Commit Graph

32 Commits

Author SHA1 Message Date
Josh Gao cbe70cb0a8 debuggerd: advance our amazing bet.
Remove debuggerd in favor of a helper process that gets execed by
crashing processes.

Bug: http://b/30705528
Test: debuggerd_test
Change-Id: I9906c69473989cbf7fe5ea6cccf9a9c563d75906
2017-01-17 13:57:57 -08:00
Josh Gao 183b73e665 adb: remove support for legacy f_adb interface.
Everything should be using the functionfs interface instead by now.

Bug: http://b/34228376
Test: grepping for f_adb, android_adb in source tree
Test: m
Change-Id: I6bc41049c49a867499832588dac8ed108c636c11
2017-01-11 15:00:03 -08:00
Mark Salyzyn 97787a00e6 adb: use __android_log_is_debuggable()
Test: compile and months of adb functionality use
Bug: 27566046
Bug: 31456426
Change-Id: I6568eea0eda8dc67dec2ba34cd4c3f56fb0ff0e9
2016-10-14 11:12:24 -07:00
Elliott Hughes ffdec18017 Switch adb to <android-base/properties.h>.
Bug: http://b/23102347
Test: manual
Change-Id: Iffa66258c01f84f41b9af99ab5e768a0a2669106
2016-09-26 13:14:14 -07:00
Jorge Lucangeli Obes bae15b4f46 Use arraysize() for supplementary groups.
Also make adbd use ScopedMinijail.

Bug: 30191189
Change-Id: I5e259aa466817b51037912aba043ba75bd35f9e1
2016-07-18 13:46:42 -04:00
Josh Gao 809607ae28 adb: use libdebuggerd_client.
Bug: http://b/24414818
Change-Id: I177708877488e5c4f99c453498485a2daa9b79b0
2016-06-17 13:11:29 -07:00
David Pursell eaae97e127 adb: support forwarding TCP port 0.
This CL adds support to forward or reverse TCP port 0 to allow the
system to automatically select an open port. The resolved port number
will be printed to stdout:
  $ adb forward tcp:0 tcp:8000
  12345
  $ adb reverse tcp:0 tcp:9000
  23456
This allows testing to be more robust by not hardcoding TCP ports which
may already be in use.

Forwarding port 0 is a host-only change and will work with any device,
but reversing port 0 requires the device to be updated with a new adbd
binary.

This CL also does a little bit of cleanup such as moving the alistener
class out of adb.h, and adds some error checking and additional tests.

Bug: 28051746
Test: python -m unittest discover
Test: adb_test
Test: `adb forward` and `adb reverse` with tcp:0
Change-Id: Icaa87346685b403ab5da7f0e6aa186aa091da572
2016-05-09 16:55:10 -07:00
Jorge Lucangeli Obes 4d186ad964 adbd: Remove explicit capability bounding set code.
Minijail supports dropping capabilities from the bounding set.
Use that code instead.

This cleans up one small loose end in the work started with
https://android-review.googlesource.com/#/c/187775/

Final diff: fewer lines, more unit-tested code.
"""
$ git diff --stat 52cf4fa6aa3e8d13f61b1 adb/daemon/main.cpp
 adb/daemon/main.cpp | 56
 1 file changed, 27 insertions(+), 29 deletions(-)
"""

Bug: 27314096
Change-Id: I238975920b85fae376522eb26f5ad6d9fee0762a
2016-02-23 13:39:11 -08:00
Jorge Lucangeli Obes fd79a5d9c1 adbd: Remove check for set_supplementary_gids.
With https://android-review.googlesource.com/#/c/195400, Minijail will
check for this failure so there's no need to do it here, which allows
to simplify the code.

Bug: 26099611
Change-Id: I7c876fdcab874ed403f82bdd5a4048c0f1e5db58
2016-01-08 10:56:20 -08:00
Jorge Lucangeli Obes 683dc4817f adb: Use Minijail for privilege dropping.
By using Minijail we avoid writing the same priv-dropping code over
and over again. This also enables future hardening opportunities.
We're already using Minijail for priv-dropping on Brillo.

Minijail is unit- and integration-tested on the
Chrome OS CI infrastructure (pulling from the same repo, see
https://wmatrix.googleplex.com/security?tests=security_Minijail0).
Once CI comes to Android, it will be continuously tested there as well.

Both 'adb root' and 'adb unroot' still work.

Bug: 26099611
Change-Id: I52c456ea272d27bd6fbc71200f4fdd928a592158
2015-12-17 10:49:53 -08:00
Tom Cherry 38cd57a145 Use selinux_android_setcon() instead of setcon()
Bug 26114086

Change-Id: I02d20ee7a5f487fc73d7a33d50b0b8f1cd9ad3a4
2015-12-16 17:42:08 -08:00
Elliott Hughes 9e7893bf86 More idiomatic cleanup of 9f75a03571.
Change-Id: Id936946375d2be56ba10bf3aa5804f52cdbecc2d
2015-12-16 08:45:05 -08:00
Nick Kralevich 9f75a03571 adbd: make a PR_CAPBSET_DROP error fatal.
Back in 080427e4e2, we said:

  If the kernel doesn't support file capabilities, we ignore
  a prctl(PR_CAPBSET_DROP) failure. In a future CL, this could
  become a fatal error.

Make it a fatal error. With SELinux support, all devices are
required to support file capabilities.

Change-Id: I0ce0c4cb9387c42e325cbf1a63c5d82e6aab530c
2015-12-15 16:54:53 -08:00
Mike Frysinger 6945e36060 Merge "adbd: refactor priv dropping logic" 2015-12-11 17:03:19 +00:00
Josh Gao aae38d9704 Merge "adb: shell: add -n flag to not read from stdin." 2015-12-10 21:30:19 +00:00
Josh Gao 7d58607360 adb: shell: add -n flag to not read from stdin.
Shell scripts of the following form do not work properly with adb:
    echo "foo\nbar\nbaz" | {
        read FOO
        while [ "$FOO" != "" ]; do
            adb shell echo $FOO
            read FOO
        done
    }
The first run of adb shell will consume all of the contents of stdin,
causing the loop to immediately end. ssh solves this by providing a -n
flag that causes it to not read from stdin. This commit adds the same.

Bug: http://b/25817224
Change-Id: Id74ca62ef520bcf03678b50f4bf203916fd81038
2015-12-10 12:52:06 -08:00
Mike Frysinger 4120ebc635 adbd: refactor priv dropping logic
Makes the code a little cleaner.

Change-Id: I961b6fc8730c45d8fd4f9fd2981a6d6ab8f51fb6
2015-12-10 13:35:10 -05:00
Elliott Hughes 4f71319df0 Track rename of base/ to android-base/.
Change-Id: Idf9444fece4aa89c93e15640de59a91f6e758ccf
2015-12-04 22:00:26 -08:00
Jorge Lucangeli Obes f39c56456d Fix typo, caps in error messages.
Bug: None
Change-Id: I673189f84812637c240321b72cf77b26b170b6ad
2015-11-11 11:34:14 -08:00
Nick Kralevich c39ba5ae32 Enable hidepid=2 on /proc
Add the following mount options to the /proc filesystem:

  hidepid=2,gid=3009

This change blocks /proc access unless you're in group 3009
(aka AID_READPROC).

Please see
  https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt
for documentation on the hidepid option.

hidepid=2 is preferred over hidepid=1 since it leaks less information
and doesn't generate SELinux ptrace denials when trying to access
/proc without being in the proper group.

Add AID_READPROC to processes which need to access /proc entries for
other UIDs.

Bug: 23310674
Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
2015-11-09 09:08:46 -08:00
Yabin Cui aed3c61c44 Adb: use VLOG() to replace D() for verbose logging.
As there are too many D(), we can keep both VLOG() and D() now, and get
rid of D() gradually.

Change-Id: I2f1cb70bcab3e82c99fed939341d03f6b2216076
2015-09-23 12:53:38 -07:00
Yabin Cui 7a3f8d6691 adb: clean up debug tracing a little.
Always use LOG() for debug tracing.
Remove useless D_lock. I believe it is useless to lock just before and after fprintf.

I verified the log output both on host and on device. The output looks fine to me.

Change-Id: I96ccfe408ff56864361551afe9ad464d197ae104
2015-09-02 20:21:00 -07:00
Elliott Hughes bd4b1fa4a9 Improve adb tracing.
The existing format was unreadable; putting the pid and tid first helps
somewhat. Also remove the unused qemu tracing which wasn't called anywhere.

Change-Id: I37ef3c556fe17b237ba1d8ca3216e2155ce5d0de
2015-08-28 14:46:33 -07:00
Yabin Cui 0e2c194659 adb: poll for emulator connection.
Bug: 19974213
Change-Id: I336f3ad6f428277c54479e5b8c45d5343c64f472
2015-07-31 14:25:19 -07:00
Spencer Low 5200c6670f adb: win32: initial IPv6 support and improved Winsock error reporting
Call getaddrinfo() for connecting to IPv6 destinations.

Winsock APIs do not set errno. WSAGetLastError() returns Winsock errors
that are more numerous than BSD sockets, so it really doesn't make sense
to map those to BSD socket errors. Plus, even if we did that, the
Windows C Runtime (that mingw binaries use) has a strerror() that does
not recognize BSD socket error codes.

The solution is to wrap the various libcutils socket_* APIs with
sysdeps.h network_* APIs. For POSIX, the network_* APIs just call
strerror(). For Windows, they call SystemErrorCodeToString() (adapted
from Chromium).

Also in this change:

 - Various other code was modified to return errors in a std::string*
   argument, to be able to surface the error string to the end-user.

 - Improved error checking and use of D() to log Winsock errors for
   improved debuggability.

 - For sysdeps_win32.cpp, added unique_fh class that works like
   std::unique_ptr, for calling _fh_close().

 - Fix win32 adb_socketpair() setting of errno in error case.

 - Improve _socket_set_errno() D() logging to reduce confusion. Map
   a few extra error codes.

 - Move adb_shutdown() lower in sysdeps_win32.cpp so it can call
   _socket_set_errno().

 - Move network_connect() from adb_utils.cpp to sysdeps.h.

 - Merge socket_loopback_server() and socket_inaddr_any_server() into
   _network_server() since most of the code was identical.

Change-Id: I945f36870f320578b3a11ba093852ba6f7b93400
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
2015-07-30 23:07:55 -07:00
Elliott Hughes 5cba504215 Ignore ro.adb.secure in user builds.
Require authorization by default, and remove the ability to override
that in user builds. (userdebug and eng are still free to do whatever
they want.)

Bug: http://b/21862859
Change-Id: Ibf8af375be5bf1141c1ad481eee7a59fb10a7adb
2015-06-18 10:19:30 -07:00
Nick Kralevich 4d87095ebf Remove calls to is_selinux_enabled()
d34e407aeb removed support for
running with SELinux completely disabled. SELinux must either be
in permissive or enforcing mode now.

Remove unnecessary calls to is_selinux_enabled(). It always returns
true now.

Change-Id: Ife3156b74b13b2e590afe4accf716fc7776567e5
2015-06-12 22:12:33 -07:00
Spencer Low 6ac5d7dc56 adb: fix adb_close() vs. unix_close() usage
Document the differences between adb_*() and unix_*() in the function
prototypes in sysdeps.h. See the file for the details (CR/LF
translation, well-known file descriptors, etc.).

Fix adb_read(), adb_write(), and adb_close() calls that should really be
unix_read(), unix_write(), and unix_close(). Note that this should have
no impact on unix because on unix, unix_read/unix_write/unix_close are
macros that map to adb_read/adb_write/adb_close.

Improve sysdeps_win32.cpp file descriptor diagnostic logging to output
the name of the function that was passed a bad file descriptor.

Change-Id: I0a1d9c28772656c80bcc303ef8b61fccf4cd637c
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
2015-05-22 20:20:49 -07:00
Dan Albert 9313c0df20 Improve logging.
Any output from the LOG family will now go to stderr and logcat on the
device. stderr is usually redirected to a log file, but that is now
inhibited for adbd if being run from a tty (useful when debugging with
the serial console).

This also fixes sending logs to the file on device for the trace mask
of "all". The "all" tag was specifically handled to return early from
the function, preventing the file initialization from happening.

Change-Id: Id253577bfd1500fbce92dbfba0f9be23dbfd5ee4
2015-05-21 16:25:57 -07:00
Dan Albert c89e0ccd40 Revert "Revert "Split adb_main.cpp into client and daemon.""
This reverts commit 218dbccefa.

Change-Id: I74088db34983dc99e316a07c6ddc294340e0eb71
2015-05-08 17:33:21 -07:00
Dan Albert 218dbccefa Revert "Split adb_main.cpp into client and daemon."
This reverts commit cf07494ac2.
2015-05-08 16:08:57 -07:00
Dan Albert cf07494ac2 Split adb_main.cpp into client and daemon.
The name "client" is somewhat misleading as it also contains the host
side adb server, but it's a part of the client binary.

Change-Id: I128b7bab213e330eb21b5010cd1fec5f7a62c8af
2015-05-08 10:20:26 -07:00