1 /*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define TRACE_TAG SERVICES
18
19 #include "sysdeps.h"
20
21 #include <errno.h>
22 #include <stddef.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26
27 #ifndef _WIN32
28 #include <netdb.h>
29 #include <netinet/in.h>
30 #include <sys/ioctl.h>
31 #include <unistd.h>
32 #endif
33
34 #include <android-base/file.h>
35 #include <android-base/parsenetaddress.h>
36 #include <android-base/stringprintf.h>
37 #include <android-base/strings.h>
38 #include <cutils/sockets.h>
39
40 #if !ADB_HOST
41 #include "cutils/android_reboot.h"
42 #include "cutils/properties.h"
43 #endif
44
45 #include "adb.h"
46 #include "adb_io.h"
47 #include "adb_utils.h"
48 #include "file_sync_service.h"
49 #include "remount_service.h"
50 #include "services.h"
51 #include "shell_service.h"
52 #include "sysdeps.h"
53 #include "transport.h"
54
55 struct stinfo {
56 void (*func)(int fd, void *cookie);
57 int fd;
58 void *cookie;
59 };
60
service_bootstrap_func(void * x)61 static void service_bootstrap_func(void* x) {
62 stinfo* sti = reinterpret_cast<stinfo*>(x);
63 adb_thread_setname(android::base::StringPrintf("service %d", sti->fd));
64 sti->func(sti->fd, sti->cookie);
65 free(sti);
66 }
67
68 #if !ADB_HOST
69
restart_root_service(int fd,void * cookie)70 void restart_root_service(int fd, void *cookie) {
71 if (getuid() == 0) {
72 WriteFdExactly(fd, "adbd is already running as root\n");
73 adb_close(fd);
74 } else {
75 char value[PROPERTY_VALUE_MAX];
76 property_get("ro.debuggable", value, "");
77 if (strcmp(value, "1") != 0) {
78 WriteFdExactly(fd, "adbd cannot run as root in production builds\n");
79 adb_close(fd);
80 return;
81 }
82
83 property_set("service.adb.root", "1");
84 WriteFdExactly(fd, "restarting adbd as root\n");
85 adb_close(fd);
86 }
87 }
88
restart_unroot_service(int fd,void * cookie)89 void restart_unroot_service(int fd, void *cookie) {
90 if (getuid() != 0) {
91 WriteFdExactly(fd, "adbd not running as root\n");
92 adb_close(fd);
93 } else {
94 property_set("service.adb.root", "0");
95 WriteFdExactly(fd, "restarting adbd as non root\n");
96 adb_close(fd);
97 }
98 }
99
restart_tcp_service(int fd,void * cookie)100 void restart_tcp_service(int fd, void *cookie) {
101 int port = (int) (uintptr_t) cookie;
102 if (port <= 0) {
103 WriteFdFmt(fd, "invalid port %d\n", port);
104 adb_close(fd);
105 return;
106 }
107
108 char value[PROPERTY_VALUE_MAX];
109 snprintf(value, sizeof(value), "%d", port);
110 property_set("service.adb.tcp.port", value);
111 WriteFdFmt(fd, "restarting in TCP mode port: %d\n", port);
112 adb_close(fd);
113 }
114
restart_usb_service(int fd,void * cookie)115 void restart_usb_service(int fd, void *cookie) {
116 property_set("service.adb.tcp.port", "0");
117 WriteFdExactly(fd, "restarting in USB mode\n");
118 adb_close(fd);
119 }
120
reboot_service_impl(int fd,const char * arg)121 static bool reboot_service_impl(int fd, const char* arg) {
122 const char* reboot_arg = arg;
123 bool auto_reboot = false;
124
125 if (strcmp(reboot_arg, "sideload-auto-reboot") == 0) {
126 auto_reboot = true;
127 reboot_arg = "sideload";
128 }
129
130 // It reboots into sideload mode by setting "--sideload" or "--sideload_auto_reboot"
131 // in the command file.
132 if (strcmp(reboot_arg, "sideload") == 0) {
133 if (getuid() != 0) {
134 WriteFdExactly(fd, "'adb root' is required for 'adb reboot sideload'.\n");
135 return false;
136 }
137
138 const char* const recovery_dir = "/cache/recovery";
139 const char* const command_file = "/cache/recovery/command";
140 // Ensure /cache/recovery exists.
141 if (adb_mkdir(recovery_dir, 0770) == -1 && errno != EEXIST) {
142 D("Failed to create directory '%s': %s", recovery_dir, strerror(errno));
143 return false;
144 }
145
146 bool write_status = android::base::WriteStringToFile(
147 auto_reboot ? "--sideload_auto_reboot" : "--sideload", command_file);
148 if (!write_status) {
149 return false;
150 }
151
152 reboot_arg = "recovery";
153 }
154
155 sync();
156
157 char property_val[PROPERTY_VALUE_MAX];
158 int ret = snprintf(property_val, sizeof(property_val), "reboot,%s", reboot_arg);
159 if (ret >= static_cast<int>(sizeof(property_val))) {
160 WriteFdFmt(fd, "reboot string too long: %d\n", ret);
161 return false;
162 }
163
164 ret = property_set(ANDROID_RB_PROPERTY, property_val);
165 if (ret < 0) {
166 WriteFdFmt(fd, "reboot failed: %d\n", ret);
167 return false;
168 }
169
170 return true;
171 }
172
reboot_service(int fd,void * arg)173 void reboot_service(int fd, void* arg)
174 {
175 if (reboot_service_impl(fd, static_cast<const char*>(arg))) {
176 // Don't return early. Give the reboot command time to take effect
177 // to avoid messing up scripts which do "adb reboot && adb wait-for-device"
178 while (true) {
179 pause();
180 }
181 }
182
183 free(arg);
184 adb_close(fd);
185 }
186
reconnect_service(int fd,void * arg)187 static void reconnect_service(int fd, void* arg) {
188 WriteFdExactly(fd, "done");
189 adb_close(fd);
190 atransport* t = static_cast<atransport*>(arg);
191 kick_transport(t);
192 }
193
reverse_service(const char * command)194 int reverse_service(const char* command) {
195 int s[2];
196 if (adb_socketpair(s)) {
197 PLOG(ERROR) << "cannot create service socket pair.";
198 return -1;
199 }
200 VLOG(SERVICES) << "service socketpair: " << s[0] << ", " << s[1];
201 if (handle_forward_request(command, kTransportAny, nullptr, s[1]) < 0) {
202 SendFail(s[1], "not a reverse forwarding command");
203 }
204 adb_close(s[1]);
205 return s[0];
206 }
207
208 // Shell service string can look like:
209 // shell[,arg1,arg2,...]:[command]
ShellService(const std::string & args,const atransport * transport)210 static int ShellService(const std::string& args, const atransport* transport) {
211 size_t delimiter_index = args.find(':');
212 if (delimiter_index == std::string::npos) {
213 LOG(ERROR) << "No ':' found in shell service arguments: " << args;
214 return -1;
215 }
216
217 const std::string service_args = args.substr(0, delimiter_index);
218 const std::string command = args.substr(delimiter_index + 1);
219
220 // Defaults:
221 // PTY for interactive, raw for non-interactive.
222 // No protocol.
223 // $TERM set to "dumb".
224 SubprocessType type(command.empty() ? SubprocessType::kPty
225 : SubprocessType::kRaw);
226 SubprocessProtocol protocol = SubprocessProtocol::kNone;
227 std::string terminal_type = "dumb";
228
229 for (const std::string& arg : android::base::Split(service_args, ",")) {
230 if (arg == kShellServiceArgRaw) {
231 type = SubprocessType::kRaw;
232 } else if (arg == kShellServiceArgPty) {
233 type = SubprocessType::kPty;
234 } else if (arg == kShellServiceArgShellProtocol) {
235 protocol = SubprocessProtocol::kShell;
236 } else if (android::base::StartsWith(arg, "TERM=")) {
237 terminal_type = arg.substr(5);
238 } else if (!arg.empty()) {
239 // This is not an error to allow for future expansion.
240 LOG(WARNING) << "Ignoring unknown shell service argument: " << arg;
241 }
242 }
243
244 return StartSubprocess(command.c_str(), terminal_type.c_str(), type, protocol);
245 }
246
247 #endif // !ADB_HOST
248
create_service_thread(void (* func)(int,void *),void * cookie)249 static int create_service_thread(void (*func)(int, void *), void *cookie)
250 {
251 int s[2];
252 if (adb_socketpair(s)) {
253 printf("cannot create service socket pair\n");
254 return -1;
255 }
256 D("socketpair: (%d,%d)", s[0], s[1]);
257
258 stinfo* sti = reinterpret_cast<stinfo*>(malloc(sizeof(stinfo)));
259 if (sti == nullptr) {
260 fatal("cannot allocate stinfo");
261 }
262 sti->func = func;
263 sti->cookie = cookie;
264 sti->fd = s[1];
265
266 if (!adb_thread_create(service_bootstrap_func, sti)) {
267 free(sti);
268 adb_close(s[0]);
269 adb_close(s[1]);
270 printf("cannot create service thread\n");
271 return -1;
272 }
273
274 D("service thread started, %d:%d",s[0], s[1]);
275 return s[0];
276 }
277
service_to_fd(const char * name,const atransport * transport)278 int service_to_fd(const char* name, const atransport* transport) {
279 int ret = -1;
280
281 if(!strncmp(name, "tcp:", 4)) {
282 int port = atoi(name + 4);
283 name = strchr(name + 4, ':');
284 if(name == 0) {
285 std::string error;
286 ret = network_loopback_client(port, SOCK_STREAM, &error);
287 if (ret >= 0)
288 disable_tcp_nagle(ret);
289 } else {
290 #if ADB_HOST
291 std::string error;
292 ret = network_connect(name + 1, port, SOCK_STREAM, 0, &error);
293 #else
294 return -1;
295 #endif
296 }
297 #if !defined(_WIN32) /* winsock doesn't implement unix domain sockets */
298 } else if(!strncmp(name, "local:", 6)) {
299 ret = socket_local_client(name + 6,
300 ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
301 } else if(!strncmp(name, "localreserved:", 14)) {
302 ret = socket_local_client(name + 14,
303 ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
304 } else if(!strncmp(name, "localabstract:", 14)) {
305 ret = socket_local_client(name + 14,
306 ANDROID_SOCKET_NAMESPACE_ABSTRACT, SOCK_STREAM);
307 } else if(!strncmp(name, "localfilesystem:", 16)) {
308 ret = socket_local_client(name + 16,
309 ANDROID_SOCKET_NAMESPACE_FILESYSTEM, SOCK_STREAM);
310 #endif
311 #if !ADB_HOST
312 } else if(!strncmp("dev:", name, 4)) {
313 ret = unix_open(name + 4, O_RDWR | O_CLOEXEC);
314 } else if(!strncmp(name, "framebuffer:", 12)) {
315 ret = create_service_thread(framebuffer_service, 0);
316 } else if (!strncmp(name, "jdwp:", 5)) {
317 ret = create_jdwp_connection_fd(atoi(name+5));
318 } else if(!strncmp(name, "shell", 5)) {
319 ret = ShellService(name + 5, transport);
320 } else if(!strncmp(name, "exec:", 5)) {
321 ret = StartSubprocess(name + 5, nullptr, SubprocessType::kRaw, SubprocessProtocol::kNone);
322 } else if(!strncmp(name, "sync:", 5)) {
323 ret = create_service_thread(file_sync_service, NULL);
324 } else if(!strncmp(name, "remount:", 8)) {
325 ret = create_service_thread(remount_service, NULL);
326 } else if(!strncmp(name, "reboot:", 7)) {
327 void* arg = strdup(name + 7);
328 if (arg == NULL) return -1;
329 ret = create_service_thread(reboot_service, arg);
330 } else if(!strncmp(name, "root:", 5)) {
331 ret = create_service_thread(restart_root_service, NULL);
332 } else if(!strncmp(name, "unroot:", 7)) {
333 ret = create_service_thread(restart_unroot_service, NULL);
334 } else if(!strncmp(name, "backup:", 7)) {
335 ret = StartSubprocess(android::base::StringPrintf("/system/bin/bu backup %s",
336 (name + 7)).c_str(),
337 nullptr, SubprocessType::kRaw, SubprocessProtocol::kNone);
338 } else if(!strncmp(name, "restore:", 8)) {
339 ret = StartSubprocess("/system/bin/bu restore", nullptr, SubprocessType::kRaw,
340 SubprocessProtocol::kNone);
341 } else if(!strncmp(name, "tcpip:", 6)) {
342 int port;
343 if (sscanf(name + 6, "%d", &port) != 1) {
344 return -1;
345 }
346 ret = create_service_thread(restart_tcp_service, (void *) (uintptr_t) port);
347 } else if(!strncmp(name, "usb:", 4)) {
348 ret = create_service_thread(restart_usb_service, NULL);
349 } else if (!strncmp(name, "reverse:", 8)) {
350 ret = reverse_service(name + 8);
351 } else if(!strncmp(name, "disable-verity:", 15)) {
352 ret = create_service_thread(set_verity_enabled_state_service, (void*)0);
353 } else if(!strncmp(name, "enable-verity:", 15)) {
354 ret = create_service_thread(set_verity_enabled_state_service, (void*)1);
355 } else if (!strcmp(name, "reconnect")) {
356 ret = create_service_thread(reconnect_service, const_cast<atransport*>(transport));
357 #endif
358 }
359 if (ret >= 0) {
360 close_on_exec(ret);
361 }
362 return ret;
363 }
364
365 #if ADB_HOST
366 struct state_info {
367 TransportType transport_type;
368 std::string serial;
369 ConnectionState state;
370 };
371
wait_for_state(int fd,void * data)372 static void wait_for_state(int fd, void* data) {
373 std::unique_ptr<state_info> sinfo(reinterpret_cast<state_info*>(data));
374
375 D("wait_for_state %d", sinfo->state);
376
377 while (true) {
378 bool is_ambiguous = false;
379 std::string error = "unknown error";
380 const char* serial = sinfo->serial.length() ? sinfo->serial.c_str() : NULL;
381 atransport* t = acquire_one_transport(sinfo->transport_type, serial, &is_ambiguous, &error);
382 if (t != nullptr && (sinfo->state == kCsAny || sinfo->state == t->connection_state)) {
383 SendOkay(fd);
384 break;
385 } else if (!is_ambiguous) {
386 adb_pollfd pfd = {.fd = fd, .events = POLLIN };
387 int rc = adb_poll(&pfd, 1, 1000);
388 if (rc < 0) {
389 SendFail(fd, error);
390 break;
391 } else if (rc > 0 && (pfd.revents & POLLHUP) != 0) {
392 // The other end of the socket is closed, probably because the other side was
393 // terminated, bail out.
394 break;
395 }
396
397 // Try again...
398 } else {
399 SendFail(fd, error);
400 break;
401 }
402 }
403
404 adb_close(fd);
405 D("wait_for_state is done");
406 }
407
connect_device(const std::string & address,std::string * response)408 static void connect_device(const std::string& address, std::string* response) {
409 if (address.empty()) {
410 *response = "empty address";
411 return;
412 }
413
414 std::string serial;
415 std::string host;
416 int port = DEFAULT_ADB_LOCAL_TRANSPORT_PORT;
417 if (!android::base::ParseNetAddress(address, &host, &port, &serial, response)) {
418 return;
419 }
420
421 std::string error;
422 int fd = network_connect(host.c_str(), port, SOCK_STREAM, 10, &error);
423 if (fd == -1) {
424 *response = android::base::StringPrintf("unable to connect to %s: %s",
425 serial.c_str(), error.c_str());
426 return;
427 }
428
429 D("client: connected %s remote on fd %d", serial.c_str(), fd);
430 close_on_exec(fd);
431 disable_tcp_nagle(fd);
432
433 // Send a TCP keepalive ping to the device every second so we can detect disconnects.
434 if (!set_tcp_keepalive(fd, 1)) {
435 D("warning: failed to configure TCP keepalives (%s)", strerror(errno));
436 }
437
438 int ret = register_socket_transport(fd, serial.c_str(), port, 0);
439 if (ret < 0) {
440 adb_close(fd);
441 *response = android::base::StringPrintf("already connected to %s", serial.c_str());
442 } else {
443 *response = android::base::StringPrintf("connected to %s", serial.c_str());
444 }
445 }
446
connect_emulator(const std::string & port_spec,std::string * response)447 void connect_emulator(const std::string& port_spec, std::string* response) {
448 std::vector<std::string> pieces = android::base::Split(port_spec, ",");
449 if (pieces.size() != 2) {
450 *response = android::base::StringPrintf("unable to parse '%s' as <console port>,<adb port>",
451 port_spec.c_str());
452 return;
453 }
454
455 int console_port = strtol(pieces[0].c_str(), NULL, 0);
456 int adb_port = strtol(pieces[1].c_str(), NULL, 0);
457 if (console_port <= 0 || adb_port <= 0) {
458 *response = android::base::StringPrintf("Invalid port numbers: %s", port_spec.c_str());
459 return;
460 }
461
462 // Check if the emulator is already known.
463 // Note: There's a small but harmless race condition here: An emulator not
464 // present just yet could be registered by another invocation right
465 // after doing this check here. However, local_connect protects
466 // against double-registration too. From here, a better error message
467 // can be produced. In the case of the race condition, the very specific
468 // error message won't be shown, but the data doesn't get corrupted.
469 atransport* known_emulator = find_emulator_transport_by_adb_port(adb_port);
470 if (known_emulator != nullptr) {
471 *response = android::base::StringPrintf("Emulator already registered on port %d", adb_port);
472 return;
473 }
474
475 // Check if more emulators can be registered. Similar unproblematic
476 // race condition as above.
477 int candidate_slot = get_available_local_transport_index();
478 if (candidate_slot < 0) {
479 *response = "Cannot accept more emulators";
480 return;
481 }
482
483 // Preconditions met, try to connect to the emulator.
484 std::string error;
485 if (!local_connect_arbitrary_ports(console_port, adb_port, &error)) {
486 *response = android::base::StringPrintf("Connected to emulator on ports %d,%d",
487 console_port, adb_port);
488 } else {
489 *response = android::base::StringPrintf("Could not connect to emulator on ports %d,%d: %s",
490 console_port, adb_port, error.c_str());
491 }
492 }
493
connect_service(int fd,void * data)494 static void connect_service(int fd, void* data) {
495 char* host = reinterpret_cast<char*>(data);
496 std::string response;
497 if (!strncmp(host, "emu:", 4)) {
498 connect_emulator(host + 4, &response);
499 } else {
500 connect_device(host, &response);
501 }
502 free(host);
503
504 // Send response for emulator and device
505 SendProtocolString(fd, response);
506 adb_close(fd);
507 }
508 #endif
509
510 #if ADB_HOST
host_service_to_socket(const char * name,const char * serial)511 asocket* host_service_to_socket(const char* name, const char* serial) {
512 if (!strcmp(name,"track-devices")) {
513 return create_device_tracker();
514 } else if (android::base::StartsWith(name, "wait-for-")) {
515 name += strlen("wait-for-");
516
517 std::unique_ptr<state_info> sinfo(new state_info);
518 if (sinfo == nullptr) {
519 fprintf(stderr, "couldn't allocate state_info: %s", strerror(errno));
520 return nullptr;
521 }
522
523 if (serial) sinfo->serial = serial;
524
525 if (android::base::StartsWith(name, "local")) {
526 name += strlen("local");
527 sinfo->transport_type = kTransportLocal;
528 } else if (android::base::StartsWith(name, "usb")) {
529 name += strlen("usb");
530 sinfo->transport_type = kTransportUsb;
531 } else if (android::base::StartsWith(name, "any")) {
532 name += strlen("any");
533 sinfo->transport_type = kTransportAny;
534 } else {
535 return nullptr;
536 }
537
538 if (!strcmp(name, "-device")) {
539 sinfo->state = kCsDevice;
540 } else if (!strcmp(name, "-recovery")) {
541 sinfo->state = kCsRecovery;
542 } else if (!strcmp(name, "-sideload")) {
543 sinfo->state = kCsSideload;
544 } else if (!strcmp(name, "-bootloader")) {
545 sinfo->state = kCsBootloader;
546 } else if (!strcmp(name, "-any")) {
547 sinfo->state = kCsAny;
548 } else {
549 return nullptr;
550 }
551
552 int fd = create_service_thread(wait_for_state, sinfo.release());
553 return create_local_socket(fd);
554 } else if (!strncmp(name, "connect:", 8)) {
555 char* host = strdup(name + 8);
556 int fd = create_service_thread(connect_service, host);
557 return create_local_socket(fd);
558 }
559 return NULL;
560 }
561 #endif /* ADB_HOST */
562