The reason behing this change is to increase the adb push/pull speed
with reduceing the number of packets sent between the host and the
device because the communication is heavily bound by packet latency.
The change maintains two way compatibility in the communication
protocol with negotiating a packet size between the target and the
host with the CONNECT packets.
After this change the push/pull speeds improved significantly
(measured from Linux-x86_64 with 100MB of data):
| Old push | Old pull || New push | New pull |
-----------------------------------------------------------
Hammerhead | 4.6 MB/s | 3.9 MB/s || 13.1 MB/s | 16.5 MB/s |
-----------------------------------------------------------
Volantis | 6.0 MB/s | 6.2 MS/s || 25.9 MB/s | 29.0 MB/s |
-----------------------------------------------------------
Fugu | 6.0 MB/s | 5.1 MB/s || 27.9 MB/s | 33.2 MB/s |
-----------------------------------------------------------
Change-Id: Id9625de31266e43394289e325c7e7e473379c5d8
The code which triggers these events (via the SHELL_EXIT_NOTIFY_FD) are
only called from code which is already guarded by #if !ADB_HOST.
Change-Id: I184414f5e090c1f08ee117e4c8c434cd4a8b5221
One of my build aliases doesn't play nice with USE_MINGW=1, so my build lied to me. Will revert until I fix it up.
This reverts commit 459df8f3a1.
Change-Id: I7905c5ae5ee85fb2d228ce63d81c79f140998c18
Apparently there are two classes of this warning in clang.
-Wformat-security is only emitted for cases of
`func(nonliteral_fmt_string)` (no args), and -Wformat-nonliteral is
emitted for cases *with* arguments. For whatever reason, the latter
isn't included in -Wextra and must be manually enabled.
To make this more easily portable to Windows, move the existing
gnu_printf/__printf__ decision into base/macros.h as ATTRIBUTE_FORMAT.
Change-Id: I3b0990e1d1f0a2e9c13b32f5cd60478946cb5fc6
Using non-POD types in atransport means we'll need to start treating
it as a real class (specifically with regards to new/delete rather
than malloc/free).
I've also cleaned up the home grown linked lists for transport_list
and pending_list to just be std::lists. We might want to refactor that
again to be an std::unordered_map keyed on serial, since that seems to
be a common way to search it.
Change-Id: I7f5e23cdc47944a9278099723ca029585fe52105
The name "client" is somewhat misleading as it also contains the host
side adb server, but it's a part of the client binary.
Change-Id: I128b7bab213e330eb21b5010cd1fec5f7a62c8af
This patch factors out a lot of the basic protocol code: sending OKAY,
sending FAIL, and sending a length-prefixed string.
ADB_TRACE has been non-optional for a long time, so let's just remove
the #ifs.
Also actually build the device tracker test tool (and remove its duplicate).
Bug: http://b/20666660
Change-Id: I6c7d59f18707bdc62ca69dea45547617f9f31fc6
This reverts commit 6084a0124f.
The original build breakage is fixed by (a) building the verity
code for eng builds as well as userdebug builds and (b) moving
the exported remount service functions into a new header file.
Change-Id: Ice0c4f97d4db38ab7eb333c7a6e56bbd11123f5b
I keep trying to clean things up and needing std::strings. Might as
well just do this now.
usb_linux_client.c is going to stay as C because GCC isn't smart
enough to deal with the designated initializers it uses (though for
some reason it is in C mode).
The Darwin files are staying as C because I don't have a way to test
that they build.
The Windows files are staying as C because while I can actually build
for them, it's slow and painful.
Change-Id: I75367d29205a9049d34460032b3bb36384f43941
Much of adb is duplicated in bootable/recovery/minadb and fastboot.
Changes made to adb rarely get ported to the other two, so the trees
have diverged a bit. We'd like to stop this because it is a
maintenance nightmare, but the divergence makes this difficult to do
all at once. For now, we will start small by moving common files into
a static library. Hopefully some day we can get enough of adb in here
that we no longer need minadb.
Bug: 17626262
Change-Id: Ic8d5653bfcc0fec4e1acbece124402355084b864
If verity is enabled and the underlying block device is marked
read-only, disable-verity fails. We cannot use the existing code
for enable-verity to make the device writable as the device in
/proc/mounts will be the verity device instead of the underlying
device we want to change. This change makes the correct device
writable when altering verity state.
Change-Id: I423ee50fb34d78cff2fe843318b9081c03c5142d
Note that it is *easy* to break your phone with this feature. It is
not a bug that reenabling verity after changing one byte of the system
partition stops the device booting.
(cherry-pick of 7c442e1700e6312727283db402dec6f666f1b55a.)
Bug: 18529433
Change-Id: I632e91281884471a362960f1ba30312d2669b8ff
This reverts commit 152d2d4234.
Fixed build error, and also fixed memory leak spotted from warning.
(cherry-pick of bbb36319119edde9377fb80015235893c30d2bc9.)
Bug: 17691572
Change-Id: I23b5ba537f7b557432041d4338b38b9be434e981
Re-commit https://googleplex-android-review.googlesource.com/#/c/519430/
Add fix for win_sdk build.
Add socketpair debug log.
Also output thread information in log on host side.
(cherry-pick of adb09fa01a16d8c5c92c2f8d325e1678c531223f.)
Change-Id: I21021bc111a3f7362a91b70593e3738125878118
Most code is copied and pasted from adb.h.
Any file can just include it to enable tracing.
Removed some duplications.
Change-Id: Ie1ed9e9edbf92158aac84669fbcbf7dc85fe2cf0
The sideload-host mode turns the host into a server capable of sending
the device various pieces of the file on request, rather than
downloading it all in one transfer. It's used to support sideloading
OTA packages to devices without the need for them to hold the whole
package in RAM.
If the connected device doesn't support sideload-host mode, we fall
back to the older sideload connection.
Change-Id: I5adaedd8243dc3b76414bba0149879ca2bbf35fa
To facilitate device scripts that want to read/write binary data from
the host side, this change introduces a new "exec" service that
behaves like "shell" but without creating a pty, which would otherwise
mangle binary data.
After forking, it hooks up stdin/stdout of the child process to
the socket connected through to the host. The adb transport doesn't
support shutdown(), so the host can't half-close the socket and wait
for device termination. Instead, the host side now has two explicit
commands "exec-in" and "exec-out" for either sending or receiving
data.
Teach host side copy_to_file() to deal with stdin/stdout special
cases. Switch device side backup/restore services to use the new
create_subproc_raw under the hood.
Change-Id: I5993049803519d3959761f2363037b02c50920ee
This implements the logical opposite of 'adb forward', i.e.
the ability to reverse network connections from the device
to the host.
This feature is very useful for testing various programs
running on an Android device without root or poking at the
host's routing table.
Options and parameters are exactly the same as those for
'adb forward', except that the direction is reversed.
Examples:
adb reverse tcp:5000 tcp:6000
connections to localhost:5000 on the device will be
forwarded to localhost:6000 on the host.
adb reverse --no-rebind tcp:5000 tcp:6000
same as above, but fails if the socket is already
bound through a previous 'adb reverse tcp:5000 ...'
command.
adb reverse --list
list all active reversed connections for the target
device. Note: there is no command to list all
reversed connections for all devices at once.
adb reverse --remove tcp:5000
remove any reversed connection on the device from
localhost:5000
adb reverse --remove-all
remove all reversed connections form the current
device.
Reversed connections are tied to a transport, in other
words, they disappear as soon as a device is disconnected.
Simple testing protocol:
adb forward tcp:5000 tcp:6000
adb reverse tcp:6000 tcp:7000
nc -l localhost 7000
in another terminal:
echo "Hello" | nc localhost 5000
Will print "Hello" on the first terminal.
Change-Id: I761af790cdb06829b68430afa4145a919fa0e6d5
handle_packet() in adb.c didn't check that when an A_WRTE packet is
received, the sender's local-id matches the socket's peer id.
This meant that a compromised adbd server could sent packets to
the host adb server, spoofing the identity of another connected
device if it could "guess" the right host socket id.
This patch gets rid of the issue by enforcing even more checks
to ensure that all packets comply with the description in
protocol.txt.
+ Fix a bug where closing a local socket associated with a
remote one would always send an A_CLSE(0, remote-id, "")
message, though protocol.txt says that should only happen
for failed opens.
The issue was that local_socket_close() called
remote_socket_close() after clearing the remote socket's
'peer' field.
The fix introduces a new asocket optional callback,
named 'shutdown' that is called before that, and is
used to send the A_CLSE() message with the right ID
in remote_socket_shutdown().
Also add some code in handle_packet() to detect
invalid close commands.
Change-Id: I9098bc8c6e81f8809334b060e5dca4fc92e6fbc9
adb connect calls connect() in the event loop. If you pass a wrong ip
address or the server is slow to respond, this will block the event loop
and you can't even kill the adb server with adb kill-server. Handle connect
requests in a service thread instead.
Change-Id: I2ee732869a3dc22a6d3b87cf8ac80acaa7790037
Add a new connection state, so that devices, that require confirmation
to allow adb, appear as "unauthorized" in the adb devices lists.
Change-Id: Ib4264bc5736dedecf05bcf8e31896f4d7a91fad8
Secure adb using a public key authentication, to allow USB debugging
only from authorized hosts.
When a device is connected to an unauthorized host, the adb daemon sends
the user public key to the device. A popup is shown to ask the user to
allow debugging once or permanantly from the host. The public key is
installed on the device in the later case. Other keys may be installed
at build time.
On the host, the user public/private key pair is automatically generated,
if it does not exist, when the adb daemon starts and is stored in
$HOME/.android/adb_key(.pub) or in $ANDROID_SDK_HOME on windows. If needed,
the ADB_KEYS_PATH env variable may be set to a :-separated (; under
Windows) list of private keys, e.g. company-wide or vendor keys.
On the device, vendors public keys are installed at build time in
/adb_keys. User-installed keys are stored in /data/misc/adb/adb_keys.
ADB Protocol change:
If the device needs to authenticate the host, it replies to CNXN
packets with an AUTH packet. The AUTH packet payload is a random token.
The host signs the token with one of its private keys and sends an AUTH(0)
packet. If the signature verification succeeds, the device replies with
a CNXN packet. Otherwise, it sends a new AUTH packet with a new token so
that the host can retry with another private key. Once the host has tried
all its keys, it can send an AUTH(1) packet with a public key as
payload. adbd then sends the public key to the framework (if it has been
started) for confirmation.
Change-Id: I4e84d7621da956f66ff657245901bdaefead8395
Secure adb using a public key authentication, to allow USB debugging
only from authorized hosts.
When a device is connected to an unauthorized host, the adb daemon sends
the user public key to the device. A popup is shown to ask the user to
allow debugging once or permanantly from the host. The public key is
installed on the device in the later case. Other keys may be installed
at build time.
On the host, the user public/private key pair is automatically generated,
if it does not exist, when the adb daemon starts and is stored in
$HOME/.android/adb_key(.pub) or in $ANDROID_SDK_HOME on windows. If needed,
the ADB_KEYS_PATH env variable may be set to a ;-separated list of private
keys, e.g. company-wide or vendor keys.
On the device, vendors public keys are installed at build time in
/adb_keys. User-installed keys are stored in /data/misc/adb/adb_keys.
ADB Protocol change:
If the device needs to authenticate the host, it replies to CNXN
packets with an AUTH packet. The AUTH packet payload is a random token.
The host signs the token with one of its private keys and sends an AUTH(0)
packet. If the signature verification succeeds, the device replies with
a CNXN packet. Otherwise, it sends a new AUTH packet with a new token so
that the host can retry with another private key. Once the host has tried
all its keys, it can send an AUTH(1) packet with a public key as
payload. adbd then sends the public key to the framework (if it has been
started) for confirmation.
Change-Id: Idce931a7bfe4ce878428eaa47838e5184ac6073f
Prior to this change, -s could take either a serial number or a
device path (e.g. "-s 01498B1F02015015" or "-s usb:1-4.2"). This
change extends -s to also allow product, model or device names
(e.g. "-s product:mysid"). These new qualifiers will only be
available on devices that are running an adb daemon that provides
properties in the connect message per Change-Id:
I09200decde4facb8fc9b4056fdae910155f2bcb9
The product, model and device are derived from the
ro.product.name, ro.product.model and ro.product.device
properties respectively. They are prefixed with "product:",
"model:" or "device:" as appropriate. In addition, any
non-alphanumerics in the model are changed to underscores.
If the -s parameter matches multiple devices, the result will be
the same as when multiple devices are connected but no -d, -e or
-s option is specified. In general, this means the user will get
"error: more than one device". However for get-state,
get-devpath and get-serialno, they will get "unknown".
The format of "devices -l" was changed to list all of the
qualifiers that are available. The following example output
(with the last digits of the serial numbers replaced with X's) is
with a Galaxy Prime with an older adb daemon and another Galaxy
Prime and Galaxy S both with the enhanced adb daemons:
List of devices attached
016B75D60A0060XX device usb:2-5 product:mysid model:Galaxy_Nexus device:toro
3731B535FAC200XX device usb:1-4.2 product:soju model:Nexus_S device:crespo
01498B1F020150XX device usb:1-4.1
Note that the serial number and state are now column oriented
instead of tab delimited. After the serial number and state, all
qualifiers are listed with each preceded by a space. The output
of the original devices command (without -l) is unchanged.
Change-Id: Iceeb2789874effc25a630d514a375d6f1889dc56
Signed-off-by: Scott Anderson <saa@android.com>
protocol.txt says that the connect message should have three
fields:
<systemtype>:<serialno>:<banner>
In reality, what is transmitted is simply:
<systemtype>::
The serialno is obtained via other means so doesn't really need
to be a part of the connect message. This change puts the
ro.product.name, ro.product.model and ro.product.device
properties in the <banner> for devices. Each property is
terminated by a semicolon (;) with the key and value separated by
an equals sign (=). Example message:
device::ro.product.name=<prd>;ro.product.model=<mdl>;ro.product.device=<dev>;
Making this change will enable the device list to provide more
information to the user and to give the potential for being able
to select which device to talk to with the -s option.
Change-Id: I09200decde4facb8fc9b4056fdae910155f2bcb9
Signed-off-by: Scott Anderson <saa@android.com>
This is the second version of a patch which demonstrates the possibility
of using adbd (Android Debug Bridge daemon) with a generic FunctionFS gadget
instead of a custom adb usb gadget in the Linux kernel. It contains changes
introduced after Benoit's review - thank you Benoit.
The patch adds a new usb access layer to adbd using FunctionFS. The former
usb access method is still available. The method is chosen at runtime
depending if /dev/usb-ffs/adb/ep0 or /dev/android_adb is accessible.
How to use on the target device:
$ insmod g_ffs.ko idVendor=<vendor ID> iSerialNumber=<some string>
$ mount -t functionfs adb /dev/usb-ffs/adb -o uid=2000,gid=2000
$ ./adbd
This patch requires a patch to bionic which adds <linux/usb_functionfs.h>
which is an exact copy of the relevant file in the linux kernel.
Change-Id: I4b42eb267ffa50fca7a5fba46f388a2f083e8b2d
Signed-off-by: Andrzej Pietrasiewicz <andrzej.p@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
[benoit@android.com: detect at runtime if functionfs is mounted
or fallback using f_adb]
Signed-off-by: Benoit Goby <benoit@android.com>
