/* * Copyright (C) 2007 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #define TRACE_TAG TRACE_ADB #include "sysdeps.h" #include "adb.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "adb_auth.h" #include "adb_io.h" #include "adb_listeners.h" #include "adb_utils.h" #include "transport.h" #define ARRAY_SIZE(a) (sizeof(a) / sizeof((a)[0])) #if !ADB_HOST #include #include #include #endif #if !ADB_HOST const char* adb_device_banner = "device"; static android::base::LogdLogger gLogdLogger; #else const char* adb_device_banner = "host"; #endif void AdbLogger(android::base::LogId id, android::base::LogSeverity severity, const char* tag, const char* file, unsigned int line, const char* message) { android::base::StderrLogger(id, severity, tag, file, line, message); #if !ADB_HOST gLogdLogger(id, severity, tag, file, line, message); #endif } std::string adb_version() { // Don't change the format of this --- it's parsed by ddmlib. return android::base::StringPrintf("Android Debug Bridge version %d.%d.%d\n" "Revision %s\n", ADB_VERSION_MAJOR, ADB_VERSION_MINOR, ADB_SERVER_VERSION, ADB_REVISION); } void fatal(const char *fmt, ...) { va_list ap; va_start(ap, fmt); fprintf(stderr, "error: "); vfprintf(stderr, fmt, ap); fprintf(stderr, "\n"); va_end(ap); exit(-1); } void fatal_errno(const char* fmt, ...) { va_list ap; va_start(ap, fmt); fprintf(stderr, "error: %s: ", strerror(errno)); vfprintf(stderr, fmt, ap); fprintf(stderr, "\n"); va_end(ap); exit(-1); } #if !ADB_HOST static std::string get_log_file_name() { struct tm now; time_t t; tzset(); time(&t); localtime_r(&t, &now); char timestamp[PATH_MAX]; strftime(timestamp, sizeof(timestamp), "%Y-%m-%d-%H-%M-%S", &now); return android::base::StringPrintf("/data/adb/adb-%s-%d", timestamp, getpid()); } void start_device_log(void) { int fd = unix_open(get_log_file_name().c_str(), O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, 0640); if (fd == -1) { return; } // Redirect stdout and stderr to the log file. dup2(fd, STDOUT_FILENO); dup2(fd, STDERR_FILENO); fprintf(stderr, "--- adb starting (pid %d) ---\n", getpid()); unix_close(fd); } #endif int adb_trace_mask; std::string get_trace_setting_from_env() { const char* setting = getenv("ADB_TRACE"); if (setting == nullptr) { setting = ""; } return std::string(setting); } #if !ADB_HOST std::string get_trace_setting_from_prop() { char buf[PROPERTY_VALUE_MAX]; property_get("persist.adb.trace_mask", buf, ""); return std::string(buf); } #endif std::string get_trace_setting() { #if ADB_HOST return get_trace_setting_from_env(); #else return get_trace_setting_from_prop(); #endif } // Split the space separated list of tags from the trace setting and build the // trace mask from it. note that '1' and 'all' are special cases to enable all // tracing. // // adb's trace setting comes from the ADB_TRACE environment variable, whereas // adbd's comes from the system property persist.adb.trace_mask. static void setup_trace_mask() { const std::string trace_setting = get_trace_setting(); std::unordered_map trace_flags = { {"1", 0}, {"all", 0}, {"adb", TRACE_ADB}, {"sockets", TRACE_SOCKETS}, {"packets", TRACE_PACKETS}, {"rwx", TRACE_RWX}, {"usb", TRACE_USB}, {"sync", TRACE_SYNC}, {"sysdeps", TRACE_SYSDEPS}, {"transport", TRACE_TRANSPORT}, {"jdwp", TRACE_JDWP}, {"services", TRACE_SERVICES}, {"auth", TRACE_AUTH}, {"shell", TRACE_SHELL}}; std::vector elements = android::base::Split(trace_setting, " "); for (const auto& elem : elements) { const auto& flag = trace_flags.find(elem); if (flag == trace_flags.end()) { D("Unknown trace flag: %s", flag->first.c_str()); continue; } if (flag->second == 0) { // 0 is used for the special values "1" and "all" that enable all // tracing. adb_trace_mask = ~0; return; } else { adb_trace_mask |= 1 << flag->second; } } } void adb_trace_init(char** argv) { #if !ADB_HOST // Don't open log file if no tracing, since this will block // the crypto unmount of /data if (!get_trace_setting().empty()) { if (isatty(STDOUT_FILENO) == 0) { start_device_log(); } } #endif setup_trace_mask(); android::base::InitLogging(argv, AdbLogger); D("%s", adb_version().c_str()); } apacket* get_apacket(void) { apacket* p = reinterpret_cast(malloc(sizeof(apacket))); if (p == nullptr) { fatal("failed to allocate an apacket"); } memset(p, 0, sizeof(apacket) - MAX_PAYLOAD); return p; } void put_apacket(apacket *p) { free(p); } void handle_online(atransport *t) { D("adb: online"); t->online = 1; } void handle_offline(atransport *t) { D("adb: offline"); //Close the associated usb t->online = 0; // This is necessary to avoid a race condition that occurred when a transport closes // while a client socket is still active. close_all_sockets(t); t->RunDisconnects(); } #if DEBUG_PACKETS #define DUMPMAX 32 void print_packet(const char *label, apacket *p) { char *tag; char *x; unsigned count; switch(p->msg.command){ case A_SYNC: tag = "SYNC"; break; case A_CNXN: tag = "CNXN" ; break; case A_OPEN: tag = "OPEN"; break; case A_OKAY: tag = "OKAY"; break; case A_CLSE: tag = "CLSE"; break; case A_WRTE: tag = "WRTE"; break; case A_AUTH: tag = "AUTH"; break; default: tag = "????"; break; } fprintf(stderr, "%s: %s %08x %08x %04x \"", label, tag, p->msg.arg0, p->msg.arg1, p->msg.data_length); count = p->msg.data_length; x = (char*) p->data; if(count > DUMPMAX) { count = DUMPMAX; tag = "\n"; } else { tag = "\"\n"; } while(count-- > 0){ if((*x >= ' ') && (*x < 127)) { fputc(*x, stderr); } else { fputc('.', stderr); } x++; } fputs(tag, stderr); } #endif static void send_ready(unsigned local, unsigned remote, atransport *t) { D("Calling send_ready"); apacket *p = get_apacket(); p->msg.command = A_OKAY; p->msg.arg0 = local; p->msg.arg1 = remote; send_packet(p, t); } static void send_close(unsigned local, unsigned remote, atransport *t) { D("Calling send_close"); apacket *p = get_apacket(); p->msg.command = A_CLSE; p->msg.arg0 = local; p->msg.arg1 = remote; send_packet(p, t); } std::string get_connection_string() { std::vector connection_properties; #if !ADB_HOST static const char* cnxn_props[] = { "ro.product.name", "ro.product.model", "ro.product.device", }; for (const auto& prop_name : cnxn_props) { char value[PROPERTY_VALUE_MAX]; property_get(prop_name, value, ""); connection_properties.push_back( android::base::StringPrintf("%s=%s", prop_name, value)); } #endif connection_properties.push_back(android::base::StringPrintf( "features=%s", android::base::Join(supported_features(), ',').c_str())); return android::base::StringPrintf( "%s::%s", adb_device_banner, android::base::Join(connection_properties, ';').c_str()); } void send_connect(atransport* t) { D("Calling send_connect"); apacket* cp = get_apacket(); cp->msg.command = A_CNXN; cp->msg.arg0 = t->get_protocol_version(); cp->msg.arg1 = t->get_max_payload(); std::string connection_str = get_connection_string(); // Connect and auth packets are limited to MAX_PAYLOAD_V1 because we don't // yet know how much data the other size is willing to accept. if (connection_str.length() > MAX_PAYLOAD_V1) { LOG(FATAL) << "Connection banner is too long (length = " << connection_str.length() << ")"; } memcpy(cp->data, connection_str.c_str(), connection_str.length()); cp->msg.data_length = connection_str.length(); send_packet(cp, t); } // qual_overwrite is used to overwrite a qualifier string. dst is a // pointer to a char pointer. It is assumed that if *dst is non-NULL, it // was malloc'ed and needs to freed. *dst will be set to a dup of src. // TODO: switch to std::string for these atransport fields instead. static void qual_overwrite(char** dst, const std::string& src) { free(*dst); *dst = strdup(src.c_str()); } void parse_banner(const std::string& banner, atransport* t) { D("parse_banner: %s", banner.c_str()); // The format is something like: // "device::ro.product.name=x;ro.product.model=y;ro.product.device=z;". std::vector pieces = android::base::Split(banner, ":"); if (pieces.size() > 2) { const std::string& props = pieces[2]; for (auto& prop : android::base::Split(props, ";")) { // The list of properties was traditionally ;-terminated rather than ;-separated. if (prop.empty()) continue; std::vector key_value = android::base::Split(prop, "="); if (key_value.size() != 2) continue; const std::string& key = key_value[0]; const std::string& value = key_value[1]; if (key == "ro.product.name") { qual_overwrite(&t->product, value); } else if (key == "ro.product.model") { qual_overwrite(&t->model, value); } else if (key == "ro.product.device") { qual_overwrite(&t->device, value); } else if (key == "features") { for (const auto& feature : android::base::Split(value, ",")) { t->add_feature(feature); } } } } const std::string& type = pieces[0]; if (type == "bootloader") { D("setting connection_state to kCsBootloader"); t->connection_state = kCsBootloader; update_transports(); } else if (type == "device") { D("setting connection_state to kCsDevice"); t->connection_state = kCsDevice; update_transports(); } else if (type == "recovery") { D("setting connection_state to kCsRecovery"); t->connection_state = kCsRecovery; update_transports(); } else if (type == "sideload") { D("setting connection_state to kCsSideload"); t->connection_state = kCsSideload; update_transports(); } else { D("setting connection_state to kCsHost"); t->connection_state = kCsHost; } } static void handle_new_connection(atransport* t, apacket* p) { if (t->connection_state != kCsOffline) { t->connection_state = kCsOffline; handle_offline(t); } t->update_version(p->msg.arg0, p->msg.arg1); std::string banner(reinterpret_cast(p->data), p->msg.data_length); parse_banner(banner, t); #if ADB_HOST handle_online(t); #else if (!auth_required) { handle_online(t); send_connect(t); } else { send_auth_request(t); } #endif } void handle_packet(apacket *p, atransport *t) { asocket *s; D("handle_packet() %c%c%c%c", ((char*) (&(p->msg.command)))[0], ((char*) (&(p->msg.command)))[1], ((char*) (&(p->msg.command)))[2], ((char*) (&(p->msg.command)))[3]); print_packet("recv", p); switch(p->msg.command){ case A_SYNC: if(p->msg.arg0){ send_packet(p, t); #if ADB_HOST send_connect(t); #endif } else { t->connection_state = kCsOffline; handle_offline(t); send_packet(p, t); } return; case A_CNXN: // CONNECT(version, maxdata, "system-id-string") handle_new_connection(t, p); break; case A_AUTH: if (p->msg.arg0 == ADB_AUTH_TOKEN) { t->connection_state = kCsUnauthorized; t->key = adb_auth_nextkey(t->key); if (t->key) { send_auth_response(p->data, p->msg.data_length, t); } else { /* No more private keys to try, send the public key */ send_auth_publickey(t); } } else if (p->msg.arg0 == ADB_AUTH_SIGNATURE) { if (adb_auth_verify(t->token, p->data, p->msg.data_length)) { adb_auth_verified(t); t->failed_auth_attempts = 0; } else { if (t->failed_auth_attempts++ > 10) adb_sleep_ms(1000); send_auth_request(t); } } else if (p->msg.arg0 == ADB_AUTH_RSAPUBLICKEY) { adb_auth_confirm_key(p->data, p->msg.data_length, t); } break; case A_OPEN: /* OPEN(local-id, 0, "destination") */ if (t->online && p->msg.arg0 != 0 && p->msg.arg1 == 0) { char *name = (char*) p->data; name[p->msg.data_length > 0 ? p->msg.data_length - 1 : 0] = 0; s = create_local_service_socket(name, t); if(s == 0) { send_close(0, p->msg.arg0, t); } else { s->peer = create_remote_socket(p->msg.arg0, t); s->peer->peer = s; send_ready(s->id, s->peer->id, t); s->ready(s); } } break; case A_OKAY: /* READY(local-id, remote-id, "") */ if (t->online && p->msg.arg0 != 0 && p->msg.arg1 != 0) { if((s = find_local_socket(p->msg.arg1, 0))) { if(s->peer == 0) { /* On first READY message, create the connection. */ s->peer = create_remote_socket(p->msg.arg0, t); s->peer->peer = s; s->ready(s); } else if (s->peer->id == p->msg.arg0) { /* Other READY messages must use the same local-id */ s->ready(s); } else { D("Invalid A_OKAY(%d,%d), expected A_OKAY(%d,%d) on transport %s", p->msg.arg0, p->msg.arg1, s->peer->id, p->msg.arg1, t->serial); } } } break; case A_CLSE: /* CLOSE(local-id, remote-id, "") or CLOSE(0, remote-id, "") */ if (t->online && p->msg.arg1 != 0) { if((s = find_local_socket(p->msg.arg1, p->msg.arg0))) { /* According to protocol.txt, p->msg.arg0 might be 0 to indicate * a failed OPEN only. However, due to a bug in previous ADB * versions, CLOSE(0, remote-id, "") was also used for normal * CLOSE() operations. * * This is bad because it means a compromised adbd could * send packets to close connections between the host and * other devices. To avoid this, only allow this if the local * socket has a peer on the same transport. */ if (p->msg.arg0 == 0 && s->peer && s->peer->transport != t) { D("Invalid A_CLSE(0, %u) from transport %s, expected transport %s", p->msg.arg1, t->serial, s->peer->transport->serial); } else { s->close(s); } } } break; case A_WRTE: /* WRITE(local-id, remote-id, ) */ if (t->online && p->msg.arg0 != 0 && p->msg.arg1 != 0) { if((s = find_local_socket(p->msg.arg1, p->msg.arg0))) { unsigned rid = p->msg.arg0; p->len = p->msg.data_length; if(s->enqueue(s, p) == 0) { D("Enqueue the socket"); send_ready(s->id, rid, t); } return; } } break; default: printf("handle_packet: what is %08x?!\n", p->msg.command); } put_apacket(p); } #if ADB_HOST #ifdef _WIN32 static bool _make_handle_noninheritable(HANDLE h) { if (h != INVALID_HANDLE_VALUE && h != NULL) { if (!SetHandleInformation(h, HANDLE_FLAG_INHERIT, 0)) { // Show the handle value to give us a clue in case we have problems // with pseudo-handle values. fprintf(stderr, "Cannot make handle 0x%p non-inheritable: %s\n", h, SystemErrorCodeToString(GetLastError()).c_str()); return false; } } return true; } // Create anonymous pipe, preventing inheritance of the read pipe and setting // security of the write pipe to sa. static bool _create_anonymous_pipe(unique_handle* pipe_read_out, unique_handle* pipe_write_out, SECURITY_ATTRIBUTES* sa) { HANDLE pipe_read_raw = NULL; HANDLE pipe_write_raw = NULL; if (!CreatePipe(&pipe_read_raw, &pipe_write_raw, sa, 0)) { fprintf(stderr, "Cannot create pipe: %s\n", SystemErrorCodeToString(GetLastError()).c_str()); return false; } unique_handle pipe_read(pipe_read_raw); pipe_read_raw = NULL; unique_handle pipe_write(pipe_write_raw); pipe_write_raw = NULL; if (!_make_handle_noninheritable(pipe_read.get())) { return false; } *pipe_read_out = std::move(pipe_read); *pipe_write_out = std::move(pipe_write); return true; } // Read from a pipe (that we take ownership of) and write what is returned to // GetStdHandle(nStdHandle). Return on error or when the pipe is closed. static unsigned _redirect_pipe_thread(HANDLE h, DWORD nStdHandle) { // Take ownership of the HANDLE and close when we're done. unique_handle read_pipe(h); const HANDLE write_handle = GetStdHandle(nStdHandle); const char* output_name = nStdHandle == STD_OUTPUT_HANDLE ? "stdout" : "stderr"; while (true) { char buf[64 * 1024]; DWORD bytes_read = 0; if (!ReadFile(read_pipe.get(), buf, sizeof(buf), &bytes_read, NULL)) { const DWORD err = GetLastError(); // ERROR_BROKEN_PIPE is expected when the subprocess closes // the other end of the pipe. if (err == ERROR_BROKEN_PIPE) { return EXIT_SUCCESS; } else { fprintf(stderr, "Failed to read from %s: %s\n", output_name, SystemErrorCodeToString(err).c_str()); return EXIT_FAILURE; } } // Don't try to write if our stdout/stderr was not setup by the // parent process. if (write_handle != NULL && write_handle != INVALID_HANDLE_VALUE) { DWORD bytes_written = 0; if (!WriteFile(write_handle, buf, bytes_read, &bytes_written, NULL)) { fprintf(stderr, "Failed to write to %s: %s\n", output_name, SystemErrorCodeToString(GetLastError()).c_str()); return EXIT_FAILURE; } if (bytes_written != bytes_read) { fprintf(stderr, "Only wrote %lu of %lu bytes to %s\n", bytes_written, bytes_read, output_name); return EXIT_FAILURE; } } } } static unsigned __stdcall _redirect_stdout_thread(HANDLE h) { adb_thread_setname("stdout redirect"); return _redirect_pipe_thread(h, STD_OUTPUT_HANDLE); } static unsigned __stdcall _redirect_stderr_thread(HANDLE h) { adb_thread_setname("stderr redirect"); return _redirect_pipe_thread(h, STD_ERROR_HANDLE); } #endif int launch_server(int server_port) { #if defined(_WIN32) /* we need to start the server in the background */ /* we create a PIPE that will be used to wait for the server's "OK" */ /* message since the pipe handles must be inheritable, we use a */ /* security attribute */ SECURITY_ATTRIBUTES sa; sa.nLength = sizeof(sa); sa.lpSecurityDescriptor = NULL; sa.bInheritHandle = TRUE; // Redirect stdin to Windows /dev/null. If we instead pass an original // stdin/stdout/stderr handle and it is a console handle, when the adb // server starts up, the C Runtime will see a console handle for a process // that isn't connected to a console and it will configure // stdin/stdout/stderr to be closed. At that point, freopen() could be used // to reopen stderr/out, but it would take more massaging to fixup the file // descriptor number that freopen() uses. It's simplest to avoid all of this // complexity by just redirecting stdin to `nul' and then the C Runtime acts // as expected. unique_handle nul_read(CreateFileW(L"nul", GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, &sa, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL)); if (nul_read.get() == INVALID_HANDLE_VALUE) { fprintf(stderr, "Cannot open 'nul': %s\n", SystemErrorCodeToString(GetLastError()).c_str()); return -1; } // create pipes with non-inheritable read handle, inheritable write handle unique_handle ack_read, ack_write; if (!_create_anonymous_pipe(&ack_read, &ack_write, &sa)) { return -1; } unique_handle stdout_read, stdout_write; if (!_create_anonymous_pipe(&stdout_read, &stdout_write, &sa)) { return -1; } unique_handle stderr_read, stderr_write; if (!_create_anonymous_pipe(&stderr_read, &stderr_write, &sa)) { return -1; } /* Some programs want to launch an adb command and collect its output by * calling CreateProcess with inheritable stdout/stderr handles, then * using read() to get its output. When this happens, the stdout/stderr * handles passed to the adb client process will also be inheritable. * When starting the adb server here, care must be taken to reset them * to non-inheritable. * Otherwise, something bad happens: even if the adb command completes, * the calling process is stuck while read()-ing from the stdout/stderr * descriptors, because they're connected to corresponding handles in the * adb server process (even if the latter never uses/writes to them). * Note that even if we don't pass these handles in the STARTUPINFO struct, * if they're marked inheritable, they're still inherited, requiring us to * deal with this. * * If we're still having problems with inheriting random handles in the * future, consider using PROC_THREAD_ATTRIBUTE_HANDLE_LIST to explicitly * specify which handles should be inherited: http://blogs.msdn.com/b/oldnewthing/archive/2011/12/16/10248328.aspx */ if (!_make_handle_noninheritable(GetStdHandle(STD_INPUT_HANDLE))) { return -1; } if (!_make_handle_noninheritable(GetStdHandle(STD_OUTPUT_HANDLE))) { return -1; } if (!_make_handle_noninheritable(GetStdHandle(STD_ERROR_HANDLE))) { return -1; } STARTUPINFOW startup; ZeroMemory( &startup, sizeof(startup) ); startup.cb = sizeof(startup); startup.hStdInput = nul_read.get(); startup.hStdOutput = stdout_write.get(); startup.hStdError = stderr_write.get(); startup.dwFlags = STARTF_USESTDHANDLES; // Verify that the pipe_write handle value can be passed on the command line // as %d and that the rest of adb code can pass it around in an int. const int ack_write_as_int = cast_handle_to_int(ack_write.get()); if (cast_int_to_handle(ack_write_as_int) != ack_write.get()) { // If this fires, either handle values are larger than 32-bits or else // there is a bug in our casting. // https://msdn.microsoft.com/en-us/library/windows/desktop/aa384203%28v=vs.85%29.aspx fprintf(stderr, "Cannot fit pipe handle value into 32-bits: 0x%p\n", ack_write.get()); return -1; } // get path of current program WCHAR program_path[MAX_PATH]; const DWORD module_result = GetModuleFileNameW(NULL, program_path, arraysize(program_path)); if ((module_result >= arraysize(program_path)) || (module_result == 0)) { // String truncation or some other error. fprintf(stderr, "Cannot get executable path: %s\n", SystemErrorCodeToString(GetLastError()).c_str()); return -1; } WCHAR args[64]; snwprintf(args, arraysize(args), L"adb -P %d fork-server server --reply-fd %d", server_port, ack_write_as_int); PROCESS_INFORMATION pinfo; ZeroMemory(&pinfo, sizeof(pinfo)); if (!CreateProcessW( program_path, /* program path */ args, /* the fork-server argument will set the debug = 2 in the child */ NULL, /* process handle is not inheritable */ NULL, /* thread handle is not inheritable */ TRUE, /* yes, inherit some handles */ DETACHED_PROCESS, /* the new process doesn't have a console */ NULL, /* use parent's environment block */ NULL, /* use parent's starting directory */ &startup, /* startup info, i.e. std handles */ &pinfo )) { fprintf(stderr, "Cannot create process: %s\n", SystemErrorCodeToString(GetLastError()).c_str()); return -1; } unique_handle process_handle(pinfo.hProcess); pinfo.hProcess = NULL; // Close handles that we no longer need to complete the rest. CloseHandle(pinfo.hThread); pinfo.hThread = NULL; nul_read.reset(); ack_write.reset(); stdout_write.reset(); stderr_write.reset(); // Start threads to read from subprocess stdout/stderr and write to ours // to make subprocess errors easier to diagnose. // In the past, reading from a pipe before the child process's C Runtime // started up and called GetFileType() caused a hang: http://blogs.msdn.com/b/oldnewthing/archive/2011/12/02/10243553.aspx#10244216 // This is reportedly fixed in Windows Vista: https://support.microsoft.com/en-us/kb/2009703 // I was unable to reproduce the problem on Windows XP. It sounds like a // Windows Update may have fixed this: https://www.duckware.com/tech/peeknamedpipe.html unique_handle stdout_thread(reinterpret_cast( _beginthreadex(NULL, 0, _redirect_stdout_thread, stdout_read.get(), 0, NULL))); if (stdout_thread.get() == nullptr) { fprintf(stderr, "Cannot create thread: %s\n", strerror(errno)); return -1; } stdout_read.release(); // Transfer ownership to new thread unique_handle stderr_thread(reinterpret_cast( _beginthreadex(NULL, 0, _redirect_stderr_thread, stderr_read.get(), 0, NULL))); if (stderr_thread.get() == nullptr) { fprintf(stderr, "Cannot create thread: %s\n", strerror(errno)); return -1; } stderr_read.release(); // Transfer ownership to new thread bool got_ack = false; // Wait for the "OK\n" message, for the pipe to be closed, or other error. { char temp[3]; DWORD count = 0; if (ReadFile(ack_read.get(), temp, sizeof(temp), &count, NULL)) { const CHAR expected[] = "OK\n"; const DWORD expected_length = arraysize(expected) - 1; if (count == expected_length && memcmp(temp, expected, expected_length) == 0) { got_ack = true; } else { fprintf(stderr, "ADB server didn't ACK\n"); } } else { const DWORD err = GetLastError(); // If the ACK was not written and the process exited, GetLastError() // is probably ERROR_BROKEN_PIPE, in which case that info is not // useful to the user. fprintf(stderr, "could not read ok from ADB Server%s\n", err == ERROR_BROKEN_PIPE ? "" : android::base::StringPrintf(": %s", SystemErrorCodeToString(err).c_str()).c_str()); } } // Always try to wait a bit for threads reading stdout/stderr to finish. // If the process started ok, it should close the pipes causing the threads // to finish. If the process had an error, it should exit, also causing // the pipes to be closed. In that case we want to read all of the output // and write it out so that the user can diagnose failures. const DWORD thread_timeout_ms = 15 * 1000; const HANDLE threads[] = { stdout_thread.get(), stderr_thread.get() }; const DWORD wait_result = WaitForMultipleObjects(arraysize(threads), threads, TRUE, thread_timeout_ms); if (wait_result == WAIT_TIMEOUT) { // Threads did not finish after waiting a little while. Perhaps the // server didn't close pipes, or it is hung. fprintf(stderr, "Timed-out waiting for threads to finish reading from " "ADB Server\n"); // Process handles are signaled when the process exits, so if we wait // on the handle for 0 seconds and it returns 'timeout', that means that // the process is still running. if (WaitForSingleObject(process_handle.get(), 0) == WAIT_TIMEOUT) { // We could TerminateProcess(), but that seems somewhat presumptive. fprintf(stderr, "ADB Server is running: process id %lu\n", pinfo.dwProcessId); } return -1; } if (wait_result != WAIT_OBJECT_0) { fprintf(stderr, "Unexpected result waiting for threads: %lu: %s\n", wait_result, SystemErrorCodeToString(GetLastError()).c_str()); return -1; } // For now ignore the thread exit codes and assume they worked properly. if (!got_ack) { return -1; } #else /* !defined(_WIN32) */ char path[PATH_MAX]; int fd[2]; // set up a pipe so the child can tell us when it is ready. // fd[0] will be parent's end, and the child will write on fd[1] if (pipe(fd)) { fprintf(stderr, "pipe failed in launch_server, errno: %d\n", errno); return -1; } get_my_path(path, PATH_MAX); pid_t pid = fork(); if(pid < 0) return -1; if (pid == 0) { // child side of the fork adb_close(fd[0]); char str_port[30]; snprintf(str_port, sizeof(str_port), "%d", server_port); char reply_fd[30]; snprintf(reply_fd, sizeof(reply_fd), "%d", fd[1]); // child process int result = execl(path, "adb", "-P", str_port, "fork-server", "server", "--reply-fd", reply_fd, NULL); // this should not return fprintf(stderr, "OOPS! execl returned %d, errno: %d\n", result, errno); } else { // parent side of the fork char temp[3]; temp[0] = 'A'; temp[1] = 'B'; temp[2] = 'C'; // wait for the "OK\n" message adb_close(fd[1]); int ret = adb_read(fd[0], temp, 3); int saved_errno = errno; adb_close(fd[0]); if (ret < 0) { fprintf(stderr, "could not read ok from ADB Server, errno = %d\n", saved_errno); return -1; } if (ret != 3 || temp[0] != 'O' || temp[1] != 'K' || temp[2] != '\n') { fprintf(stderr, "ADB server didn't ACK\n" ); return -1; } setsid(); } #endif /* !defined(_WIN32) */ return 0; } #endif /* ADB_HOST */ // Try to handle a network forwarding request. // This returns 1 on success, 0 on failure, and -1 to indicate this is not // a forwarding-related request. int handle_forward_request(const char* service, TransportType type, const char* serial, int reply_fd) { if (!strcmp(service, "list-forward")) { // Create the list of forward redirections. std::string listeners = format_listeners(); #if ADB_HOST SendOkay(reply_fd); #endif SendProtocolString(reply_fd, listeners); return 1; } if (!strcmp(service, "killforward-all")) { remove_all_listeners(); #if ADB_HOST /* On the host: 1st OKAY is connect, 2nd OKAY is status */ SendOkay(reply_fd); #endif SendOkay(reply_fd); return 1; } if (!strncmp(service, "forward:", 8) || !strncmp(service, "killforward:", 12)) { // killforward:local // forward:(norebind:)?local;remote bool kill_forward = false; bool no_rebind = false; if (android::base::StartsWith(service, "killforward:")) { kill_forward = true; service += 12; } else { service += 8; // skip past "forward:" if (android::base::StartsWith(service, "norebind:")) { no_rebind = true; service += 9; } } std::vector pieces = android::base::Split(service, ";"); if (kill_forward) { // Check killforward: parameter format: '' if (pieces.size() != 1 || pieces[0].empty()) { SendFail(reply_fd, android::base::StringPrintf("bad killforward: %s", service)); return 1; } } else { // Check forward: parameter format: ';' if (pieces.size() != 2 || pieces[0].empty() || pieces[1].empty() || pieces[1][0] == '*') { SendFail(reply_fd, android::base::StringPrintf("bad forward: %s", service)); return 1; } } std::string error_msg; atransport* transport = acquire_one_transport(kCsAny, type, serial, &error_msg); if (!transport) { SendFail(reply_fd, error_msg); return 1; } std::string error; InstallStatus r; if (kill_forward) { r = remove_listener(pieces[0].c_str(), transport); } else { r = install_listener(pieces[0], pieces[1].c_str(), transport, no_rebind, &error); } if (r == INSTALL_STATUS_OK) { #if ADB_HOST /* On the host: 1st OKAY is connect, 2nd OKAY is status */ SendOkay(reply_fd); #endif SendOkay(reply_fd); return 1; } std::string message; switch (r) { case INSTALL_STATUS_OK: message = "success (!)"; break; case INSTALL_STATUS_INTERNAL_ERROR: message = "internal error"; break; case INSTALL_STATUS_CANNOT_BIND: message = android::base::StringPrintf("cannot bind listener: %s", error.c_str()); break; case INSTALL_STATUS_CANNOT_REBIND: message = android::base::StringPrintf("cannot rebind existing socket"); break; case INSTALL_STATUS_LISTENER_NOT_FOUND: message = android::base::StringPrintf("listener '%s' not found", service); break; } SendFail(reply_fd, message); return 1; } return 0; } #if ADB_HOST static int SendOkay(int fd, const std::string& s) { SendOkay(fd); SendProtocolString(fd, s); return 0; } #endif int handle_host_request(const char* service, TransportType type, const char* serial, int reply_fd, asocket* s) { if (strcmp(service, "kill") == 0) { fprintf(stderr, "adb server killed by remote request\n"); fflush(stdout); SendOkay(reply_fd); // At least on Windows, if we exit() without shutdown(SD_SEND) or // closesocket(), the client's next recv() will error-out with // WSAECONNRESET and they'll never read the OKAY. adb_shutdown(reply_fd); exit(0); } #if ADB_HOST // "transport:" is used for switching transport with a specified serial number // "transport-usb:" is used for switching transport to the only USB transport // "transport-local:" is used for switching transport to the only local transport // "transport-any:" is used for switching transport to the only transport if (!strncmp(service, "transport", strlen("transport"))) { TransportType type = kTransportAny; if (!strncmp(service, "transport-usb", strlen("transport-usb"))) { type = kTransportUsb; } else if (!strncmp(service, "transport-local", strlen("transport-local"))) { type = kTransportLocal; } else if (!strncmp(service, "transport-any", strlen("transport-any"))) { type = kTransportAny; } else if (!strncmp(service, "transport:", strlen("transport:"))) { service += strlen("transport:"); serial = service; } std::string error_msg; atransport* t = acquire_one_transport(kCsAny, type, serial, &error_msg); if (t != nullptr) { s->transport = t; SendOkay(reply_fd); } else { SendFail(reply_fd, error_msg); } return 1; } // return a list of all connected devices if (!strncmp(service, "devices", 7)) { bool long_listing = (strcmp(service+7, "-l") == 0); if (long_listing || service[7] == 0) { D("Getting device list..."); std::string device_list = list_transports(long_listing); D("Sending device list..."); return SendOkay(reply_fd, device_list); } return 1; } if (!strcmp(service, "features")) { std::string error_msg; atransport* t = acquire_one_transport(kCsAny, type, serial, &error_msg); if (t != nullptr) { SendOkay(reply_fd, android::base::Join(t->features(), '\n')); } else { SendFail(reply_fd, error_msg); } return 0; } if (!strncmp(service, "check-feature:", strlen("check-feature:"))) { std::string error_msg; atransport* t = acquire_one_transport(kCsAny, type, serial, &error_msg); if (t && t->CanUseFeature(service + strlen("check-feature:"))) { // We could potentially extend this to reply with the feature // version if that becomes necessary. SendOkay(reply_fd, "1"); } else { // Empty response means unsupported feature. SendOkay(reply_fd, ""); } return 0; } // remove TCP transport if (!strncmp(service, "disconnect:", 11)) { const std::string address(service + 11); if (address.empty()) { kick_all_tcp_devices(); return SendOkay(reply_fd, "disconnected everything"); } std::string serial; std::string host; int port = DEFAULT_ADB_LOCAL_TRANSPORT_PORT; std::string error; if (!parse_host_and_port(address, &serial, &host, &port, &error)) { return SendFail(reply_fd, android::base::StringPrintf("couldn't parse '%s': %s", address.c_str(), error.c_str())); } atransport* t = find_transport(serial.c_str()); if (t == nullptr) { return SendFail(reply_fd, android::base::StringPrintf("no such device '%s'", serial.c_str())); } kick_transport(t); return SendOkay(reply_fd, android::base::StringPrintf("disconnected %s", address.c_str())); } // returns our value for ADB_SERVER_VERSION if (!strcmp(service, "version")) { return SendOkay(reply_fd, android::base::StringPrintf("%04x", ADB_SERVER_VERSION)); } // These always report "unknown" rather than the actual error, for scripts. if (!strcmp(service, "get-serialno")) { std::string ignored; atransport* t = acquire_one_transport(kCsAny, type, serial, &ignored); return SendOkay(reply_fd, (t && t->serial) ? t->serial : "unknown"); } if (!strcmp(service, "get-devpath")) { std::string ignored; atransport* t = acquire_one_transport(kCsAny, type, serial, &ignored); return SendOkay(reply_fd, (t && t->devpath) ? t->devpath : "unknown"); } if (!strcmp(service, "get-state")) { std::string ignored; atransport* t = acquire_one_transport(kCsAny, type, serial, &ignored); return SendOkay(reply_fd, t ? t->connection_state_name() : "unknown"); } // indicates a new emulator instance has started if (!strncmp(service, "emulator:", 9)) { int port = atoi(service+9); local_connect(port); /* we don't even need to send a reply */ return 0; } #endif // ADB_HOST int ret = handle_forward_request(service, type, serial, reply_fd); if (ret >= 0) return ret - 1; return -1; }