We were previously statically linking libcutils into adbd for several
different reasons, which were addressed as follows:
socket functions: extracted to a statically linked libcutils_network
fs_config: wrapped with a shared library on /system
ATRACE: deleted the single use in adbd
Test: treehugger
Change-Id: I821fa174cfcbfa8e29a4be10de4016b817adbaf8
In the context of secure connect, allows adbd and host adb to reject
each other based on incompatible versions without even having to
actually connect (since it is a DNS TXT).
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: I54312d8b67370c397ba81ecdbca1b27e3ee58572
For privacy/security reasons, let's not broadcast the adb secure
services on startup automatically, and instead leave that up to
the rest of the adbd code somehow.
Instead, this CL adds an API in daemon/mdns.h that lets the user
control when registration happens, potentially only doing so if
the developer option is enabled or something.
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: Idc994a59ef9e5d48f08796c21989883497e19ef8
This CL exposes a callback-based interface to perform some action for
each resolved pairing/connect service as a function of their hostname,
ip address, and port.
The ADB client can then use this information to either set up secure
connections directly, or to tell the adb host server to do so, or
something.
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: I2dd04c322df5b0597859f44703cfd2f3f29fd737
This CL adds functionality to the class ResolvedService where the ip
address associated with a resolved DNS service is recorded.
It also avoids connecting to the device unless it is the Things-related
DNS service.
Next step is to add some kind of interface in other parts of adb code
to retrieve these IP addresses.
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: I46895a7a5bf5660f524c7323a9454f1e2c7d385c
This CL makes it so the client looks for the adb secure pairing
and adb secure connect services. Nothing else should happen,
but this should be useful to see if the right packet traffic for
discoverability is happening.
Bug: 111434128, 119490749
Test: N/A
Exempt-From-Owner-Approval: already approved
Change-Id: I266bdb8526cf39bbfa131344dca2b1bb14c14a7b
Since both the client and daemon will now be generating keys.
BUG: b/111434128
Test: atest adb_crypto_test
Change-Id: I6fac562ae5629ab30b6639fbd88d822dae6e96bd
... so that the build system can distinguish testing APEXes and installable APEXes, and apply
different rules to them.
Bug: 146308764
Test: m
Change-Id: I5fdab94da352e8014225b2454aacc2a5b5fc6a52
Previously, if we failed to read a file after successfully opening it,
(e.g. because it's a directory), we would return prematurely without
notifying our caller, which would then wait forever for a response that
isn't coming.
Switch all of the adb install callsites over to checking the result,
but leave the other callsites ignoring the result, because they're
either deprecated, or don't care.
Bug: http://b/145621968
Test: mkdir foo.apk; adb install foo.apk
Change-Id: Ia82f8280b144f7881e067a10cd17f9a89019cf3f
It seems like we might not be tracking dependencies properly on
devices with flattened APEXes? Add libadbd_auth to adbd's required
list to work around this for now.
Bug: http://b/148812347
Test: `ls $ANDROID_PRODUCT_OUT/system/lib/libadbd_auth.so` before and after when building a go device
Change-Id: If60abeb00797e37bf6a5a037249a21877e0b3d26
Previously, we were using the version script for only the stubs in the
library, which led to symbols from libc++_static leaking out.
Bug: http://b/148504737
Test: booted a user build
Change-Id: Ie22856f7d16cc837eb961f70195d49898bf7fb49
libadbd_auth was accidentally linked as a static library, which defeats
the entire purpose.
Test: treehugger
Test: readelf -d $ANDROID_PRODUCT_OUT/apex/com.android.adbd/bin/adbd
Change-Id: Id5b66745946a8b92e368ee5f3965275ff03e056d
Build a test apex with an INT_MAX version code for the purposes of
update/rollback testing.
Test: atest adbd_e2e_tests # in internal master
Change-Id: I0e616db03dcbc940af2741dfca5b4c5f50a5a654
fwrite can cross windows platform to show log on terminal,
so we use it instead of WriteFdExactly.
Change-Id: I252c15a0bc72e1dbd98b7b5ec8000ecdcde16416
Signed-off-by: Junyong Sun <sunjy516@gmail.com>
Support for target-as-host was removed by 4626b71057 ("Fix win_sdk
build."), so ADB_HOST_ON_TARGET is never defined.
Test: build
Change-Id: I5ab27e68208677266e2e4272bc2bae7d6a097c5d
liblog will soon be required for all of libbase's logging. This
change proactively requires liblog in all configurations instead of
just Android.
Bug: 119867234
Test: build
Change-Id: I696162fbebc78d4ef23c6032412101ac51d397a4
With b/144533348, there will be symlinks from libs in APEXes to the libs
in the system partition. This is to reduce the size of APEXes when the
APEX is bundled with the platform.
Adding the /system/lib to the permitted paths so that the realpaths of
the symlinks are allowed for the namespaces.
Note that this however does not open all libs in the system partition to
the APEX namespaces, because searching of the libs are NOT done in
/system/lib, but in /apex/<module>/lib directory.
Bug: 144533348
Test: m
Change-Id: I4bb1d6cb5dbf647ae669f49aa5ccb178f5488b5e
ld.config.txt for ADBD APEX works properly, but it can be reduced into
simpler way. This change updates ADBD APEX linker configuration which
reduces complexity and limit library usage from system partition.
Test: m -j && confirmed adbd works from cuttlefish
Change-Id: Ifcf1323082148aec4b6417c0ba7df0d9fe8ffeb0
d77c99ebc3 changed MappedFile to return a
bogus zero-length mapping on failure rather than nullptr. None of the
calling code was changed, though, and it seems like doing so would be a
bad idea. Revert that part of the change.
Add missing tests, and tidy up some of the logging. Also remove
single-use or obfuscatory constants from the tests.
The new "empty.zip" was created by using zip(1) to create a zip file
with one entry, then using `zip -d` to remove it.
The new "zero-size-cd.zip" was created by using zip(1) to create a zip
file containing a single empty file, and then hex editing the two byte
"size of the central directory" field in the "end of central directory
record" structure at the end of the file. (This is equivalent to, but
much smaller than, the example zip file provided by the bug reporter.)
Bug: http://b/145925341
Test: treehugger
Change-Id: Iff64673bce7dae886ccbc9dd6c2bbe18de19f9d2
libadbd_auth might report authentication success for a transport that's
already been destroyed. Fix this by storing a weak pointer to the
atransport that gets cleared upon destruction instead of a raw pointer.
Bug: http://b/144704376
Test: ./test_adb.py
Test: ./test_device.py
Change-Id: Idffe027381e6b2e37f06aa0166e97cafc98eaf3b
The MS OS extended property descriptor is used to convey additional
information to Windows hosts, in this case the DeviceInterfaceGUID
which allows the inbox WinUSB driver to get automatically installed.
However, the ADB windows client looks for USB devices by enumerating
devices with a specific GUID {F72FE0D4-CBCB-407D-8814-9ED673D0DD6B},
and as a result fails to find the device since it was installed with
a different DeviceInterfaceGUID. Update the OS descriptor to pass
back the same GUID the client already uses.
Change-Id: If664cdd9be821c502e8c2048ff79e79e311936f5
This patch introduce "service.adb.listen_addrs", a new
string type property, while keeping the old properties.
The new property added in this patch is used to listen
on UNIX domain socket "localfilesystem".
"service.adb.listen_addrs" can be used to listen on
multiple addresses, such as tcp:5555 and tcp:5556.
It is separated by ',' (comma) character.
In the process of introducing the new socket type, the
method tcp_connect is removed and combined into
socket_spec_connect.
Without specifying using the new property, adb will
try to listen on both tcp and vsock (following the
previous implementation).
Some examples of the new property value are:
- "tcp:5555"
- "vsock:5555"
- "localfilesystem:/tmp/test"
- "tcp:5555,vsock:5555"
Bug: 133378083
Test: On master-arc-dev:
adb root;
setprop service.adb.listen_addrs localfilesystem:
<path_to_socket>;
adb connect localfilesystem:<path_to_socket>;
adb -s localfilesystem:<path_to_socket> shell;
inside Chrome OS.
Test: On aosp_bluefin:
setprop service.adb.listen_addr tcp:5555;
adb connect <IP>:5555; adb shell;
Test: On aosp_bluefin:
setprop service.adb.tcp.port 5555;
adb connect <IP>:5555; adb shell;
Test: On aosp_bluefin:
setprop service.adb.listen_addrs tcp:5555,tcp:6666;
adb connect <IP>:5555; adb shell;
adb connect <IP>:6666; adb shell;
Test: On aosp_bluefin:
./adb_test;
Test: On cuttlefish:
launch_cvd;
adb -s 127.0.0.1:6520 shell;
Test: Ran host tests:
./adb_test;
./adb_integration_test_adb;
./adb_integration_test_device;
Change-Id: I8289bf0ab3305cf23ce5695ffba46845d58ef6bb
Try to not allocate as many blocks on the heap, and reuse
memory instead of copying it
Get rid of unique_ptr and shared_ptr where possible, move
the Block objects themselves
Overall this reduces the time spent in memcpy() from 30% to
15% of the whole 'adb push' command, and gets rid of about 5%
of the time spent in the malloc/free calls
Test: builds
Change-Id: I8995115274b6f08a4df13c58183c928ef384a767
We have switched to "/system/bin/reboot" to perform the reboot. But
accessing the shell for user build under recovery is not allowed by
sepolicy. So adding a special routine to handle this reboot case.
Bug: 141247819
Test: run `adb reboot` in user mode recovery
Change-Id: Ia37438e52c67fd2bd54e923a0fea5817a1455a08
Actually log results of adb commands, so we can see why this fails.
Fix the asan-detected use of a value from a reused part of the stack.
Test: atest FastDeployTest on Linux (with an asan adb)
Change-Id: I4d2bbae62a301e16065d604a2c9918077489cafb
Currently the adb server can only bind on 127.0.0.1 or * if -a is
provided. This diff adds the ability for adb to bind on ::1 as
well for use cases where you might want to force adb to be IPv6
only.
To bind the adb server on ::1
```
$ ./adb -L tcp:[::1]:1234 server
$ lsof -nPi :1234
COMMAND ... NODE NAME
adb ... TCP [::1]:1234 (LISTEN)
```
The original behaviour is also retained, so this would only affect
users explicitly specifying ::1 in the socket spec
```
$ export ANDROID_ADB_SERVER_PORT=1234
$ ./adb server
$ lsof -nPi :1234
COMMAND ... NODE NAME
adb ... TCP 127.0.0.1:1234 (LISTEN)
```
Note: I've only implemented this behaviour for posix base systems,
due to my limited understanding of networking on windows. If
needed I can do some research to implement it there as well, but
there is currently no IPv6 support at all on the windows side.
Test: New unit test and the commands in the summary
Change-Id: I23e4531e8dfda4de9348124ad7491d728aecdbf7
During automatic tests, we sometimes want to reboot the device out of
the rescue party remotely. And per http://go/recovery-adb-access, we
need to grant the adb authorization to enable the adb access. The auth
are only granted for userdebug devices and those with an unlocked
bootloader. Since the user can always flash a custom recovery image if
the bootloader is unlocked.
This cl ignores the ro.adb.secure property under recovery. The other
option is to default this property to 0 when building the boot/recovery
image.
Bug: 141247819
Test: unlock bootloader, run adb under recovery in user build
Change-Id: I424cfed5bf51a1e31d8687256ae4c6eaaa5e6249
Call adb_notify_device_scan_complete when we finish enumerating USB
devices. The original intent of the code appears to have been to have
adb_wait_for_device_initialization return as soon as we've finished
looking around at the system USB environment on daemon startup, but at
some point, we forgot to actually notify the init thread that we
finished scanning all the USB devices, forcing the wait on init_cv to
time out after three seconds on every daemon initialization.
After this change, the daemon starts in a few milliseconds on my Linux
machine
Test: killall adb && sleep 1 && time adb server && adb shell ls
Change-Id: I0bc1da7a597d2077dd2b591560d03798b05905b7
* changes:
adb: replace reboot service with exec of /system/bin/reboot.
Move enable-verity/disable-verity out of adb to a helper binary.
Use adbd_system_binaries to track adbd's dependencies.
required doesn't propagate from apexes, so we need a separate phony
target to track adbd's dependenecies.
Test: m
Change-Id: I4c97047dbd1c2f9b394d864aed229798f09fc9b1
Not specifying a platform version in a java binary will result in code
generation tools being built to create framework.jar, which currently
fails when building with BUILD_HOST_static=1.
Specify an SDK version to avoid this.
Bug: http://b/142536936
Test: m -j adb BUILD_HOST_static=1
Change-Id: Ifb9556c7c6cc43417c3f56137edee21f145f8b17
required seems to conflict with apex with the following error:
build/make/core/main.mk:1338: warning: build/make/target/product/aosp_x86_64.mk produces files inside build/make/target/product/mainline_system.mks artifact path requirement.
Test: treehugger
Change-Id: If1fbb9c4a4be340750ee6daea7aa4621177d8d56
Before we just got "Failed to read key". After:
adb E 10-07 08:20:14 258249 258249 auth.cpp:176] Failed to read key \
from '/usr/local/google/home/enh/.android/adbkey'
94390117965240:error:0900006e:PEM routines:OPENSSL_internal:NO_START_LINE:\
external/boringssl/src/crypto/pem/pem_lib.c:622:Expecting: ANY PRIVATE KEY
Also fix the misleading "Failed to generate" message from adb_auth_init.
Bug: http://b/141715453
Test: manually corrupted key; see above
Change-Id: I6732ee6b683c8548d596d7c22eeddab8ce9a3cea
- removed 2GB apk size cap,
- removed zip archive parsing on device (1.1M->236K agent size reduction),
- optimized matching entries search,
- added more robust matching entries search based on hash of CDr entry,
- reduced patch size by reusing Local File Header of matched entries,
- removed extra manifest parsing and extra agent calls,
- added device-side tests for agent,
- fix for Windows patch creation.
Test: atest adb_test fastdeploy_test FastDeployTests
Total time for 0-size patch reduction for 1.7G apk: 1m1.778s->0m36.234s.
Change-Id: I66d2cef1adf5b2be3325e355a7e72e9c99992369
dirname (on glibc, at least) preserves multiple leading slashes, and we
were looping until path != "/", which would lead to an infinite loop
when attempting to push to a path like //data/local/tmp.
Bug: http://b/141311284
Test: python -m unittest test_device.FileOperationsTest.test_push_multiple_slash_root
Change-Id: I182b3e89ef52579c716fdb525e9215f1fe822477
Replace libcrypto with libcrypto_static, which can be protected through
visibility to ensure only modules that don't affect FIPS certification
can use it.
Bug: 141248879
Test: m checkbuild
Change-Id: I5f0b9acfb57f68570f6f58f2395f2bb1bc015365
A regression from commit 8c2198c809
("adb: use shell for remount to forward return codes.") where the
optional argv[1] got missed for the remount command. This change
hands off _all_ the arguments if to a shell and activates some of
the extra features in the remount command.
$ adb remount --help
remount [-h] [-R] [-T fstab_file] [partition]...
-h --help this help
-R --reboot disable verity & reboot to facilitate remount
-T --fstab custom fstab file location
partition specific partition(s) (empty does all)
Remount specified partition(s) read-write, by name or mount point.
-R notwithstanding, verity must be disabled on partition(s).
$
SideEffects: adb remount [-h] [-R] [-T fstab_file] [partition]...
Test: adb-remount-test.sh
Bug: 138577868
Bug: 139283818
Bug: 139226412
Change-Id: I8223d4000ab20857e9b634e4d4a326eed530d7be
We've seen USB writes failing due to inability to allocate contiguous
chunks of memory in the kernel on devices, but it looks like the same
problem can occur on the host, as well. It's a mild performance
regression (90->80 MB/s on a blueline) to split the writes always, so
attempt the full write first, and fall back to splitting it up if that
fails with ENOMEM. Once we switch over the the asynchronous transport
API, we'll be able to submit multiple writes cheaply, like on devices,
so we won't need to retry at that point.
Bug: http://b/140985544
Test: test_device.py
Change-Id: I1517c348375b829dfff6796c4e9d394802b02d5b
We regressed handling of the old host transport selection syntax, which
broke users that reimplement adb themselves (e.g. Studio via ddmlib).
Bug: https://issuetracker.google.com/140369526
Test: adb raw "host-serial:822X0028S:forward:tcp:42929;localabstract:/com.example.ndktest-0/platform-1568299082100.sock"
Test: ./test_device.py
Change-Id: Iaaec8fde952316fe9bf2a6f6c6c4a3bc9f74bf72
Linux doesn't seem to actually support emitting them, so we can't check
that they're actually there, but commit the code to read them so that
if and when Linux gets support, it's easier to check.
This also adds some error checking for ill-formed binary object store
entries.
Test: check_ms_os_desc
Change-Id: I4baf6a16f0f96acbec468b843db65d4ab3a589fe
Protobuf 3.9.1 redefines google::protobuf::int64 from long long to
int64_t, which is sometimes long and sometimes long long. Use PRId64
to print it.
Bug: 117607748
Test: m checkbuild
Change-Id: I6699cfdb0f0424aa3e1c98b59d941beb9f133055
Merged-In: I6699cfdb0f0424aa3e1c98b59d941beb9f133055
