes bug 5164135
Change-Id: I7bc49e37ef168182088e0e664b6897dd2a088ebf
xuefeng cai