Currently, a host running adb will sign a token of any length passed
to it by a device, effectively acting as a signing oracle. If the
ADB_VENDOR_KEYS environment variable is used to specify an additional
key to use, this behavior is not only unexpected, but probably also
unwanted. Further discussion can be found from this thread:
http://www.metzdowd.com/pipermail/cryptography/2015-January/024423.html
This change adds a check to ensure token length matches TOKEN_SIZE
before it's signed, which prevents an attacker from signing longer
messages.
Change-Id: I7b2cc1f051941bf9b66e1c02980850bede501793
On Windows, adb_socket_setbufsize() was taking a file descriptor value
from the compatibility layer in sysdeps_win32.c (namely, an index into
the _win32_fhs array) and passing it to the Winsock setsockopt() call,
which wants a Winsock SOCKET handle. Basically, adb_socket_setbufsize()
was passing `fd` instead of `_fh_from_int(fd)->fh_socket`, resulting in
adb effectively setting a socket buffer size on a random socket in the
process.
The fix is to introduce adb_setsockopt() which just calls setsockopt()
on non-Win32, and which uses the Winsock SOCKET handle on Win32. The
change also moves Win32 disable_tcp_nagle() to a header and adds an
extra sanity check to adb_shutdown().
Change-Id: I4354e818d27538f7ff5b0e70b28bdb6300e1b98b
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
Using a const bool rather than an ifdef means the compiler can still
protect us from breaking code paths that aren't included in every
build variant.
Change-Id: Ic45c8fb52cd66c3ce090d760cdb92104e31265f5
Hadn't caught this in the previous submission because I tested the
build with another change on top of it that also fixes this.
Bug: 17626262
Change-Id: Ia40127618a5466e382081760d614ff7fc09d50a3
Much of adb is duplicated in bootable/recovery/minadb and fastboot.
Changes made to adb rarely get ported to the other two, so the trees
have diverged a bit. We'd like to stop this because it is a
maintenance nightmare, but the divergence makes this difficult to do
all at once. For now, we will start small by moving common files into
a static library. Hopefully some day we can get enough of adb in here
that we no longer need minadb.
Bug: 17626262
Change-Id: Ic8d5653bfcc0fec4e1acbece124402355084b864
The kernel finally has the pt_regs structure properly defined for mips,
so we don't need to define it ourselves.
Change-Id: Ifdf75ed827cd2390962e9b3a182bdbbf02fe0732
There was a misinterpretation of how the v2 header works. The flags
in the header indicate what is in the rest of the structure.
Bug: 19127803
Change-Id: I5fa0dae6da51522c9afc4c94838eb6f462208683
If you run `adb tcpip`, adbd tries to process a string of 'tcpip:' using
this code:
} else if(!strncmp(name, "tcpip:", 6)) {
int port;
if (sscanf(name + 6, "%d", &port) == 0) {
port = 0;
}
ret = create_service_thread(restart_tcp_service, (void *) (uintptr_t) port);
If a zero-length string is passed to sscanf(), it returns EOF (-1) which
causes the if statement to skip the block, leaving the port variable
uninitialized.
I found this by running `adb tcpip` and sometimes getting 'invalid port'
and sometimes a device would start listening on a random port number.
The fix is to check the sscanf() return value for the success case (the
number of items successfully parsed), as is already done in other parts
of the adb code. I also fixed-up another instance of the same
code-pattern in services.c.
Change-Id: I8c9c33485ad076828da0ac74f048fdad561669d3
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
logd suffers major performance degradation when persistent (blocking)
client reader connects to it (e.g. logcat). The root cause of the
degradation is that each time when reader is notified of the arrival
of new log entries, the reader commences its search for the new entries
from the beginning of the linked list (oldest entries first).
This commit alters the search to start from the end of the linked list
and work backwards. This dramatically decreases logd CPU consumption
when blocking reader is connected, and increases the maximum logging
throughput (before the logs start getting lost) by a factor ~ 20.
Change-Id: Ib60955ce05544e52a8b24acc3dcf5863e1e39c5c
- create a structure to depict the private header
expected at logd end of socket.
- utilize this new structure instead of unscalable
byte stream technique used to unpack in logd.
Change-Id: I2d0e5c3531c279f2dc1fbd74807210ff8d804de0
When mounting fstab entries it is practical to be able to specify
for example LABEL=data instead of a specific block device.
This is particularly important for the new Android Emulator code base,
which uses virtio block devices for the various partitions
(system,data,cache), because there is no defined ordering between the
way the filesystems are specified to the emulator and how they are
enumerated by the android kernel as /dev/vdX.
Change-Id: I7aef95f12e8f7b02ac2e33804ba7897fdcb9ad7f
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Due to a typo, the --no-rebind option never worked (it always failed).
The root of the problem was that the client was sending on the wire
a command like:
host:forward:norebind::tcp:<port>;tcp:<port>
^^
Instead of:
host:forward:norebind:tcp:<port>;tcp:<port>
^
Note the erroneous double-column.
The fix is local to the adb client and thus doesn't require a new
version of the server or guest adbd on the device-side.
This also fixes 'adb reverse --no-rebind'.
See https://code.google.com/p/chromium/issues/detail?id=451109
Change-Id: I680fd432b5470072f6a9968ca32a7f90c600ac68
LOCAL_FORCE_STATIC_EXECUTABLE was not working properly for clang
because -Bstatic was ignored by clang. We can now enable clang
for init after the -static flag is added to link static executable
files in build/core/definitions.mk.
BUG: 18008984
Change-Id: I3f361b83c1e0b313914603dff33fd090cd3b116a
On 64 bit systems, calls to dump_backtrace_to_file or dump_tombstone
try and directly contact the correct debuggerd (32 bit vs 64 bit)
by reading the elf information for the executable.
Unfortunately, system_server makes a call to dump_backtrace_to_file
and it doesn't have permissions to read the executable data, so it
defaults to always contacting the 64 bit debuggerd.
This CL changes the code so that all dump requests go to the 64 bit
debuggerd, which reads the elf information and redirects requests for
32 bit processes to the 32 bit debuggerd.
Testing:
- Forced the watchdog code in system_server to dump stacks and
verified that all native stacks are dumped correctly.
- Verified that dumpstate and bugreport still properly dump the native
processes on a 64 bit and 32 bit system.
- Intentionally forced the 64 bit to 32 bit redirect to write only a
byte at a time and verified there are no errors, and no dropped data.
- Used debuggerd and debuggerd64 to dump 32 bit and 64 bit processes
seemlessly.
- Used debuggerd on a 32 bit system to dump native stacks.
Bug: https://code.google.com/p/android/issues/detail?id=97024
Change-Id: Ie01945153bdc1c4ded696c7334b61d58575314d1
When mounting fstab entries it is practical to be able to specify
for example LABEL=data instead of a specific block device.
This is particularly important for the new Android Emulator code base,
which uses virtio block devices for the various partitions
(system,data,cache), because there is no defined ordering between the
way the filesystems are specified to the emulator and how they are
enumerated by the android kernel as /dev/vdX.
Change-Id: I12c3db0ba6a515dc8e917e0349afd257888d3aef
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
