To be submitted along with changes in apksigner tool and the framework.
Merged to AOSP after that.
Test: adb install --incremental <apk>
go/apk-v4-signature-format
Bug: b/151241461
Change-Id: I26e187f8e389e31e2759037057b96fc6c9cb1e94
Previously, we were waiting for the other end to respond after every
file sent, which results in massive slowdown when there's any amount of
latency on the transport.
This improves performance on a cuttlefish instance with ~7ms RTT from:
system/: 2037 files pushed, 0 skipped. 2.8 MB/s (762803979 bytes in 262.964s)
to:
system/: 2037 files pushed, 0 skipped. 11.9 MB/s (762803979 bytes in 61.278s)
Bug: https://issuetracker.google.com/150827486
Test: ./test_device.py
Change-Id: I3a0c893faa5d455cc6ccbc86915a17e1b5abbfbe
(cherry picked from commit 64ff82ba68)
Add some requested logging options that can be turned on at runtime
without having to restart adbd.
Bug: http://b/141959374
Test: manual
Change-Id: Ib97acc6d199e0b91238a6758e18b7cb75f8688d9
(cherry picked from commit 52d0b67f19)
If we get unlucky and something else (or ourselves, in another thread)
beats us to listening on our hardcoded ports, we can deadlock.
Bug: http://b/149829737
Test: ./test_adb.py
Change-Id: I8f14004a6b2e77366abad6e88786ea8941629020
(cherry picked from commit e8829c6bfc)
Also remove statically linking libc++, because these libraries are not
exported native shared libraries.
We are slightly over the 12MB limit for ramdisk recovery size, so let's
remove the adb pairing libraries, since they won't be used in recovery
mode.
These are only used in normal boot mode, and currently, only by adb
client. The pairing server is used by system server.
Bug: 150317254
Test: Check size of ramdisk-recovery.img in walleye, walleye-hwasam
build to be under 12MB. Also verify installed-files-recovery.txt no
longer contains libadb_pairing*.
Also put phone into recovery mode, check system/lib64 for no
libadb_pairing*.
Change-Id: Ida7c4fdc9dda2b09091b853feac8df8f125e4274
(cherry picked from commit afc2cf0dec)
Exempt-From-Owner-Approval: cherry-pick
This broke because two CLs touching the Android.bp file both
independently passed presubmit, but failed when combined.
Clean up a misindentation while we're at it.
Bug: http://b/150032044
Bug: http://b/150032367
Test: mma in system/core/adb
Change-Id: I091ef9dec806c767ffb21a5fd73b2bb37ab29ff9
Merged-In: I091ef9dec806c767ffb21a5fd73b2bb37ab29ff9
(cherry picked from commit 6d949e89a4)
We were previously statically linking libcutils into adbd for several
different reasons, which were addressed as follows:
socket functions: extracted to a statically linked libcutils_network
fs_config: wrapped with a shared library on /system
ATRACE: deleted the single use in adbd
Bug: http://b/150032044
Test: treehugger
Change-Id: I821fa174cfcbfa8e29a4be10de4016b817adbaf8
Merged-In: I821fa174cfcbfa8e29a4be10de4016b817adbaf8
(cherry picked from commit a9b62d5452)
Without this, the caller is likely to assume that their buffer is
fully usable, which clang's analyzer doesn't believe is the case.
Another option is to set `*size` to nonzero.
Caught by the static analyzer:
system/core/adb/client/incremental_server.cpp:111:31: warning: 1st
function call argument is an uninitialized value
[clang-analyzer-core.CallAndMessage]
Bug: http://b/150032044
Test: TreeHugger
Change-Id: Ib844aa4ab3ebb297ca8f6f4289bbe3212275275b
Merged-In: Ib844aa4ab3ebb297ca8f6f4289bbe3212275275b
(cherry picked from commit 19b500bd50)
Mark updatable APEXes as updatable: true so that they are opted-out from
optimizations that make sense only for non-updatable modules; such as
symlinking to the libs in the system partition.
Bug: 149805758
Test: m and check that there is no symlink from the APEX to the system
partition.
Change-Id: Ic3edc7e285e9eafbdaa20b18ccbc0b2231370779
This command will be sent by adbd to notify the client that the
connection will be over TLS.
When client connects, it will send the CNXN packet, as usual. If the
server connection has TLS enabled, it will send the A_STLS packet
(regardless of whether auth is required). At this point, the client's
only valid response is to send a A_STLS packet. Once both sides have
exchanged the A_STLS packet, both will start the TLS handshake.
If auth is required, then the client will receive a CertificateRequest
with a list of known public keys (SHA256 hash) that it can use in its
certificate. Otherwise, the list will be empty and the client can assume
that either any key will work, or none will work.
If the handshake was successful, the server will send the CNXN packet
and the usual adb protocol is resumed over TLS. If the handshake failed,
both sides will disconnect, as there's no point to retry because the
server's known keys have already been communicated.
Bug: 111434128
Test: WIP; will add to adb_test.py/adb_device.py.
Enable wireless debugging in the Settings, then 'adb connect
<ip>:<port>'. Connection should succeed if key is in keystore. Used
wireshark to check for packet encryption.
Change-Id: I3d60647491c6c6b92297e4f628707a6457fa9420
Bug: 111434128, 119493510, 119494503
Test: Enable wireless debugging in Settings UI, click "pair with pairing code"
to generate pairing code.
On client, 'adb pair <ip_address>', enter pairing code at prompt and hit
enter. Pairing should complete.
'adb logcat'.
Change-Id: I86527bd3fc52e30a8e08ec5843dc3e100abf91fa
Exempt-From-Owner-Approval: approved already
Dynamic linker will use generated linker configuration in general. As
ld.config.txt file in the APEX module will not be used, we can remove
this to avoid confusion.
Bug: 149887007
Test: m -j passed
Test: Boot succeeded from cuttlefish and walleye
Change-Id: Ic98aca819b5a4d0e0af4fe0ea25145a483aa7d53
In the context of secure connect, allows adbd and host adb to reject
each other based on incompatible versions without even having to
actually connect (since it is a DNS TXT).
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: I54312d8b67370c397ba81ecdbca1b27e3ee58572
For privacy/security reasons, let's not broadcast the adb secure
services on startup automatically, and instead leave that up to
the rest of the adbd code somehow.
Instead, this CL adds an API in daemon/mdns.h that lets the user
control when registration happens, potentially only doing so if
the developer option is enabled or something.
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: Idc994a59ef9e5d48f08796c21989883497e19ef8
This CL exposes a callback-based interface to perform some action for
each resolved pairing/connect service as a function of their hostname,
ip address, and port.
The ADB client can then use this information to either set up secure
connections directly, or to tell the adb host server to do so, or
something.
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: I2dd04c322df5b0597859f44703cfd2f3f29fd737
This CL adds functionality to the class ResolvedService where the ip
address associated with a resolved DNS service is recorded.
It also avoids connecting to the device unless it is the Things-related
DNS service.
Next step is to add some kind of interface in other parts of adb code
to retrieve these IP addresses.
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: I46895a7a5bf5660f524c7323a9454f1e2c7d385c
This CL makes it so the client looks for the adb secure pairing
and adb secure connect services. Nothing else should happen,
but this should be useful to see if the right packet traffic for
discoverability is happening.
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: I266bdb8526cf39bbfa131344dca2b1bb14c14a7b
Since both the client and daemon will now be generating keys.
BUG: b/111434128
Test: atest adb_crypto_test
Change-Id: I6fac562ae5629ab30b6639fbd88d822dae6e96bd
