1 /*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define TRACE_TAG ADB
18
19 #include "sysdeps.h"
20 #include "adb.h"
21
22 #include <ctype.h>
23 #include <errno.h>
24 #include <stdarg.h>
25 #include <stddef.h>
26 #include <stdint.h>
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <string.h>
30 #include <sys/time.h>
31 #include <time.h>
32 #include <unistd.h>
33
34 #include <chrono>
35 #include <condition_variable>
36 #include <functional>
37 #include <mutex>
38 #include <string>
39 #include <string_view>
40 #include <thread>
41 #include <vector>
42
43 #include <android-base/errors.h>
44 #include <android-base/file.h>
45 #include <android-base/logging.h>
46 #include <android-base/macros.h>
47 #include <android-base/parsenetaddress.h>
48 #include <android-base/stringprintf.h>
49 #include <android-base/strings.h>
50 #include <android-base/utf8.h>
51 #include <diagnose_usb.h>
52
53 #include <build/version.h>
54 #include <platform_tools_version.h>
55
56 #include "adb_auth.h"
57 #include "adb_io.h"
58 #include "adb_listeners.h"
59 #include "adb_mdns.h"
60 #include "adb_unique_fd.h"
61 #include "adb_utils.h"
62 #include "socket_spec.h"
63 #include "sysdeps/chrono.h"
64 #include "transport.h"
65
66 #if !ADB_HOST
67 #include <sys/capability.h>
68 #include <sys/mount.h>
69 #include <android-base/properties.h>
70 using namespace std::chrono_literals;
71
72 #include "daemon/logging.h"
73 #endif
74
75 #if ADB_HOST
76 #include "client/usb.h"
77 #endif
78
79 #if !ADB_HOST && defined(__ANDROID__)
80 #include "daemon/watchdog.h"
81
82 static std::atomic<int> active_connections = 0;
83
IncrementActiveConnections()84 static void IncrementActiveConnections() {
85 if (active_connections++ == 0) {
86 watchdog::Stop();
87 }
88 }
89
DecrementActiveConnections()90 static void DecrementActiveConnections() {
91 if (--active_connections == 0) {
92 watchdog::Start();
93 }
94 }
95
96 #endif
97
adb_version()98 std::string adb_version() {
99 // Don't change the format of this --- it's parsed by ddmlib.
100 return android::base::StringPrintf(
101 "Android Debug Bridge version %d.%d.%d\n"
102 "Version %s-%s\n"
103 "Installed as %s\n"
104 "Running on %s\n",
105 ADB_VERSION_MAJOR, ADB_VERSION_MINOR, ADB_SERVER_VERSION, PLATFORM_TOOLS_VERSION,
106 android::build::GetBuildNumber().c_str(), android::base::GetExecutablePath().c_str(),
107 GetOSVersion().c_str());
108 }
109
calculate_apacket_checksum(const apacket * p)110 uint32_t calculate_apacket_checksum(const apacket* p) {
111 uint32_t sum = 0;
112 for (size_t i = 0; i < p->msg.data_length; ++i) {
113 sum += static_cast<uint8_t>(p->payload[i]);
114 }
115 return sum;
116 }
117
to_string(ConnectionState state)118 std::string to_string(ConnectionState state) {
119 switch (state) {
120 case kCsOffline:
121 return "offline";
122 case kCsBootloader:
123 return "bootloader";
124 case kCsDevice:
125 return "device";
126 case kCsHost:
127 return "host";
128 case kCsRecovery:
129 return "recovery";
130 case kCsRescue:
131 return "rescue";
132 case kCsNoPerm:
133 return UsbNoPermissionsShortHelpText();
134 case kCsSideload:
135 return "sideload";
136 case kCsUnauthorized:
137 return "unauthorized";
138 case kCsAuthorizing:
139 return "authorizing";
140 case kCsConnecting:
141 return "connecting";
142 default:
143 return "unknown";
144 }
145 }
146
get_apacket(void)147 apacket* get_apacket(void) {
148 apacket* p = new apacket();
149 if (p == nullptr) {
150 LOG(FATAL) << "failed to allocate an apacket";
151 }
152
153 memset(&p->msg, 0, sizeof(p->msg));
154 return p;
155 }
156
put_apacket(apacket * p)157 void put_apacket(apacket *p)
158 {
159 delete p;
160 }
161
handle_online(atransport * t)162 void handle_online(atransport *t)
163 {
164 D("adb: online");
165 t->online = 1;
166 #if ADB_HOST
167 t->SetConnectionEstablished(true);
168 #elif defined(__ANDROID__)
169 IncrementActiveConnections();
170 #endif
171 }
172
handle_offline(atransport * t)173 void handle_offline(atransport *t)
174 {
175 if (t->GetConnectionState() == kCsOffline) {
176 LOG(INFO) << t->serial_name() << ": already offline";
177 return;
178 }
179
180 LOG(INFO) << t->serial_name() << ": offline";
181
182 #if !ADB_HOST && defined(__ANDROID__)
183 DecrementActiveConnections();
184 #endif
185
186 t->SetConnectionState(kCsOffline);
187
188 // Close the associated usb
189 t->online = 0;
190
191 // This is necessary to avoid a race condition that occurred when a transport closes
192 // while a client socket is still active.
193 close_all_sockets(t);
194
195 t->RunDisconnects();
196 }
197
198 #if DEBUG_PACKETS
199 #define DUMPMAX 32
print_packet(const char * label,apacket * p)200 void print_packet(const char *label, apacket *p)
201 {
202 const char* tag;
203 unsigned count;
204
205 switch(p->msg.command){
206 case A_SYNC: tag = "SYNC"; break;
207 case A_CNXN: tag = "CNXN" ; break;
208 case A_OPEN: tag = "OPEN"; break;
209 case A_OKAY: tag = "OKAY"; break;
210 case A_CLSE: tag = "CLSE"; break;
211 case A_WRTE: tag = "WRTE"; break;
212 case A_AUTH: tag = "AUTH"; break;
213 case A_STLS:
214 tag = "STLS";
215 break;
216 default: tag = "????"; break;
217 }
218
219 fprintf(stderr, "%s: %s %08x %08x %04x \"",
220 label, tag, p->msg.arg0, p->msg.arg1, p->msg.data_length);
221 count = p->msg.data_length;
222 const char* x = p->payload.data();
223 if (count > DUMPMAX) {
224 count = DUMPMAX;
225 tag = "\n";
226 } else {
227 tag = "\"\n";
228 }
229 while (count-- > 0) {
230 if ((*x >= ' ') && (*x < 127)) {
231 fputc(*x, stderr);
232 } else {
233 fputc('.', stderr);
234 }
235 x++;
236 }
237 fputs(tag, stderr);
238 }
239 #endif
240
send_ready(unsigned local,unsigned remote,atransport * t,uint32_t ack_bytes)241 void send_ready(unsigned local, unsigned remote, atransport* t, uint32_t ack_bytes) {
242 D("Calling send_ready");
243 apacket *p = get_apacket();
244 p->msg.command = A_OKAY;
245 p->msg.arg0 = local;
246 p->msg.arg1 = remote;
247 if (t->SupportsDelayedAck()) {
248 p->msg.data_length = sizeof(ack_bytes);
249 p->payload.resize(sizeof(ack_bytes));
250 memcpy(p->payload.data(), &ack_bytes, sizeof(ack_bytes));
251 }
252
253 send_packet(p, t);
254 }
255
send_close(unsigned local,unsigned remote,atransport * t)256 static void send_close(unsigned local, unsigned remote, atransport *t)
257 {
258 D("Calling send_close");
259 apacket *p = get_apacket();
260 p->msg.command = A_CLSE;
261 p->msg.arg0 = local;
262 p->msg.arg1 = remote;
263 send_packet(p, t);
264 }
265
get_connection_string()266 std::string get_connection_string() {
267 std::vector<std::string> connection_properties;
268
269 #if !ADB_HOST
270 static const char* cnxn_props[] = {
271 "ro.product.name",
272 "ro.product.model",
273 "ro.product.device",
274 };
275
276 for (const auto& prop : cnxn_props) {
277 std::string value = std::string(prop) + "=" + android::base::GetProperty(prop, "");
278 connection_properties.push_back(value);
279 }
280 #endif
281
282 connection_properties.push_back(android::base::StringPrintf(
283 "features=%s", FeatureSetToString(supported_features()).c_str()));
284
285 return android::base::StringPrintf(
286 "%s::%s", adb_device_banner,
287 android::base::Join(connection_properties, ';').c_str());
288 }
289
send_tls_request(atransport * t)290 void send_tls_request(atransport* t) {
291 D("Calling send_tls_request");
292 apacket* p = get_apacket();
293 p->msg.command = A_STLS;
294 p->msg.arg0 = A_STLS_VERSION;
295 p->msg.data_length = 0;
296 send_packet(p, t);
297 }
298
send_connect(atransport * t)299 void send_connect(atransport* t) {
300 D("Calling send_connect");
301 apacket* cp = get_apacket();
302 cp->msg.command = A_CNXN;
303 // Send the max supported version, but because the transport is
304 // initialized to A_VERSION_MIN, this will be compatible with every
305 // device.
306 cp->msg.arg0 = A_VERSION;
307 cp->msg.arg1 = t->get_max_payload();
308
309 std::string connection_str = get_connection_string();
310 // Connect and auth packets are limited to MAX_PAYLOAD_V1 because we don't
311 // yet know how much data the other size is willing to accept.
312 if (connection_str.length() > MAX_PAYLOAD_V1) {
313 LOG(FATAL) << "Connection banner is too long (length = "
314 << connection_str.length() << ")";
315 }
316
317 cp->payload.assign(connection_str.begin(), connection_str.end());
318 cp->msg.data_length = cp->payload.size();
319
320 send_packet(cp, t);
321 }
322
parse_banner(const std::string & banner,atransport * t)323 void parse_banner(const std::string& banner, atransport* t) {
324 D("parse_banner: %s", banner.c_str());
325
326 // The format is something like:
327 // "device::ro.product.name=x;ro.product.model=y;ro.product.device=z;".
328 std::vector<std::string> pieces = android::base::Split(banner, ":");
329
330 // Reset the features list or else if the server sends no features we may
331 // keep the existing feature set (http://b/24405971).
332 t->SetFeatures("");
333
334 if (pieces.size() > 2) {
335 const std::string& props = pieces[2];
336 for (const auto& prop : android::base::Split(props, ";")) {
337 // The list of properties was traditionally ;-terminated rather than ;-separated.
338 if (prop.empty()) continue;
339
340 std::vector<std::string> key_value = android::base::Split(prop, "=");
341 if (key_value.size() != 2) continue;
342
343 const std::string& key = key_value[0];
344 const std::string& value = key_value[1];
345 if (key == "ro.product.name") {
346 t->product = value;
347 } else if (key == "ro.product.model") {
348 t->model = value;
349 } else if (key == "ro.product.device") {
350 t->device = value;
351 } else if (key == "features") {
352 t->SetFeatures(value);
353 }
354 }
355 }
356
357 const std::string& type = pieces[0];
358 if (type == "bootloader") {
359 D("setting connection_state to kCsBootloader");
360 t->SetConnectionState(kCsBootloader);
361 } else if (type == "device") {
362 D("setting connection_state to kCsDevice");
363 t->SetConnectionState(kCsDevice);
364 } else if (type == "recovery") {
365 D("setting connection_state to kCsRecovery");
366 t->SetConnectionState(kCsRecovery);
367 } else if (type == "sideload") {
368 D("setting connection_state to kCsSideload");
369 t->SetConnectionState(kCsSideload);
370 } else if (type == "rescue") {
371 D("setting connection_state to kCsRescue");
372 t->SetConnectionState(kCsRescue);
373 } else {
374 D("setting connection_state to kCsHost");
375 t->SetConnectionState(kCsHost);
376 }
377 }
378
handle_new_connection(atransport * t,apacket * p)379 static void handle_new_connection(atransport* t, apacket* p) {
380 handle_offline(t);
381
382 t->update_version(p->msg.arg0, p->msg.arg1);
383 std::string banner(p->payload.begin(), p->payload.end());
384 parse_banner(banner, t);
385
386 #if ADB_HOST
387 handle_online(t);
388 #else
389 ADB_LOG(Connection) << "received CNXN: version=" << p->msg.arg0 << ", maxdata = " << p->msg.arg1
390 << ", banner = '" << banner << "'";
391
392 if (t->use_tls) {
393 // We still handshake in TLS mode. If auth_required is disabled,
394 // we'll just not verify the client's certificate. This should be the
395 // first packet the client receives to indicate the new protocol.
396 send_tls_request(t);
397 } else if (!auth_required) {
398 LOG(INFO) << "authentication not required";
399 handle_online(t);
400 send_connect(t);
401 } else {
402 send_auth_request(t);
403 }
404 #endif
405 }
406
handle_packet(apacket * p,atransport * t)407 void handle_packet(apacket *p, atransport *t)
408 {
409 D("handle_packet() %c%c%c%c", ((char*) (&(p->msg.command)))[0],
410 ((char*) (&(p->msg.command)))[1],
411 ((char*) (&(p->msg.command)))[2],
412 ((char*) (&(p->msg.command)))[3]);
413 print_packet("recv", p);
414 CHECK_EQ(p->payload.size(), p->msg.data_length);
415
416 switch(p->msg.command){
417 case A_CNXN: // CONNECT(version, maxdata, "system-id-string")
418 handle_new_connection(t, p);
419 break;
420 case A_STLS: // TLS(version, "")
421 t->use_tls = true;
422 #if ADB_HOST
423 send_tls_request(t);
424 adb_auth_tls_handshake(t);
425 #else
426 adbd_auth_tls_handshake(t);
427 #endif
428 break;
429
430 case A_AUTH:
431 // All AUTH commands are ignored in TLS mode
432 if (t->use_tls) {
433 break;
434 }
435 switch (p->msg.arg0) {
436 #if ADB_HOST
437 case ADB_AUTH_TOKEN:
438 if (t->GetConnectionState() != kCsAuthorizing) {
439 t->SetConnectionState(kCsAuthorizing);
440 }
441 send_auth_response(p->payload.data(), p->msg.data_length, t);
442 break;
443 #else
444 case ADB_AUTH_SIGNATURE: {
445 // TODO: Switch to string_view.
446 std::string signature(p->payload.begin(), p->payload.end());
447 std::string auth_key;
448 if (adbd_auth_verify(t->token, sizeof(t->token), signature, &auth_key)) {
449 adbd_auth_verified(t);
450 t->failed_auth_attempts = 0;
451 t->auth_key = auth_key;
452 adbd_notify_framework_connected_key(t);
453 } else {
454 if (t->failed_auth_attempts++ > 256) std::this_thread::sleep_for(1s);
455 send_auth_request(t);
456 }
457 break;
458 }
459
460 case ADB_AUTH_RSAPUBLICKEY:
461 t->auth_key = std::string(p->payload.data());
462 adbd_auth_confirm_key(t);
463 break;
464 #endif
465 default:
466 t->SetConnectionState(kCsOffline);
467 handle_offline(t);
468 break;
469 }
470 break;
471
472 case A_OPEN: {
473 /* OPEN(local-id, [send-buffer], "destination") */
474 if (!t->online || p->msg.arg0 == 0) {
475 break;
476 }
477
478 uint32_t send_bytes = static_cast<uint32_t>(p->msg.arg1);
479 if (t->SupportsDelayedAck() != static_cast<bool>(send_bytes)) {
480 LOG(ERROR) << "unexpected value of A_OPEN arg1: " << send_bytes
481 << " (delayed acks = " << t->SupportsDelayedAck() << ")";
482 send_close(0, p->msg.arg0, t);
483 break;
484 }
485
486 std::string_view address(p->payload.begin(), p->payload.size());
487
488 // Historically, we received service names as a char*, and stopped at the first NUL
489 // byte. The client sent strings with null termination, which post-string_view, start
490 // being interpreted as part of the string, unless we explicitly strip them.
491 address = StripTrailingNulls(address);
492 #if ADB_HOST
493 // The incoming address (from the payload) might be some other
494 // target (e.g tcp:<ip>:8000), however we do not allow *any*
495 // such requests - namely, those from (a potentially compromised)
496 // adbd (reverse:forward: source) port transport.
497 if (!t->IsReverseConfigured(address.data())) {
498 LOG(FATAL) << __func__ << " disallowed connect to " << address << " from "
499 << t->serial_name();
500 }
501 #endif
502 asocket* s = create_local_service_socket(address, t);
503 if (s == nullptr) {
504 send_close(0, p->msg.arg0, t);
505 break;
506 }
507
508 s->peer = create_remote_socket(p->msg.arg0, t);
509 s->peer->peer = s;
510
511 if (t->SupportsDelayedAck()) {
512 LOG(DEBUG) << "delayed ack available: send buffer = " << send_bytes;
513 s->available_send_bytes = send_bytes;
514
515 // TODO: Make this adjustable at connection time?
516 send_ready(s->id, s->peer->id, t, INITIAL_DELAYED_ACK_BYTES);
517 } else {
518 LOG(DEBUG) << "delayed ack unavailable";
519 send_ready(s->id, s->peer->id, t, 0);
520 }
521
522 s->ready(s);
523 break;
524 }
525
526 case A_OKAY: /* READY(local-id, remote-id, "") */
527 if (t->online && p->msg.arg0 != 0 && p->msg.arg1 != 0) {
528 asocket* s = find_local_socket(p->msg.arg1, 0);
529 if (s) {
530 std::optional<int32_t> acked_bytes;
531 if (p->payload.size() == sizeof(int32_t)) {
532 int32_t value;
533 memcpy(&value, p->payload.data(), sizeof(value));
534 // acked_bytes can be negative!
535 //
536 // In the future, we can use this to preemptively supply backpressure, instead
537 // of waiting for the writer to hit its limit.
538 acked_bytes = value;
539 } else if (p->payload.size() != 0) {
540 LOG(ERROR) << "invalid A_OKAY payload size: " << p->payload.size();
541 return;
542 }
543
544 if (s->peer == nullptr) {
545 /* On first READY message, create the connection. */
546 s->peer = create_remote_socket(p->msg.arg0, t);
547 s->peer->peer = s;
548
549 local_socket_ack(s, acked_bytes);
550 s->ready(s);
551 } else if (s->peer->id == p->msg.arg0) {
552 /* Other READY messages must use the same local-id */
553 local_socket_ack(s, acked_bytes);
554 } else {
555 D("Invalid A_OKAY(%d,%d), expected A_OKAY(%d,%d) on transport %s", p->msg.arg0,
556 p->msg.arg1, s->peer->id, p->msg.arg1, t->serial.c_str());
557 }
558 } else {
559 // When receiving A_OKAY from device for A_OPEN request, the host server may
560 // have closed the local socket because of client disconnection. Then we need
561 // to send A_CLSE back to device to close the service on device.
562 send_close(p->msg.arg1, p->msg.arg0, t);
563 }
564 }
565 break;
566
567 case A_CLSE: /* CLOSE(local-id, remote-id, "") or CLOSE(0, remote-id, "") */
568 if (t->online && p->msg.arg1 != 0) {
569 asocket* s = find_local_socket(p->msg.arg1, p->msg.arg0);
570 if (s) {
571 /* According to protocol.txt, p->msg.arg0 might be 0 to indicate
572 * a failed OPEN only. However, due to a bug in previous ADB
573 * versions, CLOSE(0, remote-id, "") was also used for normal
574 * CLOSE() operations.
575 *
576 * This is bad because it means a compromised adbd could
577 * send packets to close connections between the host and
578 * other devices. To avoid this, only allow this if the local
579 * socket has a peer on the same transport.
580 */
581 if (p->msg.arg0 == 0 && s->peer && s->peer->transport != t) {
582 D("Invalid A_CLSE(0, %u) from transport %s, expected transport %s", p->msg.arg1,
583 t->serial.c_str(), s->peer->transport->serial.c_str());
584 } else {
585 s->close(s);
586 }
587 }
588 }
589 break;
590
591 case A_WRTE: /* WRITE(local-id, remote-id, <data>) */
592 if (t->online && p->msg.arg0 != 0 && p->msg.arg1 != 0) {
593 asocket* s = find_local_socket(p->msg.arg1, p->msg.arg0);
594 if (s) {
595 s->enqueue(s, std::move(p->payload));
596 }
597 }
598 break;
599
600 default:
601 printf("handle_packet: what is %08x?!\n", p->msg.command);
602 }
603
604 put_apacket(p);
605 }
606
607 #if ADB_HOST
608
609 #ifdef _WIN32
610
611 // Try to make a handle non-inheritable and if there is an error, don't output
612 // any error info, but leave GetLastError() for the caller to read. This is
613 // convenient if the caller is expecting that this may fail and they'd like to
614 // ignore such a failure.
_try_make_handle_noninheritable(HANDLE h)615 static bool _try_make_handle_noninheritable(HANDLE h) {
616 if (h != INVALID_HANDLE_VALUE && h != NULL) {
617 return SetHandleInformation(h, HANDLE_FLAG_INHERIT, 0) ? true : false;
618 }
619
620 return true;
621 }
622
623 // Try to make a handle non-inheritable with the expectation that this should
624 // succeed, so if this fails, output error info.
_make_handle_noninheritable(HANDLE h)625 static bool _make_handle_noninheritable(HANDLE h) {
626 if (!_try_make_handle_noninheritable(h)) {
627 // Show the handle value to give us a clue in case we have problems
628 // with pseudo-handle values.
629 fprintf(stderr, "adb: cannot make handle 0x%p non-inheritable: %s\n", h,
630 android::base::SystemErrorCodeToString(GetLastError()).c_str());
631 return false;
632 }
633
634 return true;
635 }
636
637 // Create anonymous pipe, preventing inheritance of the read pipe and setting
638 // security of the write pipe to sa.
_create_anonymous_pipe(unique_handle * pipe_read_out,unique_handle * pipe_write_out,SECURITY_ATTRIBUTES * sa)639 static bool _create_anonymous_pipe(unique_handle* pipe_read_out,
640 unique_handle* pipe_write_out,
641 SECURITY_ATTRIBUTES* sa) {
642 HANDLE pipe_read_raw = NULL;
643 HANDLE pipe_write_raw = NULL;
644 if (!CreatePipe(&pipe_read_raw, &pipe_write_raw, sa, 0)) {
645 fprintf(stderr, "adb: CreatePipe failed: %s\n",
646 android::base::SystemErrorCodeToString(GetLastError()).c_str());
647 return false;
648 }
649
650 unique_handle pipe_read(pipe_read_raw);
651 pipe_read_raw = NULL;
652 unique_handle pipe_write(pipe_write_raw);
653 pipe_write_raw = NULL;
654
655 if (!_make_handle_noninheritable(pipe_read.get())) {
656 return false;
657 }
658
659 *pipe_read_out = std::move(pipe_read);
660 *pipe_write_out = std::move(pipe_write);
661
662 return true;
663 }
664
665 // Read from a pipe (that we take ownership of) and write the result to stdout/stderr. Return on
666 // error or when the pipe is closed. Internally makes inheritable handles, so this should not be
667 // called if subprocesses may be started concurrently.
_redirect_pipe_thread(HANDLE h,DWORD nStdHandle)668 static unsigned _redirect_pipe_thread(HANDLE h, DWORD nStdHandle) {
669 // Take ownership of the HANDLE and close when we're done.
670 unique_handle read_pipe(h);
671 const char* output_name = nStdHandle == STD_OUTPUT_HANDLE ? "stdout" : "stderr";
672 const int original_fd = fileno(nStdHandle == STD_OUTPUT_HANDLE ? stdout : stderr);
673 std::unique_ptr<FILE, decltype(&fclose)> stream(nullptr, fclose);
674
675 if (original_fd == -1) {
676 fprintf(stderr, "adb: failed to get file descriptor for %s: %s\n", output_name,
677 strerror(errno));
678 return EXIT_FAILURE;
679 }
680
681 // If fileno() is -2, stdout/stderr is not associated with an output stream, so we should read,
682 // but don't write. Otherwise, make a FILE* identical to stdout/stderr except that it is in
683 // binary mode with no CR/LR translation since we're reading raw.
684 if (original_fd >= 0) {
685 // This internally makes a duplicate file handle that is inheritable, so callers should not
686 // call this function if subprocesses may be started concurrently.
687 const int fd = dup(original_fd);
688 if (fd == -1) {
689 fprintf(stderr, "adb: failed to duplicate file descriptor for %s: %s\n", output_name,
690 strerror(errno));
691 return EXIT_FAILURE;
692 }
693
694 // Note that although we call fdopen() below with a binary flag, it may not adhere to that
695 // flag, so we have to set the mode manually.
696 if (_setmode(fd, _O_BINARY) == -1) {
697 fprintf(stderr, "adb: failed to set binary mode for duplicate of %s: %s\n", output_name,
698 strerror(errno));
699 unix_close(fd);
700 return EXIT_FAILURE;
701 }
702
703 stream.reset(fdopen(fd, "wb"));
704 if (stream.get() == nullptr) {
705 fprintf(stderr, "adb: failed to open duplicate stream for %s: %s\n", output_name,
706 strerror(errno));
707 unix_close(fd);
708 return EXIT_FAILURE;
709 }
710
711 // Unbuffer the stream because it will be buffered by default and we want subprocess output
712 // to be shown immediately.
713 if (setvbuf(stream.get(), NULL, _IONBF, 0) == -1) {
714 fprintf(stderr, "adb: failed to unbuffer %s: %s\n", output_name, strerror(errno));
715 return EXIT_FAILURE;
716 }
717
718 // fd will be closed when stream is closed.
719 }
720
721 while (true) {
722 char buf[64 * 1024];
723 DWORD bytes_read = 0;
724 if (!ReadFile(read_pipe.get(), buf, sizeof(buf), &bytes_read, NULL)) {
725 const DWORD err = GetLastError();
726 // ERROR_BROKEN_PIPE is expected when the subprocess closes
727 // the other end of the pipe.
728 if (err == ERROR_BROKEN_PIPE) {
729 return EXIT_SUCCESS;
730 } else {
731 fprintf(stderr, "adb: failed to read from %s: %s\n", output_name,
732 android::base::SystemErrorCodeToString(err).c_str());
733 return EXIT_FAILURE;
734 }
735 }
736
737 // Don't try to write if our stdout/stderr was not setup by the parent process.
738 if (stream) {
739 // fwrite() actually calls adb_fwrite() which can write UTF-8 to the console.
740 const size_t bytes_written = fwrite(buf, 1, bytes_read, stream.get());
741 if (bytes_written != bytes_read) {
742 fprintf(stderr, "adb: error: only wrote %zu of %lu bytes to %s\n", bytes_written,
743 bytes_read, output_name);
744 return EXIT_FAILURE;
745 }
746 }
747 }
748 }
749
_redirect_stdout_thread(HANDLE h)750 static unsigned __stdcall _redirect_stdout_thread(HANDLE h) {
751 adb_thread_setname("stdout redirect");
752 return _redirect_pipe_thread(h, STD_OUTPUT_HANDLE);
753 }
754
_redirect_stderr_thread(HANDLE h)755 static unsigned __stdcall _redirect_stderr_thread(HANDLE h) {
756 adb_thread_setname("stderr redirect");
757 return _redirect_pipe_thread(h, STD_ERROR_HANDLE);
758 }
759
760 #endif
761
ReportServerStartupFailure(pid_t pid)762 static void ReportServerStartupFailure(pid_t pid) {
763 fprintf(stderr, "ADB server didn't ACK\n");
764 fprintf(stderr, "Full server startup log: %s\n", GetLogFilePath().c_str());
765 fprintf(stderr, "Server had pid: %d\n", pid);
766
767 android::base::unique_fd fd(unix_open(GetLogFilePath(), O_RDONLY));
768 if (fd == -1) return;
769
770 // Let's not show more than 128KiB of log...
771 unix_lseek(fd, -128 * 1024, SEEK_END);
772 std::string content;
773 if (!android::base::ReadFdToString(fd, &content)) return;
774
775 std::string header = android::base::StringPrintf("--- adb starting (pid %d) ---", pid);
776 std::vector<std::string> lines = android::base::Split(content, "\n");
777 int i = lines.size() - 1;
778 while (i >= 0 && lines[i] != header) --i;
779 while (static_cast<size_t>(i) < lines.size()) fprintf(stderr, "%s\n", lines[i++].c_str());
780 }
781
is_one_device_mandatory()782 bool is_one_device_mandatory() {
783 return access("/etc/adb/one_device_required", F_OK) == 0;
784 }
785
launch_server(const std::string & socket_spec,const char * one_device)786 int launch_server(const std::string& socket_spec, const char* one_device) {
787 #if defined(_WIN32)
788 /* we need to start the server in the background */
789 /* we create a PIPE that will be used to wait for the server's "OK" */
790 /* message since the pipe handles must be inheritable, we use a */
791 /* security attribute */
792 SECURITY_ATTRIBUTES sa;
793 sa.nLength = sizeof(sa);
794 sa.lpSecurityDescriptor = NULL;
795 sa.bInheritHandle = TRUE;
796
797 // Redirect stdin to Windows /dev/null. If we instead pass an original
798 // stdin/stdout/stderr handle and it is a console handle, when the adb
799 // server starts up, the C Runtime will see a console handle for a process
800 // that isn't connected to a console and it will configure
801 // stdin/stdout/stderr to be closed. At that point, freopen() could be used
802 // to reopen stderr/out, but it would take more massaging to fixup the file
803 // descriptor number that freopen() uses. It's simplest to avoid all of this
804 // complexity by just redirecting stdin to `nul' and then the C Runtime acts
805 // as expected.
806 unique_handle nul_read(CreateFileW(L"nul", GENERIC_READ,
807 FILE_SHARE_READ | FILE_SHARE_WRITE, &sa, OPEN_EXISTING,
808 FILE_ATTRIBUTE_NORMAL, NULL));
809 if (nul_read.get() == INVALID_HANDLE_VALUE) {
810 fprintf(stderr, "adb: CreateFileW 'nul' failed: %s\n",
811 android::base::SystemErrorCodeToString(GetLastError()).c_str());
812 return -1;
813 }
814
815 // Create pipes with non-inheritable read handle, inheritable write handle. We need to connect
816 // the subprocess to pipes instead of just letting the subprocess inherit our existing
817 // stdout/stderr handles because a DETACHED_PROCESS cannot write to a console that it is not
818 // attached to.
819 unique_handle ack_read, ack_write;
820 if (!_create_anonymous_pipe(&ack_read, &ack_write, &sa)) {
821 return -1;
822 }
823 unique_handle stdout_read, stdout_write;
824 if (!_create_anonymous_pipe(&stdout_read, &stdout_write, &sa)) {
825 return -1;
826 }
827 unique_handle stderr_read, stderr_write;
828 if (!_create_anonymous_pipe(&stderr_read, &stderr_write, &sa)) {
829 return -1;
830 }
831
832 /* Some programs want to launch an adb command and collect its output by
833 * calling CreateProcess with inheritable stdout/stderr handles, then
834 * using read() to get its output. When this happens, the stdout/stderr
835 * handles passed to the adb client process will also be inheritable.
836 * When starting the adb server here, care must be taken to reset them
837 * to non-inheritable.
838 * Otherwise, something bad happens: even if the adb command completes,
839 * the calling process is stuck while read()-ing from the stdout/stderr
840 * descriptors, because they're connected to corresponding handles in the
841 * adb server process (even if the latter never uses/writes to them).
842 * Note that even if we don't pass these handles in the STARTUPINFO struct,
843 * if they're marked inheritable, they're still inherited, requiring us to
844 * deal with this.
845 *
846 * If we're still having problems with inheriting random handles in the
847 * future, consider using PROC_THREAD_ATTRIBUTE_HANDLE_LIST to explicitly
848 * specify which handles should be inherited: http://blogs.msdn.com/b/oldnewthing/archive/2011/12/16/10248328.aspx
849 *
850 * Older versions of Windows return console pseudo-handles that cannot be
851 * made non-inheritable, so ignore those failures.
852 */
853 _try_make_handle_noninheritable(GetStdHandle(STD_INPUT_HANDLE));
854 _try_make_handle_noninheritable(GetStdHandle(STD_OUTPUT_HANDLE));
855 _try_make_handle_noninheritable(GetStdHandle(STD_ERROR_HANDLE));
856
857 STARTUPINFOW startup;
858 ZeroMemory( &startup, sizeof(startup) );
859 startup.cb = sizeof(startup);
860 startup.hStdInput = nul_read.get();
861 startup.hStdOutput = stdout_write.get();
862 startup.hStdError = stderr_write.get();
863 startup.dwFlags = STARTF_USESTDHANDLES;
864
865 // Verify that the pipe_write handle value can be passed on the command line
866 // as %d and that the rest of adb code can pass it around in an int.
867 const int ack_write_as_int = cast_handle_to_int(ack_write.get());
868 if (cast_int_to_handle(ack_write_as_int) != ack_write.get()) {
869 // If this fires, either handle values are larger than 32-bits or else
870 // there is a bug in our casting.
871 // https://msdn.microsoft.com/en-us/library/windows/desktop/aa384203%28v=vs.85%29.aspx
872 fprintf(stderr, "adb: cannot fit pipe handle value into 32-bits: 0x%p\n", ack_write.get());
873 return -1;
874 }
875
876 // get path of current program
877 WCHAR program_path[MAX_PATH];
878 const DWORD module_result = GetModuleFileNameW(NULL, program_path,
879 arraysize(program_path));
880 if ((module_result >= arraysize(program_path)) || (module_result == 0)) {
881 // String truncation or some other error.
882 fprintf(stderr, "adb: cannot get executable path: %s\n",
883 android::base::SystemErrorCodeToString(GetLastError()).c_str());
884 return -1;
885 }
886
887 std::vector<std::string> child_argv = {"adb", "-L", socket_spec};
888 if (gListenAll) {
889 child_argv.push_back("-a");
890 }
891 child_argv.push_back("fork-server");
892 child_argv.push_back("server");
893 child_argv.push_back("--reply-fd");
894 child_argv.push_back(std::to_string(ack_write_as_int));
895 if (one_device) {
896 child_argv.push_back("--one-device");
897 child_argv.push_back(one_device);
898 }
899 // Ideally we'd do CommandLineToArgvW-like quoting, but this is probably
900 // sufficient for the arguments we have.
901 std::string cmdline = android::base::Join(child_argv, ' ');
902 std::wstring cmdline_wide;
903 if (!android::base::UTF8ToWide(cmdline, &cmdline_wide)) {
904 fprintf(stderr, "adb: could not convert cmdline from UTF-8 to UTF-16: %s\n",
905 cmdline.c_str());
906 return -1;
907 }
908
909 PROCESS_INFORMATION pinfo;
910 ZeroMemory(&pinfo, sizeof(pinfo));
911
912 if (!CreateProcessW(
913 program_path, /* program path */
914 cmdline_wide.data(),
915 /* the fork-server argument will set the
916 debug = 2 in the child */
917 NULL, /* process handle is not inheritable */
918 NULL, /* thread handle is not inheritable */
919 TRUE, /* yes, inherit some handles */
920 DETACHED_PROCESS, /* the new process doesn't have a console */
921 NULL, /* use parent's environment block */
922 NULL, /* use parent's starting directory */
923 &startup, /* startup info, i.e. std handles */
924 &pinfo )) {
925 fprintf(stderr, "adb: CreateProcessW failed: %s\n",
926 android::base::SystemErrorCodeToString(GetLastError()).c_str());
927 return -1;
928 }
929
930 unique_handle process_handle(pinfo.hProcess);
931 pinfo.hProcess = NULL;
932
933 // Close handles that we no longer need to complete the rest.
934 CloseHandle(pinfo.hThread);
935 pinfo.hThread = NULL;
936
937 nul_read.reset();
938 ack_write.reset();
939 stdout_write.reset();
940 stderr_write.reset();
941
942 // Start threads to read from subprocess stdout/stderr and write to ours to make subprocess
943 // errors easier to diagnose. Note that the threads internally create inheritable handles, but
944 // that is ok because we've already spawned the subprocess.
945
946 // In the past, reading from a pipe before the child process's C Runtime
947 // started up and called GetFileType() caused a hang: http://blogs.msdn.com/b/oldnewthing/archive/2011/12/02/10243553.aspx#10244216
948 // This is reportedly fixed in Windows Vista: https://support.microsoft.com/en-us/kb/2009703
949 // I was unable to reproduce the problem on Windows XP. It sounds like a
950 // Windows Update may have fixed this: https://www.duckware.com/tech/peeknamedpipe.html
951 unique_handle stdout_thread(reinterpret_cast<HANDLE>(
952 _beginthreadex(NULL, 0, _redirect_stdout_thread, stdout_read.get(),
953 0, NULL)));
954 if (stdout_thread.get() == nullptr) {
955 fprintf(stderr, "adb: cannot create thread: %s\n", strerror(errno));
956 return -1;
957 }
958 stdout_read.release(); // Transfer ownership to new thread
959
960 unique_handle stderr_thread(reinterpret_cast<HANDLE>(
961 _beginthreadex(NULL, 0, _redirect_stderr_thread, stderr_read.get(),
962 0, NULL)));
963 if (stderr_thread.get() == nullptr) {
964 fprintf(stderr, "adb: cannot create thread: %s\n", strerror(errno));
965 return -1;
966 }
967 stderr_read.release(); // Transfer ownership to new thread
968
969 bool got_ack = false;
970
971 // Wait for the "OK\n" message, for the pipe to be closed, or other error.
972 {
973 char temp[3];
974 DWORD count = 0;
975
976 if (ReadFile(ack_read.get(), temp, sizeof(temp), &count, NULL)) {
977 const CHAR expected[] = "OK\n";
978 const DWORD expected_length = arraysize(expected) - 1;
979 if (count == expected_length &&
980 memcmp(temp, expected, expected_length) == 0) {
981 got_ack = true;
982 } else {
983 ReportServerStartupFailure(pinfo.dwProcessId);
984 return -1;
985 }
986 } else {
987 const DWORD err = GetLastError();
988 // If the ACK was not written and the process exited, GetLastError()
989 // is probably ERROR_BROKEN_PIPE, in which case that info is not
990 // useful to the user.
991 fprintf(stderr, "could not read ok from ADB Server%s\n",
992 err == ERROR_BROKEN_PIPE ? "" :
993 android::base::StringPrintf(": %s",
994 android::base::SystemErrorCodeToString(err).c_str()).c_str());
995 }
996 }
997
998 // Always try to wait a bit for threads reading stdout/stderr to finish.
999 // If the process started ok, it should close the pipes causing the threads
1000 // to finish. If the process had an error, it should exit, also causing
1001 // the pipes to be closed. In that case we want to read all of the output
1002 // and write it out so that the user can diagnose failures.
1003 const DWORD thread_timeout_ms = 15 * 1000;
1004 const HANDLE threads[] = { stdout_thread.get(), stderr_thread.get() };
1005 const DWORD wait_result = WaitForMultipleObjects(arraysize(threads),
1006 threads, TRUE, thread_timeout_ms);
1007 if (wait_result == WAIT_TIMEOUT) {
1008 // Threads did not finish after waiting a little while. Perhaps the
1009 // server didn't close pipes, or it is hung.
1010 fprintf(stderr, "adb: timed out waiting for threads to finish reading from ADB server\n");
1011 // Process handles are signaled when the process exits, so if we wait
1012 // on the handle for 0 seconds and it returns 'timeout', that means that
1013 // the process is still running.
1014 if (WaitForSingleObject(process_handle.get(), 0) == WAIT_TIMEOUT) {
1015 // We could TerminateProcess(), but that seems somewhat presumptive.
1016 fprintf(stderr, "adb: server is running with process id %lu\n", pinfo.dwProcessId);
1017 }
1018 return -1;
1019 }
1020
1021 if (wait_result != WAIT_OBJECT_0) {
1022 fprintf(stderr, "adb: unexpected result waiting for threads: %lu: %s\n", wait_result,
1023 android::base::SystemErrorCodeToString(GetLastError()).c_str());
1024 return -1;
1025 }
1026
1027 // For now ignore the thread exit codes and assume they worked properly.
1028
1029 if (!got_ack) {
1030 return -1;
1031 }
1032 #else /* !defined(_WIN32) */
1033 // set up a pipe so the child can tell us when it is ready.
1034 unique_fd pipe_read, pipe_write;
1035 if (!Pipe(&pipe_read, &pipe_write)) {
1036 fprintf(stderr, "pipe failed in launch_server, errno: %d\n", errno);
1037 return -1;
1038 }
1039
1040 std::string path = android::base::GetExecutablePath();
1041
1042 std::string reply_fd = std::to_string(pipe_write.get());
1043 // child process arguments
1044 std::vector<const char*> child_argv = {"adb", "-L", socket_spec.c_str()};
1045 if (gListenAll) {
1046 child_argv.push_back("-a");
1047 }
1048 child_argv.push_back("fork-server");
1049 child_argv.push_back("server");
1050 child_argv.push_back("--reply-fd");
1051 child_argv.push_back(reply_fd.c_str());
1052 if (one_device) {
1053 child_argv.push_back("--one-device");
1054 child_argv.push_back(one_device);
1055 } else if (is_one_device_mandatory()) {
1056 fprintf(stderr,
1057 "adb: cannot start server: --one-device option is required for this system in "
1058 "order to start adb.\n");
1059 return -1;
1060 }
1061 child_argv.push_back(nullptr);
1062
1063 pid_t pid = fork();
1064 if (pid < 0) return -1;
1065
1066 if (pid == 0) {
1067 // child side of the fork
1068 pipe_read.reset();
1069
1070 // android::base::Pipe unconditionally opens the pipe with O_CLOEXEC.
1071 // Undo this manually.
1072 fcntl(pipe_write.get(), F_SETFD, 0);
1073
1074 int result = execv(path.c_str(), const_cast<char* const*>(child_argv.data()));
1075 // this should not return
1076 fprintf(stderr, "adb: execl returned %d: %s\n", result, strerror(errno));
1077 _exit(127);
1078 } else {
1079 // parent side of the fork
1080 char temp[3] = {};
1081 // wait for the "OK\n" message
1082 pipe_write.reset();
1083 int ret = adb_read(pipe_read.get(), temp, 3);
1084 int saved_errno = errno;
1085 pipe_read.reset();
1086 if (ret < 0) {
1087 fprintf(stderr, "could not read ok from ADB Server, errno = %d\n", saved_errno);
1088 return -1;
1089 }
1090 if (ret != 3 || temp[0] != 'O' || temp[1] != 'K' || temp[2] != '\n') {
1091 ReportServerStartupFailure(pid);
1092 return -1;
1093 }
1094 }
1095 #endif /* !defined(_WIN32) */
1096 return 0;
1097 }
1098 #endif /* ADB_HOST */
1099
handle_forward_request(const char * service,atransport * transport,int reply_fd)1100 bool handle_forward_request(const char* service, atransport* transport, int reply_fd) {
1101 return handle_forward_request(service, [transport](std::string*) { return transport; },
1102 reply_fd);
1103 }
1104
1105 // Try to handle a network forwarding request.
handle_forward_request(const char * service,std::function<atransport * (std::string * error)> transport_acquirer,int reply_fd)1106 bool handle_forward_request(const char* service,
1107 std::function<atransport*(std::string* error)> transport_acquirer,
1108 int reply_fd) {
1109 if (!strcmp(service, "list-forward")) {
1110 // Create the list of forward redirections.
1111 std::string listeners = format_listeners();
1112 #if ADB_HOST
1113 SendOkay(reply_fd);
1114 #endif
1115 SendProtocolString(reply_fd, listeners);
1116 return true;
1117 }
1118
1119 if (!strcmp(service, "killforward-all")) {
1120 remove_all_listeners();
1121 #if ADB_HOST
1122 /* On the host: 1st OKAY is connect, 2nd OKAY is status */
1123 SendOkay(reply_fd);
1124 #endif
1125 SendOkay(reply_fd);
1126 return true;
1127 }
1128
1129 if (!strncmp(service, "forward:", 8) || !strncmp(service, "killforward:", 12)) {
1130 // killforward:local
1131 // forward:(norebind:)?local;remote
1132 std::string error;
1133 atransport* transport = transport_acquirer(&error);
1134 if (!transport) {
1135 SendFail(reply_fd, error);
1136 return true;
1137 }
1138
1139 bool kill_forward = false;
1140 bool no_rebind = false;
1141 if (android::base::StartsWith(service, "killforward:")) {
1142 kill_forward = true;
1143 service += 12;
1144 } else {
1145 service += 8; // skip past "forward:"
1146 if (android::base::StartsWith(service, "norebind:")) {
1147 no_rebind = true;
1148 service += 9;
1149 }
1150 }
1151
1152 std::vector<std::string> pieces = android::base::Split(service, ";");
1153
1154 if (kill_forward) {
1155 // Check killforward: parameter format: '<local>'
1156 if (pieces.size() != 1 || pieces[0].empty()) {
1157 SendFail(reply_fd, android::base::StringPrintf("bad killforward: %s", service));
1158 return true;
1159 }
1160 } else {
1161 // Check forward: parameter format: '<local>;<remote>'
1162 if (pieces.size() != 2 || pieces[0].empty() || pieces[1].empty() || pieces[1][0] == '*') {
1163 SendFail(reply_fd, android::base::StringPrintf("bad forward: %s", service));
1164 return true;
1165 }
1166 }
1167
1168 InstallStatus r;
1169 int resolved_tcp_port = 0;
1170 if (kill_forward) {
1171 r = remove_listener(pieces[0].c_str(), transport);
1172 } else {
1173 int flags = 0;
1174 if (no_rebind) {
1175 flags |= INSTALL_LISTENER_NO_REBIND;
1176 }
1177 r = install_listener(pieces[0], pieces[1].c_str(), transport, flags, &resolved_tcp_port,
1178 &error);
1179 }
1180 if (r == INSTALL_STATUS_OK) {
1181 #if ADB_HOST
1182 // On the host: 1st OKAY is connect, 2nd OKAY is status.
1183 SendOkay(reply_fd);
1184 #endif
1185 SendOkay(reply_fd);
1186
1187 // If a TCP port was resolved, send the actual port number back.
1188 if (resolved_tcp_port != 0) {
1189 SendProtocolString(reply_fd, android::base::StringPrintf("%d", resolved_tcp_port));
1190 }
1191
1192 return true;
1193 }
1194
1195 std::string message;
1196 switch (r) {
1197 case INSTALL_STATUS_OK: message = "success (!)"; break;
1198 case INSTALL_STATUS_INTERNAL_ERROR: message = "internal error"; break;
1199 case INSTALL_STATUS_CANNOT_BIND:
1200 message = android::base::StringPrintf("cannot bind listener: %s",
1201 error.c_str());
1202 break;
1203 case INSTALL_STATUS_CANNOT_REBIND:
1204 message = android::base::StringPrintf("cannot rebind existing socket");
1205 break;
1206 case INSTALL_STATUS_LISTENER_NOT_FOUND:
1207 message = android::base::StringPrintf("listener '%s' not found", service);
1208 break;
1209 }
1210 SendFail(reply_fd, message);
1211 return true;
1212 }
1213
1214 return false;
1215 }
1216
1217 #if ADB_HOST
SendOkay(int fd,const std::string & s)1218 static int SendOkay(int fd, const std::string& s) {
1219 SendOkay(fd);
1220 SendProtocolString(fd, s);
1221 return 0;
1222 }
1223
1224 static bool g_reject_kill_server = false;
adb_set_reject_kill_server(bool value)1225 void adb_set_reject_kill_server(bool value) {
1226 g_reject_kill_server = value;
1227 }
1228
handle_mdns_request(std::string_view service,int reply_fd)1229 static bool handle_mdns_request(std::string_view service, int reply_fd) {
1230 if (!android::base::ConsumePrefix(&service, "mdns:")) {
1231 return false;
1232 }
1233
1234 if (service == "check") {
1235 std::string check = mdns_check();
1236 SendOkay(reply_fd, check);
1237 return true;
1238 }
1239 if (service == "services") {
1240 std::string services_list = mdns_list_discovered_services();
1241 SendOkay(reply_fd, services_list);
1242 return true;
1243 }
1244
1245 return false;
1246 }
1247
handle_host_request(std::string_view service,TransportType type,const char * serial,TransportId transport_id,int reply_fd,asocket * s)1248 HostRequestResult handle_host_request(std::string_view service, TransportType type,
1249 const char* serial, TransportId transport_id, int reply_fd,
1250 asocket* s) {
1251 if (service == "kill") {
1252 if (g_reject_kill_server) {
1253 LOG(WARNING) << "adb server ignoring kill-server";
1254 SendFail(reply_fd, "kill-server rejected by remote server");
1255 } else {
1256 fprintf(stderr, "adb server killed by remote request\n");
1257 SendOkay(reply_fd);
1258
1259 // Rely on process exit to close the socket for us.
1260 exit(0);
1261 }
1262 }
1263
1264 VLOG(SERVICES) << "handle_host_request(" << service << ")";
1265
1266 // Transport selection:
1267 if (service.starts_with("transport") || service.starts_with("tport:")) {
1268 TransportType type = kTransportAny;
1269
1270 std::string serial_storage;
1271 bool legacy = true;
1272
1273 // New transport selection protocol:
1274 // This is essentially identical to the previous version, except it returns the selected
1275 // transport id to the caller as well.
1276 if (android::base::ConsumePrefix(&service, "tport:")) {
1277 legacy = false;
1278 if (android::base::ConsumePrefix(&service, "serial:")) {
1279 serial_storage = service;
1280 serial = serial_storage.c_str();
1281 } else if (service == "usb") {
1282 type = kTransportUsb;
1283 } else if (service == "local") {
1284 type = kTransportLocal;
1285 } else if (service == "any") {
1286 type = kTransportAny;
1287 }
1288
1289 // Selection by id is unimplemented, since you obviously already know the transport id
1290 // you're connecting to.
1291 } else {
1292 if (android::base::ConsumePrefix(&service, "transport-id:")) {
1293 if (!ParseUint(&transport_id, service)) {
1294 SendFail(reply_fd, "invalid transport id");
1295 return HostRequestResult::Handled;
1296 }
1297 } else if (service == "transport-usb") {
1298 type = kTransportUsb;
1299 } else if (service == "transport-local") {
1300 type = kTransportLocal;
1301 } else if (service == "transport-any") {
1302 type = kTransportAny;
1303 } else if (android::base::ConsumePrefix(&service, "transport:")) {
1304 serial_storage = service;
1305 serial = serial_storage.c_str();
1306 }
1307 }
1308
1309 std::string error;
1310 atransport* t = acquire_one_transport(type, serial, transport_id, nullptr, &error);
1311 if (t != nullptr) {
1312 s->transport = t;
1313 SendOkay(reply_fd);
1314
1315 if (!legacy) {
1316 // Nothing we can do if this fails.
1317 WriteFdExactly(reply_fd, &t->id, sizeof(t->id));
1318 }
1319
1320 return HostRequestResult::SwitchedTransport;
1321 } else {
1322 SendFail(reply_fd, error);
1323 return HostRequestResult::Handled;
1324 }
1325 }
1326
1327 // return a list of all connected devices
1328 if (service == "devices" || service == "devices-l") {
1329 TrackerOutputType output_type;
1330 if (service == "devices-l") {
1331 output_type = LONG_TEXT;
1332 } else {
1333 output_type = SHORT_TEXT;
1334 }
1335 D("Getting device list...");
1336 std::string device_list = list_transports(output_type);
1337 D("Sending device list...");
1338 SendOkay(reply_fd, device_list);
1339 return HostRequestResult::Handled;
1340 }
1341
1342 if (service == "reconnect-offline") {
1343 std::string response;
1344 close_usb_devices([&response](const atransport* transport) {
1345 if (!ConnectionStateIsOnline(transport->GetConnectionState())) {
1346 response += "reconnecting " + transport->serial_name() + "\n";
1347 return true;
1348 }
1349 return false;
1350 }, true);
1351 if (!response.empty()) {
1352 response.resize(response.size() - 1);
1353 }
1354 SendOkay(reply_fd, response);
1355 return HostRequestResult::Handled;
1356 }
1357
1358 if (service == "features") {
1359 std::string error;
1360 atransport* t =
1361 s->transport ? s->transport
1362 : acquire_one_transport(type, serial, transport_id, nullptr, &error);
1363 if (t != nullptr) {
1364 SendOkay(reply_fd, FeatureSetToString(t->features()));
1365 } else {
1366 SendFail(reply_fd, error);
1367 }
1368 return HostRequestResult::Handled;
1369 }
1370
1371 if (service == "host-features") {
1372 FeatureSet features = supported_features();
1373 // Abuse features to report libusb status.
1374 if (should_use_libusb()) {
1375 features.emplace_back(kFeatureLibusb);
1376 }
1377 features.emplace_back(kFeaturePushSync);
1378 SendOkay(reply_fd, FeatureSetToString(features));
1379 return HostRequestResult::Handled;
1380 }
1381
1382 // remove TCP transport
1383 if (service.starts_with("disconnect:")) {
1384 std::string address(service.substr(11));
1385 if (address.empty()) {
1386 kick_all_tcp_devices();
1387 SendOkay(reply_fd, "disconnected everything");
1388 return HostRequestResult::Handled;
1389 }
1390
1391 // Mdns instance named device
1392 atransport* t = find_transport(address.c_str());
1393 if (t != nullptr) {
1394 kick_transport(t);
1395 SendOkay(reply_fd, android::base::StringPrintf("disconnected %s", address.c_str()));
1396 return HostRequestResult::Handled;
1397 }
1398
1399 std::string serial;
1400 std::string host;
1401 int port = DEFAULT_ADB_LOCAL_TRANSPORT_PORT;
1402 std::string error;
1403 if (address.starts_with("vsock:") || address.starts_with("localfilesystem:")) {
1404 serial = address;
1405 } else if (!android::base::ParseNetAddress(address, &host, &port, &serial, &error)) {
1406 SendFail(reply_fd, android::base::StringPrintf("couldn't parse '%s': %s",
1407 address.c_str(), error.c_str()));
1408 return HostRequestResult::Handled;
1409 }
1410 t = find_transport(serial.c_str());
1411 if (t == nullptr) {
1412 SendFail(reply_fd, android::base::StringPrintf("no such device '%s'", serial.c_str()));
1413 return HostRequestResult::Handled;
1414 }
1415 kick_transport(t);
1416 SendOkay(reply_fd, android::base::StringPrintf("disconnected %s", address.c_str()));
1417 return HostRequestResult::Handled;
1418 }
1419
1420 // Returns our value for ADB_SERVER_VERSION.
1421 if (service == "version") {
1422 SendOkay(reply_fd, android::base::StringPrintf("%04x", ADB_SERVER_VERSION));
1423 return HostRequestResult::Handled;
1424 }
1425
1426 // These always report "unknown" rather than the actual error, for scripts.
1427 if (service == "get-serialno") {
1428 std::string error;
1429 atransport* t =
1430 s->transport ? s->transport
1431 : acquire_one_transport(type, serial, transport_id, nullptr, &error);
1432 if (t) {
1433 SendOkay(reply_fd, !t->serial.empty() ? t->serial : "unknown");
1434 } else {
1435 SendFail(reply_fd, error);
1436 }
1437 return HostRequestResult::Handled;
1438 }
1439 if (service == "get-devpath") {
1440 std::string error;
1441 atransport* t =
1442 s->transport ? s->transport
1443 : acquire_one_transport(type, serial, transport_id, nullptr, &error);
1444 if (t) {
1445 SendOkay(reply_fd, !t->devpath.empty() ? t->devpath : "unknown");
1446 } else {
1447 SendFail(reply_fd, error);
1448 }
1449 return HostRequestResult::Handled;
1450 }
1451 if (service == "get-state") {
1452 std::string error;
1453 atransport* t =
1454 s->transport ? s->transport
1455 : acquire_one_transport(type, serial, transport_id, nullptr, &error);
1456 if (t) {
1457 SendOkay(reply_fd, to_string(t->GetConnectionState()));
1458 } else {
1459 SendFail(reply_fd, error);
1460 }
1461 return HostRequestResult::Handled;
1462 }
1463
1464 // Indicates a new emulator instance has started.
1465 if (android::base::ConsumePrefix(&service, "emulator:")) {
1466 unsigned int port;
1467 if (!ParseUint(&port, service)) {
1468 LOG(ERROR) << "received invalid port for emulator: " << service;
1469 } else {
1470 local_connect(port);
1471 }
1472
1473 /* we don't even need to send a reply */
1474 return HostRequestResult::Handled;
1475 }
1476
1477 if (service == "reconnect") {
1478 std::string response;
1479 atransport* t = s->transport ? s->transport
1480 : acquire_one_transport(type, serial, transport_id, nullptr,
1481 &response, true);
1482 if (t != nullptr) {
1483 kick_transport(t, true);
1484 response = "reconnecting " + t->serial_name() + " [" +
1485 to_string(t->GetConnectionState()) + "]\n";
1486 }
1487 SendOkay(reply_fd, response);
1488 return HostRequestResult::Handled;
1489 }
1490
1491 if (service == "attach") {
1492 std::string error;
1493 atransport* t = s->transport ? s->transport
1494 : acquire_one_transport(type, serial, transport_id, nullptr,
1495 &error, true);
1496 if (!t) {
1497 SendFail(reply_fd, error);
1498 return HostRequestResult::Handled;
1499 }
1500
1501 if (t->Attach(&error)) {
1502 SendOkay(reply_fd,
1503 android::base::StringPrintf("%s attached", t->serial_name().c_str()));
1504 } else {
1505 SendFail(reply_fd, error);
1506 }
1507 return HostRequestResult::Handled;
1508 }
1509
1510 if (service == "detach") {
1511 std::string error;
1512 atransport* t = s->transport ? s->transport
1513 : acquire_one_transport(type, serial, transport_id, nullptr,
1514 &error, true);
1515 if (!t) {
1516 SendFail(reply_fd, error);
1517 return HostRequestResult::Handled;
1518 }
1519
1520 // HACK:
1521 // Detaching the transport will lead to all of its sockets being closed,
1522 // but we're handling one of those sockets right now!
1523 //
1524 // Mark the socket as not having a transport, knowing that it'll be cleaned up by the
1525 // function that called us.
1526 s->transport = nullptr;
1527
1528 if (t->Detach(&error)) {
1529 SendOkay(reply_fd,
1530 android::base::StringPrintf("%s detached", t->serial_name().c_str()));
1531 } else {
1532 SendFail(reply_fd, error);
1533 }
1534 return HostRequestResult::Handled;
1535 }
1536
1537 // TODO: Switch handle_forward_request to string_view.
1538 std::string service_str(service);
1539 auto transport_acquirer = [=](std::string* error) {
1540 if (s->transport) {
1541 return s->transport;
1542 } else {
1543 std::string error;
1544 return acquire_one_transport(type, serial, transport_id, nullptr, &error);
1545 }
1546 };
1547 if (handle_forward_request(service_str.c_str(), transport_acquirer, reply_fd)) {
1548 return HostRequestResult::Handled;
1549 }
1550
1551 if (handle_mdns_request(service, reply_fd)) {
1552 return HostRequestResult::Handled;
1553 }
1554
1555 return HostRequestResult::Unhandled;
1556 }
1557
1558 static auto& init_mutex = *new std::mutex();
1559 static auto& init_cv = *new std::condition_variable();
1560 static bool device_scan_complete = false;
1561 static bool transports_ready = false;
1562
update_transport_status()1563 void update_transport_status() {
1564 bool result = iterate_transports([](const atransport* t) {
1565 if (t->type == kTransportUsb && t->online != 1) {
1566 return false;
1567 }
1568 return true;
1569 });
1570
1571 bool ready;
1572 {
1573 std::lock_guard<std::mutex> lock(init_mutex);
1574 transports_ready = result;
1575 ready = transports_ready && device_scan_complete;
1576 }
1577
1578 if (ready) {
1579 init_cv.notify_all();
1580 }
1581 }
1582
adb_notify_device_scan_complete()1583 void adb_notify_device_scan_complete() {
1584 {
1585 std::lock_guard<std::mutex> lock(init_mutex);
1586 if (device_scan_complete) {
1587 return;
1588 }
1589
1590 device_scan_complete = true;
1591 }
1592
1593 update_transport_status();
1594 }
1595
adb_wait_for_device_initialization()1596 void adb_wait_for_device_initialization() {
1597 std::unique_lock<std::mutex> lock(init_mutex);
1598 init_cv.wait_for(lock, 3s, []() { return device_scan_complete && transports_ready; });
1599 }
1600
1601 #endif // ADB_HOST
1602