Secure adb using a public key authentication, to allow USB debugging
only from authorized hosts.
When a device is connected to an unauthorized host, the adb daemon sends
the user public key to the device. A popup is shown to ask the user to
allow debugging once or permanantly from the host. The public key is
installed on the device in the later case. Other keys may be installed
at build time.
On the host, the user public/private key pair is automatically generated,
if it does not exist, when the adb daemon starts and is stored in
$HOME/.android/adb_key(.pub) or in $ANDROID_SDK_HOME on windows. If needed,
the ADB_KEYS_PATH env variable may be set to a :-separated (; under
Windows) list of private keys, e.g. company-wide or vendor keys.
On the device, vendors public keys are installed at build time in
/adb_keys. User-installed keys are stored in /data/misc/adb/adb_keys.
ADB Protocol change:
If the device needs to authenticate the host, it replies to CNXN
packets with an AUTH packet. The AUTH packet payload is a random token.
The host signs the token with one of its private keys and sends an AUTH(0)
packet. If the signature verification succeeds, the device replies with
a CNXN packet. Otherwise, it sends a new AUTH packet with a new token so
that the host can retry with another private key. Once the host has tried
all its keys, it can send an AUTH(1) packet with a public key as
payload. adbd then sends the public key to the framework (if it has been
started) for confirmation.
Change-Id: I4e84d7621da956f66ff657245901bdaefead8395
Define /storage as top-level concept, so that we enforce permissions
uniformly. Moves external storage paths from headers to per-device
environment variables. Added missing mount flags, and we no longer
have adb-specific external storage.
Bug: 6925012
Change-Id: Ic7ca953be2f552d3f0ec9e69f89fef751daa1b29
Just print a warning if ADB_EXTERNAL_STORAGE is not defined when ADB
runs instead of segfaulting. If we really don't want to continue to
run, we can make this a fatal error instead.
Change-Id: Icfc5fb9e594b0a310029f1dca7e9476f27ceb7bc
Also remove mount() from adb, since it can come online long before
data partition is ready. Set EXTERNAL_STORAGE environment variable
to point to owner for backwards compatibility.
Bug: 7005701
Change-Id: I63444f6636624eb7ad89f053daa289663424639e
Secure adb using a public key authentication, to allow USB debugging
only from authorized hosts.
When a device is connected to an unauthorized host, the adb daemon sends
the user public key to the device. A popup is shown to ask the user to
allow debugging once or permanantly from the host. The public key is
installed on the device in the later case. Other keys may be installed
at build time.
On the host, the user public/private key pair is automatically generated,
if it does not exist, when the adb daemon starts and is stored in
$HOME/.android/adb_key(.pub) or in $ANDROID_SDK_HOME on windows. If needed,
the ADB_KEYS_PATH env variable may be set to a ;-separated list of private
keys, e.g. company-wide or vendor keys.
On the device, vendors public keys are installed at build time in
/adb_keys. User-installed keys are stored in /data/misc/adb/adb_keys.
ADB Protocol change:
If the device needs to authenticate the host, it replies to CNXN
packets with an AUTH packet. The AUTH packet payload is a random token.
The host signs the token with one of its private keys and sends an AUTH(0)
packet. If the signature verification succeeds, the device replies with
a CNXN packet. Otherwise, it sends a new AUTH packet with a new token so
that the host can retry with another private key. Once the host has tried
all its keys, it can send an AUTH(1) packet with a public key as
payload. adbd then sends the public key to the framework (if it has been
started) for confirmation.
Change-Id: Idce931a7bfe4ce878428eaa47838e5184ac6073f
Remount rootfs as recursively shared, so that mount changes are
propagated into child namespaces. Mount external storage for access
from adb.
Clean multi-user dependencies for use in Dalvik. Also define
external storage paths.
Bug: 6925012
Change-Id: I375de581a63f4f36667894c56a34a9dd45361e8f
(cherry picked from commit ae868a4045 in master)
Change-Id: I980c7c5e8affbc8627d17b1d9303b002adcdb29a
Signed-off-by: Mike J. Chen <mjchen@google.com>
Conflicts:
adb/adb.c
When using a third party screen capture program called androidscreencast
(http://code.google.com/p/androidscreencast/) to get the framebuffer of
the device, there are tons of screencap zombie processes got left behind.
The issue is also mentioned here: http://code.google.com/p/android/issues/detail?id=22836.
The cause of the issue is that adbd spawns off screencap processes,
and these child processes were not waited to be finished.
This change fixes the issue.
Change-Id: Ife928d65ecf6a2ff39b8b72ddba930fda6733a00
Signed-off-by: Yuriy Zabroda <yuriy.zabroda@ti.com>
When running "adb tcpip 5555", adb create a service socket named
"tcpip:5555". Only compare the 6 first chars "tcpip:" to decide if
we enable exit_on_close.
Bug: 6650130
Change-Id: I0835973de044f1cfde0e859ff0277c0ccc2630a3
A recent change use strtok_r which broke the Windows build.
Clear this potential landmine by adding adb_strtok_r to sysdeps.h
in the typical fashion. For Windows, the actual implementation
in sysdeps_win32.c was copied from bionic/libc/string/strtok.c.
Change-Id: Ibb71555bc429f7058c07c3d39e0b62859c79635c
Signed-off-by: Scott Anderson <saa@android.com>
Prior to this change, -s could take either a serial number or a
device path (e.g. "-s 01498B1F02015015" or "-s usb:1-4.2"). This
change extends -s to also allow product, model or device names
(e.g. "-s product:mysid"). These new qualifiers will only be
available on devices that are running an adb daemon that provides
properties in the connect message per Change-Id:
I09200decde4facb8fc9b4056fdae910155f2bcb9
The product, model and device are derived from the
ro.product.name, ro.product.model and ro.product.device
properties respectively. They are prefixed with "product:",
"model:" or "device:" as appropriate. In addition, any
non-alphanumerics in the model are changed to underscores.
If the -s parameter matches multiple devices, the result will be
the same as when multiple devices are connected but no -d, -e or
-s option is specified. In general, this means the user will get
"error: more than one device". However for get-state,
get-devpath and get-serialno, they will get "unknown".
The format of "devices -l" was changed to list all of the
qualifiers that are available. The following example output
(with the last digits of the serial numbers replaced with X's) is
with a Galaxy Prime with an older adb daemon and another Galaxy
Prime and Galaxy S both with the enhanced adb daemons:
List of devices attached
016B75D60A0060XX device usb:2-5 product:mysid model:Galaxy_Nexus device:toro
3731B535FAC200XX device usb:1-4.2 product:soju model:Nexus_S device:crespo
01498B1F020150XX device usb:1-4.1
Note that the serial number and state are now column oriented
instead of tab delimited. After the serial number and state, all
qualifiers are listed with each preceded by a space. The output
of the original devices command (without -l) is unchanged.
Change-Id: Iceeb2789874effc25a630d514a375d6f1889dc56
Signed-off-by: Scott Anderson <saa@android.com>
protocol.txt says that the connect message should have three
fields:
<systemtype>:<serialno>:<banner>
In reality, what is transmitted is simply:
<systemtype>::
The serialno is obtained via other means so doesn't really need
to be a part of the connect message. This change puts the
ro.product.name, ro.product.model and ro.product.device
properties in the <banner> for devices. Each property is
terminated by a semicolon (;) with the key and value separated by
an equals sign (=). Example message:
device::ro.product.name=<prd>;ro.product.model=<mdl>;ro.product.device=<dev>;
Making this change will enable the device list to provide more
information to the user and to give the potential for being able
to select which device to talk to with the -s option.
Change-Id: I09200decde4facb8fc9b4056fdae910155f2bcb9
Signed-off-by: Scott Anderson <saa@android.com>
This is the second version of a patch which demonstrates the possibility
of using adbd (Android Debug Bridge daemon) with a generic FunctionFS gadget
instead of a custom adb usb gadget in the Linux kernel. It contains changes
introduced after Benoit's review - thank you Benoit.
The patch adds a new usb access layer to adbd using FunctionFS. The former
usb access method is still available. The method is chosen at runtime
depending if /dev/usb-ffs/adb/ep0 or /dev/android_adb is accessible.
How to use on the target device:
$ insmod g_ffs.ko idVendor=<vendor ID> iSerialNumber=<some string>
$ mount -t functionfs adb /dev/usb-ffs/adb -o uid=2000,gid=2000
$ ./adbd
This patch requires a patch to bionic which adds <linux/usb_functionfs.h>
which is an exact copy of the relevant file in the linux kernel.
Change-Id: I4b42eb267ffa50fca7a5fba46f388a2f083e8b2d
Signed-off-by: Andrzej Pietrasiewicz <andrzej.p@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
[benoit@android.com: detect at runtime if functionfs is mounted
or fallback using f_adb]
Signed-off-by: Benoit Goby <benoit@android.com>
The commands that use "host-serial:<serial-number>:<request>"
service did not handle "-s usb:<path>". The -s parameter is
passed as the serial number in the protocol and then matched
against either the serial number or device path. However,
skip_host_serial() in sockets.c did not know about the usb:
syntax, the serial number was parsed incorrectly. Before this
change:
$ adb -s usb:1-4.1 get-state
error: unknown host service
After:
$ adb -s usb:1-4.1 get-state
device
Code was added in find_transport() in transport.c to match device
paths, but find_transport() is only used for socket connections
so matching device paths is not needed.
Change-Id: I922cec963659dafadd0fbc8fa36dee3b55fe366c
Signed-off-by: Scott Anderson <saa@android.com>
system/core/adb/adb.c: In function 'connect_device':
system/core/adb/adb.c:1001: warning: comparison between signed and unsigned integer expressions
Change-Id: I206f85395e1d7ad8d6ef130a26c95dcf0f498696
Signed-off-by: Scott Anderson <saa@android.com>
Windows adb connection could be lost if the target
side kernel enables the kmemleak.
The root cause is that kmemleak downgrades USB
performance, and lead to Windows adb host application
timeout because usb_write()/usb_read()'s timeout time is
very short. That issue is not reproducible in Linux
host because its usb_write() timeout is 5s and usb_read()
is blocked until return:
usb_write() usb_read()
Linux 5000ms blocked until return
Windows 500+len*8 ms 500+len*8 ms
To fix that issue, extend the Windows adb host usb_write
timeout time to 5 seconds and usb_read() as a blocked routine:
usb_write() usb_read()
Windows 5000ms blocked until return
Change-Id: If54e2b4c396a5a06318c0ee0b3326a00e7661fbc
Signed-off-by: Yu Wang <yu.y.wang@intel.com>
Signed-off-by: Jin Can Zhuang <jin.can.zhuang@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
For manufacturing and testing, there is a need to talk to
whatever device is connected to a given port on the host. This
change modifies adb's "-s" option to take either a serial
number or a device path. The device paths of the connected
devices can be listed using "adb devices -l" whose output
will resemble:
List of devices attached
016B75D60A00600D usb:2-5 device
3031D0B2E71D00EC usb:1-4.3 device
The second column lists the device paths. If the -l option is
not given, the output from "adb devices" will be the same as
it used to be (i.e. the paths will not be printed).
The device path can also be obtained with the get-devpath
command:
$adb -s 3031D0B2E71D00EC get-devpath
usb:1-4.3
Note that the format of the device paths are platform dependent.
The example above is from Linux. On OS-X, the paths will be
"usb:" followed by hex digits. For other platforms, the device
paths will be printed as "????????????" and the -s option will
not be able to select a device until someone implements the
underlying functionality.
Change-Id: I057d5d9f8c5bb72eddf5b8088aae110763f809d7
Signed-off-by: Scott Anderson <saa@android.com>
