1 /*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define TRACE_TAG ADB
18
19 #include "sysdeps.h"
20 #include "adb.h"
21
22 #include <ctype.h>
23 #include <errno.h>
24 #include <stdarg.h>
25 #include <stddef.h>
26 #include <stdint.h>
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <string.h>
30 #include <sys/time.h>
31 #include <time.h>
32 #include <unistd.h>
33
34 #include <chrono>
35 #include <condition_variable>
36 #include <mutex>
37 #include <string>
38 #include <string_view>
39 #include <thread>
40 #include <vector>
41
42 #include <android-base/errors.h>
43 #include <android-base/file.h>
44 #include <android-base/logging.h>
45 #include <android-base/macros.h>
46 #include <android-base/parsenetaddress.h>
47 #include <android-base/stringprintf.h>
48 #include <android-base/strings.h>
49 #include <diagnose_usb.h>
50
51 #include <build/version.h>
52 #include <platform_tools_version.h>
53
54 #include "adb_auth.h"
55 #include "adb_io.h"
56 #include "adb_listeners.h"
57 #include "adb_mdns.h"
58 #include "adb_unique_fd.h"
59 #include "adb_utils.h"
60 #include "sysdeps/chrono.h"
61 #include "transport.h"
62
63 #if !ADB_HOST
64 #include <sys/capability.h>
65 #include <sys/mount.h>
66 #include <android-base/properties.h>
67 using namespace std::chrono_literals;
68
69 #include "daemon/logging.h"
70 #endif
71
72 #if ADB_HOST
73 #include "client/usb.h"
74 #endif
75
76 #if !ADB_HOST && defined(__ANDROID__)
77 #include "daemon/watchdog.h"
78
79 static std::atomic<int> active_connections = 0;
80
IncrementActiveConnections()81 static void IncrementActiveConnections() {
82 if (active_connections++ == 0) {
83 watchdog::Stop();
84 }
85 }
86
DecrementActiveConnections()87 static void DecrementActiveConnections() {
88 if (--active_connections == 0) {
89 watchdog::Start();
90 }
91 }
92
93 #endif
94
adb_version()95 std::string adb_version() {
96 // Don't change the format of this --- it's parsed by ddmlib.
97 return android::base::StringPrintf(
98 "Android Debug Bridge version %d.%d.%d\n"
99 "Version %s-%s\n"
100 "Installed as %s\n"
101 "Running on %s\n",
102 ADB_VERSION_MAJOR, ADB_VERSION_MINOR, ADB_SERVER_VERSION, PLATFORM_TOOLS_VERSION,
103 android::build::GetBuildNumber().c_str(), android::base::GetExecutablePath().c_str(),
104 GetOSVersion().c_str());
105 }
106
calculate_apacket_checksum(const apacket * p)107 uint32_t calculate_apacket_checksum(const apacket* p) {
108 uint32_t sum = 0;
109 for (size_t i = 0; i < p->msg.data_length; ++i) {
110 sum += static_cast<uint8_t>(p->payload[i]);
111 }
112 return sum;
113 }
114
to_string(ConnectionState state)115 std::string to_string(ConnectionState state) {
116 switch (state) {
117 case kCsOffline:
118 return "offline";
119 case kCsBootloader:
120 return "bootloader";
121 case kCsDevice:
122 return "device";
123 case kCsHost:
124 return "host";
125 case kCsRecovery:
126 return "recovery";
127 case kCsRescue:
128 return "rescue";
129 case kCsNoPerm:
130 return UsbNoPermissionsShortHelpText();
131 case kCsSideload:
132 return "sideload";
133 case kCsUnauthorized:
134 return "unauthorized";
135 case kCsAuthorizing:
136 return "authorizing";
137 case kCsConnecting:
138 return "connecting";
139 default:
140 return "unknown";
141 }
142 }
143
get_apacket(void)144 apacket* get_apacket(void) {
145 apacket* p = new apacket();
146 if (p == nullptr) {
147 LOG(FATAL) << "failed to allocate an apacket";
148 }
149
150 memset(&p->msg, 0, sizeof(p->msg));
151 return p;
152 }
153
put_apacket(apacket * p)154 void put_apacket(apacket *p)
155 {
156 delete p;
157 }
158
handle_online(atransport * t)159 void handle_online(atransport *t)
160 {
161 D("adb: online");
162 t->online = 1;
163 #if ADB_HOST
164 t->SetConnectionEstablished(true);
165 #elif defined(__ANDROID__)
166 IncrementActiveConnections();
167 #endif
168 }
169
handle_offline(atransport * t)170 void handle_offline(atransport *t)
171 {
172 if (t->GetConnectionState() == kCsOffline) {
173 LOG(INFO) << t->serial_name() << ": already offline";
174 return;
175 }
176
177 LOG(INFO) << t->serial_name() << ": offline";
178
179 #if !ADB_HOST && defined(__ANDROID__)
180 DecrementActiveConnections();
181 #endif
182
183 t->SetConnectionState(kCsOffline);
184
185 // Close the associated usb
186 t->online = 0;
187
188 // This is necessary to avoid a race condition that occurred when a transport closes
189 // while a client socket is still active.
190 close_all_sockets(t);
191
192 t->RunDisconnects();
193 }
194
195 #if DEBUG_PACKETS
196 #define DUMPMAX 32
print_packet(const char * label,apacket * p)197 void print_packet(const char *label, apacket *p)
198 {
199 const char* tag;
200 unsigned count;
201
202 switch(p->msg.command){
203 case A_SYNC: tag = "SYNC"; break;
204 case A_CNXN: tag = "CNXN" ; break;
205 case A_OPEN: tag = "OPEN"; break;
206 case A_OKAY: tag = "OKAY"; break;
207 case A_CLSE: tag = "CLSE"; break;
208 case A_WRTE: tag = "WRTE"; break;
209 case A_AUTH: tag = "AUTH"; break;
210 case A_STLS:
211 tag = "STLS";
212 break;
213 default: tag = "????"; break;
214 }
215
216 fprintf(stderr, "%s: %s %08x %08x %04x \"",
217 label, tag, p->msg.arg0, p->msg.arg1, p->msg.data_length);
218 count = p->msg.data_length;
219 const char* x = p->payload.data();
220 if (count > DUMPMAX) {
221 count = DUMPMAX;
222 tag = "\n";
223 } else {
224 tag = "\"\n";
225 }
226 while (count-- > 0) {
227 if ((*x >= ' ') && (*x < 127)) {
228 fputc(*x, stderr);
229 } else {
230 fputc('.', stderr);
231 }
232 x++;
233 }
234 fputs(tag, stderr);
235 }
236 #endif
237
send_ready(unsigned local,unsigned remote,atransport * t,uint32_t ack_bytes)238 void send_ready(unsigned local, unsigned remote, atransport* t, uint32_t ack_bytes) {
239 D("Calling send_ready");
240 apacket *p = get_apacket();
241 p->msg.command = A_OKAY;
242 p->msg.arg0 = local;
243 p->msg.arg1 = remote;
244 if (t->SupportsDelayedAck()) {
245 p->msg.data_length = sizeof(ack_bytes);
246 p->payload.resize(sizeof(ack_bytes));
247 memcpy(p->payload.data(), &ack_bytes, sizeof(ack_bytes));
248 }
249
250 send_packet(p, t);
251 }
252
send_close(unsigned local,unsigned remote,atransport * t)253 static void send_close(unsigned local, unsigned remote, atransport *t)
254 {
255 D("Calling send_close");
256 apacket *p = get_apacket();
257 p->msg.command = A_CLSE;
258 p->msg.arg0 = local;
259 p->msg.arg1 = remote;
260 send_packet(p, t);
261 }
262
get_connection_string()263 std::string get_connection_string() {
264 std::vector<std::string> connection_properties;
265
266 #if !ADB_HOST
267 static const char* cnxn_props[] = {
268 "ro.product.name",
269 "ro.product.model",
270 "ro.product.device",
271 };
272
273 for (const auto& prop : cnxn_props) {
274 std::string value = std::string(prop) + "=" + android::base::GetProperty(prop, "");
275 connection_properties.push_back(value);
276 }
277 #endif
278
279 connection_properties.push_back(android::base::StringPrintf(
280 "features=%s", FeatureSetToString(supported_features()).c_str()));
281
282 return android::base::StringPrintf(
283 "%s::%s", adb_device_banner,
284 android::base::Join(connection_properties, ';').c_str());
285 }
286
send_tls_request(atransport * t)287 void send_tls_request(atransport* t) {
288 D("Calling send_tls_request");
289 apacket* p = get_apacket();
290 p->msg.command = A_STLS;
291 p->msg.arg0 = A_STLS_VERSION;
292 p->msg.data_length = 0;
293 send_packet(p, t);
294 }
295
send_connect(atransport * t)296 void send_connect(atransport* t) {
297 D("Calling send_connect");
298 apacket* cp = get_apacket();
299 cp->msg.command = A_CNXN;
300 // Send the max supported version, but because the transport is
301 // initialized to A_VERSION_MIN, this will be compatible with every
302 // device.
303 cp->msg.arg0 = A_VERSION;
304 cp->msg.arg1 = t->get_max_payload();
305
306 std::string connection_str = get_connection_string();
307 // Connect and auth packets are limited to MAX_PAYLOAD_V1 because we don't
308 // yet know how much data the other size is willing to accept.
309 if (connection_str.length() > MAX_PAYLOAD_V1) {
310 LOG(FATAL) << "Connection banner is too long (length = "
311 << connection_str.length() << ")";
312 }
313
314 cp->payload.assign(connection_str.begin(), connection_str.end());
315 cp->msg.data_length = cp->payload.size();
316
317 send_packet(cp, t);
318 }
319
parse_banner(const std::string & banner,atransport * t)320 void parse_banner(const std::string& banner, atransport* t) {
321 D("parse_banner: %s", banner.c_str());
322
323 // The format is something like:
324 // "device::ro.product.name=x;ro.product.model=y;ro.product.device=z;".
325 std::vector<std::string> pieces = android::base::Split(banner, ":");
326
327 // Reset the features list or else if the server sends no features we may
328 // keep the existing feature set (http://b/24405971).
329 t->SetFeatures("");
330
331 if (pieces.size() > 2) {
332 const std::string& props = pieces[2];
333 for (const auto& prop : android::base::Split(props, ";")) {
334 // The list of properties was traditionally ;-terminated rather than ;-separated.
335 if (prop.empty()) continue;
336
337 std::vector<std::string> key_value = android::base::Split(prop, "=");
338 if (key_value.size() != 2) continue;
339
340 const std::string& key = key_value[0];
341 const std::string& value = key_value[1];
342 if (key == "ro.product.name") {
343 t->product = value;
344 } else if (key == "ro.product.model") {
345 t->model = value;
346 } else if (key == "ro.product.device") {
347 t->device = value;
348 } else if (key == "features") {
349 t->SetFeatures(value);
350 }
351 }
352 }
353
354 const std::string& type = pieces[0];
355 if (type == "bootloader") {
356 D("setting connection_state to kCsBootloader");
357 t->SetConnectionState(kCsBootloader);
358 } else if (type == "device") {
359 D("setting connection_state to kCsDevice");
360 t->SetConnectionState(kCsDevice);
361 } else if (type == "recovery") {
362 D("setting connection_state to kCsRecovery");
363 t->SetConnectionState(kCsRecovery);
364 } else if (type == "sideload") {
365 D("setting connection_state to kCsSideload");
366 t->SetConnectionState(kCsSideload);
367 } else if (type == "rescue") {
368 D("setting connection_state to kCsRescue");
369 t->SetConnectionState(kCsRescue);
370 } else {
371 D("setting connection_state to kCsHost");
372 t->SetConnectionState(kCsHost);
373 }
374 }
375
handle_new_connection(atransport * t,apacket * p)376 static void handle_new_connection(atransport* t, apacket* p) {
377 handle_offline(t);
378
379 t->update_version(p->msg.arg0, p->msg.arg1);
380 std::string banner(p->payload.begin(), p->payload.end());
381 parse_banner(banner, t);
382
383 #if ADB_HOST
384 handle_online(t);
385 #else
386 ADB_LOG(Connection) << "received CNXN: version=" << p->msg.arg0 << ", maxdata = " << p->msg.arg1
387 << ", banner = '" << banner << "'";
388
389 if (t->use_tls) {
390 // We still handshake in TLS mode. If auth_required is disabled,
391 // we'll just not verify the client's certificate. This should be the
392 // first packet the client receives to indicate the new protocol.
393 send_tls_request(t);
394 } else if (!auth_required) {
395 LOG(INFO) << "authentication not required";
396 handle_online(t);
397 send_connect(t);
398 } else {
399 send_auth_request(t);
400 }
401 #endif
402 }
403
handle_packet(apacket * p,atransport * t)404 void handle_packet(apacket *p, atransport *t)
405 {
406 D("handle_packet() %c%c%c%c", ((char*) (&(p->msg.command)))[0],
407 ((char*) (&(p->msg.command)))[1],
408 ((char*) (&(p->msg.command)))[2],
409 ((char*) (&(p->msg.command)))[3]);
410 print_packet("recv", p);
411 CHECK_EQ(p->payload.size(), p->msg.data_length);
412
413 switch(p->msg.command){
414 case A_CNXN: // CONNECT(version, maxdata, "system-id-string")
415 handle_new_connection(t, p);
416 break;
417 case A_STLS: // TLS(version, "")
418 t->use_tls = true;
419 #if ADB_HOST
420 send_tls_request(t);
421 adb_auth_tls_handshake(t);
422 #else
423 adbd_auth_tls_handshake(t);
424 #endif
425 break;
426
427 case A_AUTH:
428 // All AUTH commands are ignored in TLS mode
429 if (t->use_tls) {
430 break;
431 }
432 switch (p->msg.arg0) {
433 #if ADB_HOST
434 case ADB_AUTH_TOKEN:
435 if (t->GetConnectionState() != kCsAuthorizing) {
436 t->SetConnectionState(kCsAuthorizing);
437 }
438 send_auth_response(p->payload.data(), p->msg.data_length, t);
439 break;
440 #else
441 case ADB_AUTH_SIGNATURE: {
442 // TODO: Switch to string_view.
443 std::string signature(p->payload.begin(), p->payload.end());
444 std::string auth_key;
445 if (adbd_auth_verify(t->token, sizeof(t->token), signature, &auth_key)) {
446 adbd_auth_verified(t);
447 t->failed_auth_attempts = 0;
448 t->auth_key = auth_key;
449 adbd_notify_framework_connected_key(t);
450 } else {
451 if (t->failed_auth_attempts++ > 256) std::this_thread::sleep_for(1s);
452 send_auth_request(t);
453 }
454 break;
455 }
456
457 case ADB_AUTH_RSAPUBLICKEY:
458 t->auth_key = std::string(p->payload.data());
459 adbd_auth_confirm_key(t);
460 break;
461 #endif
462 default:
463 t->SetConnectionState(kCsOffline);
464 handle_offline(t);
465 break;
466 }
467 break;
468
469 case A_OPEN: {
470 /* OPEN(local-id, [send-buffer], "destination") */
471 if (!t->online || p->msg.arg0 == 0) {
472 break;
473 }
474
475 uint32_t send_bytes = static_cast<uint32_t>(p->msg.arg1);
476 if (t->SupportsDelayedAck() != static_cast<bool>(send_bytes)) {
477 LOG(ERROR) << "unexpected value of A_OPEN arg1: " << send_bytes
478 << " (delayed acks = " << t->SupportsDelayedAck() << ")";
479 send_close(0, p->msg.arg0, t);
480 break;
481 }
482
483 std::string_view address(p->payload.begin(), p->payload.size());
484
485 // Historically, we received service names as a char*, and stopped at the first NUL
486 // byte. The client sent strings with null termination, which post-string_view, start
487 // being interpreted as part of the string, unless we explicitly strip them.
488 address = StripTrailingNulls(address);
489 #if ADB_HOST
490 // The incoming address (from the payload) might be some other
491 // target (e.g tcp:<ip>:8000), however we do not allow *any*
492 // such requests - namely, those from (a potentially compromised)
493 // adbd (reverse:forward: source) port transport.
494 if (!t->IsReverseConfigured(address.data())) {
495 LOG(FATAL) << __func__ << " disallowed connect to " << address << " from "
496 << t->serial_name();
497 }
498 #endif
499 asocket* s = create_local_service_socket(address, t);
500 if (s == nullptr) {
501 send_close(0, p->msg.arg0, t);
502 break;
503 }
504
505 s->peer = create_remote_socket(p->msg.arg0, t);
506 s->peer->peer = s;
507
508 if (t->SupportsDelayedAck()) {
509 LOG(DEBUG) << "delayed ack available: send buffer = " << send_bytes;
510 s->available_send_bytes = send_bytes;
511
512 // TODO: Make this adjustable at connection time?
513 send_ready(s->id, s->peer->id, t, INITIAL_DELAYED_ACK_BYTES);
514 } else {
515 LOG(DEBUG) << "delayed ack unavailable";
516 send_ready(s->id, s->peer->id, t, 0);
517 }
518
519 s->ready(s);
520 break;
521 }
522
523 case A_OKAY: /* READY(local-id, remote-id, "") */
524 if (t->online && p->msg.arg0 != 0 && p->msg.arg1 != 0) {
525 asocket* s = find_local_socket(p->msg.arg1, 0);
526 if (s) {
527 std::optional<int32_t> acked_bytes;
528 if (p->payload.size() == sizeof(int32_t)) {
529 int32_t value;
530 memcpy(&value, p->payload.data(), sizeof(value));
531 // acked_bytes can be negative!
532 //
533 // In the future, we can use this to preemptively supply backpressure, instead
534 // of waiting for the writer to hit its limit.
535 acked_bytes = value;
536 } else if (p->payload.size() != 0) {
537 LOG(ERROR) << "invalid A_OKAY payload size: " << p->payload.size();
538 return;
539 }
540
541 if (s->peer == nullptr) {
542 /* On first READY message, create the connection. */
543 s->peer = create_remote_socket(p->msg.arg0, t);
544 s->peer->peer = s;
545
546 local_socket_ack(s, acked_bytes);
547 s->ready(s);
548 } else if (s->peer->id == p->msg.arg0) {
549 /* Other READY messages must use the same local-id */
550 local_socket_ack(s, acked_bytes);
551 } else {
552 D("Invalid A_OKAY(%d,%d), expected A_OKAY(%d,%d) on transport %s", p->msg.arg0,
553 p->msg.arg1, s->peer->id, p->msg.arg1, t->serial.c_str());
554 }
555 } else {
556 // When receiving A_OKAY from device for A_OPEN request, the host server may
557 // have closed the local socket because of client disconnection. Then we need
558 // to send A_CLSE back to device to close the service on device.
559 send_close(p->msg.arg1, p->msg.arg0, t);
560 }
561 }
562 break;
563
564 case A_CLSE: /* CLOSE(local-id, remote-id, "") or CLOSE(0, remote-id, "") */
565 if (t->online && p->msg.arg1 != 0) {
566 asocket* s = find_local_socket(p->msg.arg1, p->msg.arg0);
567 if (s) {
568 /* According to protocol.txt, p->msg.arg0 might be 0 to indicate
569 * a failed OPEN only. However, due to a bug in previous ADB
570 * versions, CLOSE(0, remote-id, "") was also used for normal
571 * CLOSE() operations.
572 *
573 * This is bad because it means a compromised adbd could
574 * send packets to close connections between the host and
575 * other devices. To avoid this, only allow this if the local
576 * socket has a peer on the same transport.
577 */
578 if (p->msg.arg0 == 0 && s->peer && s->peer->transport != t) {
579 D("Invalid A_CLSE(0, %u) from transport %s, expected transport %s", p->msg.arg1,
580 t->serial.c_str(), s->peer->transport->serial.c_str());
581 } else {
582 s->close(s);
583 }
584 }
585 }
586 break;
587
588 case A_WRTE: /* WRITE(local-id, remote-id, <data>) */
589 if (t->online && p->msg.arg0 != 0 && p->msg.arg1 != 0) {
590 asocket* s = find_local_socket(p->msg.arg1, p->msg.arg0);
591 if (s) {
592 s->enqueue(s, std::move(p->payload));
593 }
594 }
595 break;
596
597 default:
598 printf("handle_packet: what is %08x?!\n", p->msg.command);
599 }
600
601 put_apacket(p);
602 }
603
604 #if ADB_HOST
605
606 #ifdef _WIN32
607
608 // Try to make a handle non-inheritable and if there is an error, don't output
609 // any error info, but leave GetLastError() for the caller to read. This is
610 // convenient if the caller is expecting that this may fail and they'd like to
611 // ignore such a failure.
_try_make_handle_noninheritable(HANDLE h)612 static bool _try_make_handle_noninheritable(HANDLE h) {
613 if (h != INVALID_HANDLE_VALUE && h != NULL) {
614 return SetHandleInformation(h, HANDLE_FLAG_INHERIT, 0) ? true : false;
615 }
616
617 return true;
618 }
619
620 // Try to make a handle non-inheritable with the expectation that this should
621 // succeed, so if this fails, output error info.
_make_handle_noninheritable(HANDLE h)622 static bool _make_handle_noninheritable(HANDLE h) {
623 if (!_try_make_handle_noninheritable(h)) {
624 // Show the handle value to give us a clue in case we have problems
625 // with pseudo-handle values.
626 fprintf(stderr, "adb: cannot make handle 0x%p non-inheritable: %s\n", h,
627 android::base::SystemErrorCodeToString(GetLastError()).c_str());
628 return false;
629 }
630
631 return true;
632 }
633
634 // Create anonymous pipe, preventing inheritance of the read pipe and setting
635 // security of the write pipe to sa.
_create_anonymous_pipe(unique_handle * pipe_read_out,unique_handle * pipe_write_out,SECURITY_ATTRIBUTES * sa)636 static bool _create_anonymous_pipe(unique_handle* pipe_read_out,
637 unique_handle* pipe_write_out,
638 SECURITY_ATTRIBUTES* sa) {
639 HANDLE pipe_read_raw = NULL;
640 HANDLE pipe_write_raw = NULL;
641 if (!CreatePipe(&pipe_read_raw, &pipe_write_raw, sa, 0)) {
642 fprintf(stderr, "adb: CreatePipe failed: %s\n",
643 android::base::SystemErrorCodeToString(GetLastError()).c_str());
644 return false;
645 }
646
647 unique_handle pipe_read(pipe_read_raw);
648 pipe_read_raw = NULL;
649 unique_handle pipe_write(pipe_write_raw);
650 pipe_write_raw = NULL;
651
652 if (!_make_handle_noninheritable(pipe_read.get())) {
653 return false;
654 }
655
656 *pipe_read_out = std::move(pipe_read);
657 *pipe_write_out = std::move(pipe_write);
658
659 return true;
660 }
661
662 // Read from a pipe (that we take ownership of) and write the result to stdout/stderr. Return on
663 // error or when the pipe is closed. Internally makes inheritable handles, so this should not be
664 // called if subprocesses may be started concurrently.
_redirect_pipe_thread(HANDLE h,DWORD nStdHandle)665 static unsigned _redirect_pipe_thread(HANDLE h, DWORD nStdHandle) {
666 // Take ownership of the HANDLE and close when we're done.
667 unique_handle read_pipe(h);
668 const char* output_name = nStdHandle == STD_OUTPUT_HANDLE ? "stdout" : "stderr";
669 const int original_fd = fileno(nStdHandle == STD_OUTPUT_HANDLE ? stdout : stderr);
670 std::unique_ptr<FILE, decltype(&fclose)> stream(nullptr, fclose);
671
672 if (original_fd == -1) {
673 fprintf(stderr, "adb: failed to get file descriptor for %s: %s\n", output_name,
674 strerror(errno));
675 return EXIT_FAILURE;
676 }
677
678 // If fileno() is -2, stdout/stderr is not associated with an output stream, so we should read,
679 // but don't write. Otherwise, make a FILE* identical to stdout/stderr except that it is in
680 // binary mode with no CR/LR translation since we're reading raw.
681 if (original_fd >= 0) {
682 // This internally makes a duplicate file handle that is inheritable, so callers should not
683 // call this function if subprocesses may be started concurrently.
684 const int fd = dup(original_fd);
685 if (fd == -1) {
686 fprintf(stderr, "adb: failed to duplicate file descriptor for %s: %s\n", output_name,
687 strerror(errno));
688 return EXIT_FAILURE;
689 }
690
691 // Note that although we call fdopen() below with a binary flag, it may not adhere to that
692 // flag, so we have to set the mode manually.
693 if (_setmode(fd, _O_BINARY) == -1) {
694 fprintf(stderr, "adb: failed to set binary mode for duplicate of %s: %s\n", output_name,
695 strerror(errno));
696 unix_close(fd);
697 return EXIT_FAILURE;
698 }
699
700 stream.reset(fdopen(fd, "wb"));
701 if (stream.get() == nullptr) {
702 fprintf(stderr, "adb: failed to open duplicate stream for %s: %s\n", output_name,
703 strerror(errno));
704 unix_close(fd);
705 return EXIT_FAILURE;
706 }
707
708 // Unbuffer the stream because it will be buffered by default and we want subprocess output
709 // to be shown immediately.
710 if (setvbuf(stream.get(), NULL, _IONBF, 0) == -1) {
711 fprintf(stderr, "adb: failed to unbuffer %s: %s\n", output_name, strerror(errno));
712 return EXIT_FAILURE;
713 }
714
715 // fd will be closed when stream is closed.
716 }
717
718 while (true) {
719 char buf[64 * 1024];
720 DWORD bytes_read = 0;
721 if (!ReadFile(read_pipe.get(), buf, sizeof(buf), &bytes_read, NULL)) {
722 const DWORD err = GetLastError();
723 // ERROR_BROKEN_PIPE is expected when the subprocess closes
724 // the other end of the pipe.
725 if (err == ERROR_BROKEN_PIPE) {
726 return EXIT_SUCCESS;
727 } else {
728 fprintf(stderr, "adb: failed to read from %s: %s\n", output_name,
729 android::base::SystemErrorCodeToString(err).c_str());
730 return EXIT_FAILURE;
731 }
732 }
733
734 // Don't try to write if our stdout/stderr was not setup by the parent process.
735 if (stream) {
736 // fwrite() actually calls adb_fwrite() which can write UTF-8 to the console.
737 const size_t bytes_written = fwrite(buf, 1, bytes_read, stream.get());
738 if (bytes_written != bytes_read) {
739 fprintf(stderr, "adb: error: only wrote %zu of %lu bytes to %s\n", bytes_written,
740 bytes_read, output_name);
741 return EXIT_FAILURE;
742 }
743 }
744 }
745 }
746
_redirect_stdout_thread(HANDLE h)747 static unsigned __stdcall _redirect_stdout_thread(HANDLE h) {
748 adb_thread_setname("stdout redirect");
749 return _redirect_pipe_thread(h, STD_OUTPUT_HANDLE);
750 }
751
_redirect_stderr_thread(HANDLE h)752 static unsigned __stdcall _redirect_stderr_thread(HANDLE h) {
753 adb_thread_setname("stderr redirect");
754 return _redirect_pipe_thread(h, STD_ERROR_HANDLE);
755 }
756
757 #endif
758
ReportServerStartupFailure(pid_t pid)759 static void ReportServerStartupFailure(pid_t pid) {
760 fprintf(stderr, "ADB server didn't ACK\n");
761 fprintf(stderr, "Full server startup log: %s\n", GetLogFilePath().c_str());
762 fprintf(stderr, "Server had pid: %d\n", pid);
763
764 android::base::unique_fd fd(unix_open(GetLogFilePath(), O_RDONLY));
765 if (fd == -1) return;
766
767 // Let's not show more than 128KiB of log...
768 unix_lseek(fd, -128 * 1024, SEEK_END);
769 std::string content;
770 if (!android::base::ReadFdToString(fd, &content)) return;
771
772 std::string header = android::base::StringPrintf("--- adb starting (pid %d) ---", pid);
773 std::vector<std::string> lines = android::base::Split(content, "\n");
774 int i = lines.size() - 1;
775 while (i >= 0 && lines[i] != header) --i;
776 while (static_cast<size_t>(i) < lines.size()) fprintf(stderr, "%s\n", lines[i++].c_str());
777 }
778
launch_server(const std::string & socket_spec,const char * one_device)779 int launch_server(const std::string& socket_spec, const char* one_device) {
780 #if defined(_WIN32)
781 /* we need to start the server in the background */
782 /* we create a PIPE that will be used to wait for the server's "OK" */
783 /* message since the pipe handles must be inheritable, we use a */
784 /* security attribute */
785 SECURITY_ATTRIBUTES sa;
786 sa.nLength = sizeof(sa);
787 sa.lpSecurityDescriptor = NULL;
788 sa.bInheritHandle = TRUE;
789
790 // Redirect stdin to Windows /dev/null. If we instead pass an original
791 // stdin/stdout/stderr handle and it is a console handle, when the adb
792 // server starts up, the C Runtime will see a console handle for a process
793 // that isn't connected to a console and it will configure
794 // stdin/stdout/stderr to be closed. At that point, freopen() could be used
795 // to reopen stderr/out, but it would take more massaging to fixup the file
796 // descriptor number that freopen() uses. It's simplest to avoid all of this
797 // complexity by just redirecting stdin to `nul' and then the C Runtime acts
798 // as expected.
799 unique_handle nul_read(CreateFileW(L"nul", GENERIC_READ,
800 FILE_SHARE_READ | FILE_SHARE_WRITE, &sa, OPEN_EXISTING,
801 FILE_ATTRIBUTE_NORMAL, NULL));
802 if (nul_read.get() == INVALID_HANDLE_VALUE) {
803 fprintf(stderr, "adb: CreateFileW 'nul' failed: %s\n",
804 android::base::SystemErrorCodeToString(GetLastError()).c_str());
805 return -1;
806 }
807
808 // Create pipes with non-inheritable read handle, inheritable write handle. We need to connect
809 // the subprocess to pipes instead of just letting the subprocess inherit our existing
810 // stdout/stderr handles because a DETACHED_PROCESS cannot write to a console that it is not
811 // attached to.
812 unique_handle ack_read, ack_write;
813 if (!_create_anonymous_pipe(&ack_read, &ack_write, &sa)) {
814 return -1;
815 }
816 unique_handle stdout_read, stdout_write;
817 if (!_create_anonymous_pipe(&stdout_read, &stdout_write, &sa)) {
818 return -1;
819 }
820 unique_handle stderr_read, stderr_write;
821 if (!_create_anonymous_pipe(&stderr_read, &stderr_write, &sa)) {
822 return -1;
823 }
824
825 /* Some programs want to launch an adb command and collect its output by
826 * calling CreateProcess with inheritable stdout/stderr handles, then
827 * using read() to get its output. When this happens, the stdout/stderr
828 * handles passed to the adb client process will also be inheritable.
829 * When starting the adb server here, care must be taken to reset them
830 * to non-inheritable.
831 * Otherwise, something bad happens: even if the adb command completes,
832 * the calling process is stuck while read()-ing from the stdout/stderr
833 * descriptors, because they're connected to corresponding handles in the
834 * adb server process (even if the latter never uses/writes to them).
835 * Note that even if we don't pass these handles in the STARTUPINFO struct,
836 * if they're marked inheritable, they're still inherited, requiring us to
837 * deal with this.
838 *
839 * If we're still having problems with inheriting random handles in the
840 * future, consider using PROC_THREAD_ATTRIBUTE_HANDLE_LIST to explicitly
841 * specify which handles should be inherited: http://blogs.msdn.com/b/oldnewthing/archive/2011/12/16/10248328.aspx
842 *
843 * Older versions of Windows return console pseudo-handles that cannot be
844 * made non-inheritable, so ignore those failures.
845 */
846 _try_make_handle_noninheritable(GetStdHandle(STD_INPUT_HANDLE));
847 _try_make_handle_noninheritable(GetStdHandle(STD_OUTPUT_HANDLE));
848 _try_make_handle_noninheritable(GetStdHandle(STD_ERROR_HANDLE));
849
850 STARTUPINFOW startup;
851 ZeroMemory( &startup, sizeof(startup) );
852 startup.cb = sizeof(startup);
853 startup.hStdInput = nul_read.get();
854 startup.hStdOutput = stdout_write.get();
855 startup.hStdError = stderr_write.get();
856 startup.dwFlags = STARTF_USESTDHANDLES;
857
858 // Verify that the pipe_write handle value can be passed on the command line
859 // as %d and that the rest of adb code can pass it around in an int.
860 const int ack_write_as_int = cast_handle_to_int(ack_write.get());
861 if (cast_int_to_handle(ack_write_as_int) != ack_write.get()) {
862 // If this fires, either handle values are larger than 32-bits or else
863 // there is a bug in our casting.
864 // https://msdn.microsoft.com/en-us/library/windows/desktop/aa384203%28v=vs.85%29.aspx
865 fprintf(stderr, "adb: cannot fit pipe handle value into 32-bits: 0x%p\n", ack_write.get());
866 return -1;
867 }
868
869 // get path of current program
870 WCHAR program_path[MAX_PATH];
871 const DWORD module_result = GetModuleFileNameW(NULL, program_path,
872 arraysize(program_path));
873 if ((module_result >= arraysize(program_path)) || (module_result == 0)) {
874 // String truncation or some other error.
875 fprintf(stderr, "adb: cannot get executable path: %s\n",
876 android::base::SystemErrorCodeToString(GetLastError()).c_str());
877 return -1;
878 }
879
880 WCHAR args[4096];
881 if (one_device) {
882 snwprintf(args, arraysize(args),
883 L"adb -L %s fork-server server --reply-fd %d --one-device %s",
884 socket_spec.c_str(), ack_write_as_int, one_device);
885 } else {
886 snwprintf(args, arraysize(args), L"adb -L %s fork-server server --reply-fd %d",
887 socket_spec.c_str(), ack_write_as_int);
888 }
889
890 PROCESS_INFORMATION pinfo;
891 ZeroMemory(&pinfo, sizeof(pinfo));
892
893 if (!CreateProcessW(
894 program_path, /* program path */
895 args,
896 /* the fork-server argument will set the
897 debug = 2 in the child */
898 NULL, /* process handle is not inheritable */
899 NULL, /* thread handle is not inheritable */
900 TRUE, /* yes, inherit some handles */
901 DETACHED_PROCESS, /* the new process doesn't have a console */
902 NULL, /* use parent's environment block */
903 NULL, /* use parent's starting directory */
904 &startup, /* startup info, i.e. std handles */
905 &pinfo )) {
906 fprintf(stderr, "adb: CreateProcessW failed: %s\n",
907 android::base::SystemErrorCodeToString(GetLastError()).c_str());
908 return -1;
909 }
910
911 unique_handle process_handle(pinfo.hProcess);
912 pinfo.hProcess = NULL;
913
914 // Close handles that we no longer need to complete the rest.
915 CloseHandle(pinfo.hThread);
916 pinfo.hThread = NULL;
917
918 nul_read.reset();
919 ack_write.reset();
920 stdout_write.reset();
921 stderr_write.reset();
922
923 // Start threads to read from subprocess stdout/stderr and write to ours to make subprocess
924 // errors easier to diagnose. Note that the threads internally create inheritable handles, but
925 // that is ok because we've already spawned the subprocess.
926
927 // In the past, reading from a pipe before the child process's C Runtime
928 // started up and called GetFileType() caused a hang: http://blogs.msdn.com/b/oldnewthing/archive/2011/12/02/10243553.aspx#10244216
929 // This is reportedly fixed in Windows Vista: https://support.microsoft.com/en-us/kb/2009703
930 // I was unable to reproduce the problem on Windows XP. It sounds like a
931 // Windows Update may have fixed this: https://www.duckware.com/tech/peeknamedpipe.html
932 unique_handle stdout_thread(reinterpret_cast<HANDLE>(
933 _beginthreadex(NULL, 0, _redirect_stdout_thread, stdout_read.get(),
934 0, NULL)));
935 if (stdout_thread.get() == nullptr) {
936 fprintf(stderr, "adb: cannot create thread: %s\n", strerror(errno));
937 return -1;
938 }
939 stdout_read.release(); // Transfer ownership to new thread
940
941 unique_handle stderr_thread(reinterpret_cast<HANDLE>(
942 _beginthreadex(NULL, 0, _redirect_stderr_thread, stderr_read.get(),
943 0, NULL)));
944 if (stderr_thread.get() == nullptr) {
945 fprintf(stderr, "adb: cannot create thread: %s\n", strerror(errno));
946 return -1;
947 }
948 stderr_read.release(); // Transfer ownership to new thread
949
950 bool got_ack = false;
951
952 // Wait for the "OK\n" message, for the pipe to be closed, or other error.
953 {
954 char temp[3];
955 DWORD count = 0;
956
957 if (ReadFile(ack_read.get(), temp, sizeof(temp), &count, NULL)) {
958 const CHAR expected[] = "OK\n";
959 const DWORD expected_length = arraysize(expected) - 1;
960 if (count == expected_length &&
961 memcmp(temp, expected, expected_length) == 0) {
962 got_ack = true;
963 } else {
964 ReportServerStartupFailure(pinfo.dwProcessId);
965 return -1;
966 }
967 } else {
968 const DWORD err = GetLastError();
969 // If the ACK was not written and the process exited, GetLastError()
970 // is probably ERROR_BROKEN_PIPE, in which case that info is not
971 // useful to the user.
972 fprintf(stderr, "could not read ok from ADB Server%s\n",
973 err == ERROR_BROKEN_PIPE ? "" :
974 android::base::StringPrintf(": %s",
975 android::base::SystemErrorCodeToString(err).c_str()).c_str());
976 }
977 }
978
979 // Always try to wait a bit for threads reading stdout/stderr to finish.
980 // If the process started ok, it should close the pipes causing the threads
981 // to finish. If the process had an error, it should exit, also causing
982 // the pipes to be closed. In that case we want to read all of the output
983 // and write it out so that the user can diagnose failures.
984 const DWORD thread_timeout_ms = 15 * 1000;
985 const HANDLE threads[] = { stdout_thread.get(), stderr_thread.get() };
986 const DWORD wait_result = WaitForMultipleObjects(arraysize(threads),
987 threads, TRUE, thread_timeout_ms);
988 if (wait_result == WAIT_TIMEOUT) {
989 // Threads did not finish after waiting a little while. Perhaps the
990 // server didn't close pipes, or it is hung.
991 fprintf(stderr, "adb: timed out waiting for threads to finish reading from ADB server\n");
992 // Process handles are signaled when the process exits, so if we wait
993 // on the handle for 0 seconds and it returns 'timeout', that means that
994 // the process is still running.
995 if (WaitForSingleObject(process_handle.get(), 0) == WAIT_TIMEOUT) {
996 // We could TerminateProcess(), but that seems somewhat presumptive.
997 fprintf(stderr, "adb: server is running with process id %lu\n", pinfo.dwProcessId);
998 }
999 return -1;
1000 }
1001
1002 if (wait_result != WAIT_OBJECT_0) {
1003 fprintf(stderr, "adb: unexpected result waiting for threads: %lu: %s\n", wait_result,
1004 android::base::SystemErrorCodeToString(GetLastError()).c_str());
1005 return -1;
1006 }
1007
1008 // For now ignore the thread exit codes and assume they worked properly.
1009
1010 if (!got_ack) {
1011 return -1;
1012 }
1013 #else /* !defined(_WIN32) */
1014 // set up a pipe so the child can tell us when it is ready.
1015 unique_fd pipe_read, pipe_write;
1016 if (!Pipe(&pipe_read, &pipe_write)) {
1017 fprintf(stderr, "pipe failed in launch_server, errno: %d\n", errno);
1018 return -1;
1019 }
1020
1021 std::string path = android::base::GetExecutablePath();
1022
1023 pid_t pid = fork();
1024 if (pid < 0) return -1;
1025
1026 if (pid == 0) {
1027 // child side of the fork
1028 pipe_read.reset();
1029
1030 // android::base::Pipe unconditionally opens the pipe with O_CLOEXEC.
1031 // Undo this manually.
1032 fcntl(pipe_write.get(), F_SETFD, 0);
1033
1034 char reply_fd[30];
1035 snprintf(reply_fd, sizeof(reply_fd), "%d", pipe_write.get());
1036 // child process
1037 std::vector<const char*> child_argv = {
1038 "adb", "-L", socket_spec.c_str(), "fork-server", "server", "--reply-fd", reply_fd};
1039 if (one_device) {
1040 child_argv.push_back("--one-device");
1041 child_argv.push_back(one_device);
1042 } else if (access("/etc/adb/one_device_required", F_OK) == 0) {
1043 fprintf(stderr,
1044 "adb: cannot start server: --one-device option is required for this system in "
1045 "order to start adb.\n");
1046 return -1;
1047 }
1048 child_argv.push_back(nullptr);
1049 int result = execv(path.c_str(), const_cast<char* const*>(child_argv.data()));
1050 // this should not return
1051 fprintf(stderr, "adb: execl returned %d: %s\n", result, strerror(errno));
1052 } else {
1053 // parent side of the fork
1054 char temp[3] = {};
1055 // wait for the "OK\n" message
1056 pipe_write.reset();
1057 int ret = adb_read(pipe_read.get(), temp, 3);
1058 int saved_errno = errno;
1059 pipe_read.reset();
1060 if (ret < 0) {
1061 fprintf(stderr, "could not read ok from ADB Server, errno = %d\n", saved_errno);
1062 return -1;
1063 }
1064 if (ret != 3 || temp[0] != 'O' || temp[1] != 'K' || temp[2] != '\n') {
1065 ReportServerStartupFailure(pid);
1066 return -1;
1067 }
1068 }
1069 #endif /* !defined(_WIN32) */
1070 return 0;
1071 }
1072 #endif /* ADB_HOST */
1073
handle_forward_request(const char * service,atransport * transport,int reply_fd)1074 bool handle_forward_request(const char* service, atransport* transport, int reply_fd) {
1075 return handle_forward_request(service, [transport](std::string*) { return transport; },
1076 reply_fd);
1077 }
1078
1079 // Try to handle a network forwarding request.
handle_forward_request(const char * service,std::function<atransport * (std::string * error)> transport_acquirer,int reply_fd)1080 bool handle_forward_request(const char* service,
1081 std::function<atransport*(std::string* error)> transport_acquirer,
1082 int reply_fd) {
1083 if (!strcmp(service, "list-forward")) {
1084 // Create the list of forward redirections.
1085 std::string listeners = format_listeners();
1086 #if ADB_HOST
1087 SendOkay(reply_fd);
1088 #endif
1089 SendProtocolString(reply_fd, listeners);
1090 return true;
1091 }
1092
1093 if (!strcmp(service, "killforward-all")) {
1094 remove_all_listeners();
1095 #if ADB_HOST
1096 /* On the host: 1st OKAY is connect, 2nd OKAY is status */
1097 SendOkay(reply_fd);
1098 #endif
1099 SendOkay(reply_fd);
1100 return true;
1101 }
1102
1103 if (!strncmp(service, "forward:", 8) || !strncmp(service, "killforward:", 12)) {
1104 // killforward:local
1105 // forward:(norebind:)?local;remote
1106 std::string error;
1107 atransport* transport = transport_acquirer(&error);
1108 if (!transport) {
1109 SendFail(reply_fd, error);
1110 return true;
1111 }
1112
1113 bool kill_forward = false;
1114 bool no_rebind = false;
1115 if (android::base::StartsWith(service, "killforward:")) {
1116 kill_forward = true;
1117 service += 12;
1118 } else {
1119 service += 8; // skip past "forward:"
1120 if (android::base::StartsWith(service, "norebind:")) {
1121 no_rebind = true;
1122 service += 9;
1123 }
1124 }
1125
1126 std::vector<std::string> pieces = android::base::Split(service, ";");
1127
1128 if (kill_forward) {
1129 // Check killforward: parameter format: '<local>'
1130 if (pieces.size() != 1 || pieces[0].empty()) {
1131 SendFail(reply_fd, android::base::StringPrintf("bad killforward: %s", service));
1132 return true;
1133 }
1134 } else {
1135 // Check forward: parameter format: '<local>;<remote>'
1136 if (pieces.size() != 2 || pieces[0].empty() || pieces[1].empty() || pieces[1][0] == '*') {
1137 SendFail(reply_fd, android::base::StringPrintf("bad forward: %s", service));
1138 return true;
1139 }
1140 }
1141
1142 InstallStatus r;
1143 int resolved_tcp_port = 0;
1144 if (kill_forward) {
1145 r = remove_listener(pieces[0].c_str(), transport);
1146 } else {
1147 int flags = 0;
1148 if (no_rebind) {
1149 flags |= INSTALL_LISTENER_NO_REBIND;
1150 }
1151 r = install_listener(pieces[0], pieces[1].c_str(), transport, flags, &resolved_tcp_port,
1152 &error);
1153 }
1154 if (r == INSTALL_STATUS_OK) {
1155 #if ADB_HOST
1156 // On the host: 1st OKAY is connect, 2nd OKAY is status.
1157 SendOkay(reply_fd);
1158 #endif
1159 SendOkay(reply_fd);
1160
1161 // If a TCP port was resolved, send the actual port number back.
1162 if (resolved_tcp_port != 0) {
1163 SendProtocolString(reply_fd, android::base::StringPrintf("%d", resolved_tcp_port));
1164 }
1165
1166 return true;
1167 }
1168
1169 std::string message;
1170 switch (r) {
1171 case INSTALL_STATUS_OK: message = "success (!)"; break;
1172 case INSTALL_STATUS_INTERNAL_ERROR: message = "internal error"; break;
1173 case INSTALL_STATUS_CANNOT_BIND:
1174 message = android::base::StringPrintf("cannot bind listener: %s",
1175 error.c_str());
1176 break;
1177 case INSTALL_STATUS_CANNOT_REBIND:
1178 message = android::base::StringPrintf("cannot rebind existing socket");
1179 break;
1180 case INSTALL_STATUS_LISTENER_NOT_FOUND:
1181 message = android::base::StringPrintf("listener '%s' not found", service);
1182 break;
1183 }
1184 SendFail(reply_fd, message);
1185 return true;
1186 }
1187
1188 return false;
1189 }
1190
1191 #if ADB_HOST
SendOkay(int fd,const std::string & s)1192 static int SendOkay(int fd, const std::string& s) {
1193 SendOkay(fd);
1194 SendProtocolString(fd, s);
1195 return 0;
1196 }
1197
1198 static bool g_reject_kill_server = false;
adb_set_reject_kill_server(bool value)1199 void adb_set_reject_kill_server(bool value) {
1200 g_reject_kill_server = value;
1201 }
1202
handle_mdns_request(std::string_view service,int reply_fd)1203 static bool handle_mdns_request(std::string_view service, int reply_fd) {
1204 if (!android::base::ConsumePrefix(&service, "mdns:")) {
1205 return false;
1206 }
1207
1208 if (service == "check") {
1209 std::string check = mdns_check();
1210 SendOkay(reply_fd, check);
1211 return true;
1212 }
1213 if (service == "services") {
1214 std::string services_list = mdns_list_discovered_services();
1215 SendOkay(reply_fd, services_list);
1216 return true;
1217 }
1218
1219 return false;
1220 }
1221
handle_host_request(std::string_view service,TransportType type,const char * serial,TransportId transport_id,int reply_fd,asocket * s)1222 HostRequestResult handle_host_request(std::string_view service, TransportType type,
1223 const char* serial, TransportId transport_id, int reply_fd,
1224 asocket* s) {
1225 if (service == "kill") {
1226 if (g_reject_kill_server) {
1227 LOG(WARNING) << "adb server ignoring kill-server";
1228 SendFail(reply_fd, "kill-server rejected by remote server");
1229 } else {
1230 fprintf(stderr, "adb server killed by remote request\n");
1231 SendOkay(reply_fd);
1232
1233 // Rely on process exit to close the socket for us.
1234 exit(0);
1235 }
1236 }
1237
1238 LOG(DEBUG) << "handle_host_request(" << service << ")";
1239
1240 // Transport selection:
1241 if (service.starts_with("transport") || service.starts_with("tport:")) {
1242 TransportType type = kTransportAny;
1243
1244 std::string serial_storage;
1245 bool legacy = true;
1246
1247 // New transport selection protocol:
1248 // This is essentially identical to the previous version, except it returns the selected
1249 // transport id to the caller as well.
1250 if (android::base::ConsumePrefix(&service, "tport:")) {
1251 legacy = false;
1252 if (android::base::ConsumePrefix(&service, "serial:")) {
1253 serial_storage = service;
1254 serial = serial_storage.c_str();
1255 } else if (service == "usb") {
1256 type = kTransportUsb;
1257 } else if (service == "local") {
1258 type = kTransportLocal;
1259 } else if (service == "any") {
1260 type = kTransportAny;
1261 }
1262
1263 // Selection by id is unimplemented, since you obviously already know the transport id
1264 // you're connecting to.
1265 } else {
1266 if (android::base::ConsumePrefix(&service, "transport-id:")) {
1267 if (!ParseUint(&transport_id, service)) {
1268 SendFail(reply_fd, "invalid transport id");
1269 return HostRequestResult::Handled;
1270 }
1271 } else if (service == "transport-usb") {
1272 type = kTransportUsb;
1273 } else if (service == "transport-local") {
1274 type = kTransportLocal;
1275 } else if (service == "transport-any") {
1276 type = kTransportAny;
1277 } else if (android::base::ConsumePrefix(&service, "transport:")) {
1278 serial_storage = service;
1279 serial = serial_storage.c_str();
1280 }
1281 }
1282
1283 std::string error;
1284 atransport* t = acquire_one_transport(type, serial, transport_id, nullptr, &error);
1285 if (t != nullptr) {
1286 s->transport = t;
1287 SendOkay(reply_fd);
1288
1289 if (!legacy) {
1290 // Nothing we can do if this fails.
1291 WriteFdExactly(reply_fd, &t->id, sizeof(t->id));
1292 }
1293
1294 return HostRequestResult::SwitchedTransport;
1295 } else {
1296 SendFail(reply_fd, error);
1297 return HostRequestResult::Handled;
1298 }
1299 }
1300
1301 // return a list of all connected devices
1302 if (service == "devices" || service == "devices-l") {
1303 bool long_listing = service == "devices-l";
1304 D("Getting device list...");
1305 std::string device_list = list_transports(long_listing);
1306 D("Sending device list...");
1307 SendOkay(reply_fd, device_list);
1308 return HostRequestResult::Handled;
1309 }
1310
1311 if (service == "reconnect-offline") {
1312 std::string response;
1313 close_usb_devices([&response](const atransport* transport) {
1314 if (!ConnectionStateIsOnline(transport->GetConnectionState())) {
1315 response += "reconnecting " + transport->serial_name() + "\n";
1316 return true;
1317 }
1318 return false;
1319 }, true);
1320 if (!response.empty()) {
1321 response.resize(response.size() - 1);
1322 }
1323 SendOkay(reply_fd, response);
1324 return HostRequestResult::Handled;
1325 }
1326
1327 if (service == "features") {
1328 std::string error;
1329 atransport* t =
1330 s->transport ? s->transport
1331 : acquire_one_transport(type, serial, transport_id, nullptr, &error);
1332 if (t != nullptr) {
1333 SendOkay(reply_fd, FeatureSetToString(t->features()));
1334 } else {
1335 SendFail(reply_fd, error);
1336 }
1337 return HostRequestResult::Handled;
1338 }
1339
1340 if (service == "host-features") {
1341 FeatureSet features = supported_features();
1342 // Abuse features to report libusb status.
1343 if (should_use_libusb()) {
1344 features.emplace_back(kFeatureLibusb);
1345 }
1346 features.emplace_back(kFeaturePushSync);
1347 SendOkay(reply_fd, FeatureSetToString(features));
1348 return HostRequestResult::Handled;
1349 }
1350
1351 // remove TCP transport
1352 if (service.starts_with("disconnect:")) {
1353 std::string address(service.substr(11));
1354 if (address.empty()) {
1355 kick_all_tcp_devices();
1356 SendOkay(reply_fd, "disconnected everything");
1357 return HostRequestResult::Handled;
1358 }
1359
1360 // Mdns instance named device
1361 atransport* t = find_transport(address.c_str());
1362 if (t != nullptr) {
1363 kick_transport(t);
1364 SendOkay(reply_fd, android::base::StringPrintf("disconnected %s", address.c_str()));
1365 return HostRequestResult::Handled;
1366 }
1367
1368 std::string serial;
1369 std::string host;
1370 int port = DEFAULT_ADB_LOCAL_TRANSPORT_PORT;
1371 std::string error;
1372 if (address.starts_with("vsock:") || address.starts_with("localfilesystem:")) {
1373 serial = address;
1374 } else if (!android::base::ParseNetAddress(address, &host, &port, &serial, &error)) {
1375 SendFail(reply_fd, android::base::StringPrintf("couldn't parse '%s': %s",
1376 address.c_str(), error.c_str()));
1377 return HostRequestResult::Handled;
1378 }
1379 t = find_transport(serial.c_str());
1380 if (t == nullptr) {
1381 SendFail(reply_fd, android::base::StringPrintf("no such device '%s'", serial.c_str()));
1382 return HostRequestResult::Handled;
1383 }
1384 kick_transport(t);
1385 SendOkay(reply_fd, android::base::StringPrintf("disconnected %s", address.c_str()));
1386 return HostRequestResult::Handled;
1387 }
1388
1389 // Returns our value for ADB_SERVER_VERSION.
1390 if (service == "version") {
1391 SendOkay(reply_fd, android::base::StringPrintf("%04x", ADB_SERVER_VERSION));
1392 return HostRequestResult::Handled;
1393 }
1394
1395 // These always report "unknown" rather than the actual error, for scripts.
1396 if (service == "get-serialno") {
1397 std::string error;
1398 atransport* t =
1399 s->transport ? s->transport
1400 : acquire_one_transport(type, serial, transport_id, nullptr, &error);
1401 if (t) {
1402 SendOkay(reply_fd, !t->serial.empty() ? t->serial : "unknown");
1403 } else {
1404 SendFail(reply_fd, error);
1405 }
1406 return HostRequestResult::Handled;
1407 }
1408 if (service == "get-devpath") {
1409 std::string error;
1410 atransport* t =
1411 s->transport ? s->transport
1412 : acquire_one_transport(type, serial, transport_id, nullptr, &error);
1413 if (t) {
1414 SendOkay(reply_fd, !t->devpath.empty() ? t->devpath : "unknown");
1415 } else {
1416 SendFail(reply_fd, error);
1417 }
1418 return HostRequestResult::Handled;
1419 }
1420 if (service == "get-state") {
1421 std::string error;
1422 atransport* t =
1423 s->transport ? s->transport
1424 : acquire_one_transport(type, serial, transport_id, nullptr, &error);
1425 if (t) {
1426 SendOkay(reply_fd, to_string(t->GetConnectionState()));
1427 } else {
1428 SendFail(reply_fd, error);
1429 }
1430 return HostRequestResult::Handled;
1431 }
1432
1433 // Indicates a new emulator instance has started.
1434 if (android::base::ConsumePrefix(&service, "emulator:")) {
1435 unsigned int port;
1436 if (!ParseUint(&port, service)) {
1437 LOG(ERROR) << "received invalid port for emulator: " << service;
1438 } else {
1439 local_connect(port);
1440 }
1441
1442 /* we don't even need to send a reply */
1443 return HostRequestResult::Handled;
1444 }
1445
1446 if (service == "reconnect") {
1447 std::string response;
1448 atransport* t = s->transport ? s->transport
1449 : acquire_one_transport(type, serial, transport_id, nullptr,
1450 &response, true);
1451 if (t != nullptr) {
1452 kick_transport(t, true);
1453 response = "reconnecting " + t->serial_name() + " [" +
1454 to_string(t->GetConnectionState()) + "]\n";
1455 }
1456 SendOkay(reply_fd, response);
1457 return HostRequestResult::Handled;
1458 }
1459
1460 if (service == "attach") {
1461 std::string error;
1462 atransport* t = s->transport ? s->transport
1463 : acquire_one_transport(type, serial, transport_id, nullptr,
1464 &error, true);
1465 if (!t) {
1466 SendFail(reply_fd, error);
1467 return HostRequestResult::Handled;
1468 }
1469
1470 if (t->Attach(&error)) {
1471 SendOkay(reply_fd,
1472 android::base::StringPrintf("%s attached", t->serial_name().c_str()));
1473 } else {
1474 SendFail(reply_fd, error);
1475 }
1476 return HostRequestResult::Handled;
1477 }
1478
1479 if (service == "detach") {
1480 std::string error;
1481 atransport* t = s->transport ? s->transport
1482 : acquire_one_transport(type, serial, transport_id, nullptr,
1483 &error, true);
1484 if (!t) {
1485 SendFail(reply_fd, error);
1486 return HostRequestResult::Handled;
1487 }
1488
1489 // HACK:
1490 // Detaching the transport will lead to all of its sockets being closed,
1491 // but we're handling one of those sockets right now!
1492 //
1493 // Mark the socket as not having a transport, knowing that it'll be cleaned up by the
1494 // function that called us.
1495 s->transport = nullptr;
1496
1497 if (t->Detach(&error)) {
1498 SendOkay(reply_fd,
1499 android::base::StringPrintf("%s detached", t->serial_name().c_str()));
1500 } else {
1501 SendFail(reply_fd, error);
1502 }
1503 return HostRequestResult::Handled;
1504 }
1505
1506 // TODO: Switch handle_forward_request to string_view.
1507 std::string service_str(service);
1508 auto transport_acquirer = [=](std::string* error) {
1509 if (s->transport) {
1510 return s->transport;
1511 } else {
1512 std::string error;
1513 return acquire_one_transport(type, serial, transport_id, nullptr, &error);
1514 }
1515 };
1516 if (handle_forward_request(service_str.c_str(), transport_acquirer, reply_fd)) {
1517 return HostRequestResult::Handled;
1518 }
1519
1520 if (handle_mdns_request(service, reply_fd)) {
1521 return HostRequestResult::Handled;
1522 }
1523
1524 return HostRequestResult::Unhandled;
1525 }
1526
1527 static auto& init_mutex = *new std::mutex();
1528 static auto& init_cv = *new std::condition_variable();
1529 static bool device_scan_complete = false;
1530 static bool transports_ready = false;
1531
update_transport_status()1532 void update_transport_status() {
1533 bool result = iterate_transports([](const atransport* t) {
1534 if (t->type == kTransportUsb && t->online != 1) {
1535 return false;
1536 }
1537 return true;
1538 });
1539
1540 bool ready;
1541 {
1542 std::lock_guard<std::mutex> lock(init_mutex);
1543 transports_ready = result;
1544 ready = transports_ready && device_scan_complete;
1545 }
1546
1547 if (ready) {
1548 init_cv.notify_all();
1549 }
1550 }
1551
adb_notify_device_scan_complete()1552 void adb_notify_device_scan_complete() {
1553 {
1554 std::lock_guard<std::mutex> lock(init_mutex);
1555 if (device_scan_complete) {
1556 return;
1557 }
1558
1559 device_scan_complete = true;
1560 }
1561
1562 update_transport_status();
1563 }
1564
adb_wait_for_device_initialization()1565 void adb_wait_for_device_initialization() {
1566 std::unique_lock<std::mutex> lock(init_mutex);
1567 init_cv.wait_for(lock, 3s, []() { return device_scan_complete && transports_ready; });
1568 }
1569
1570 #endif // ADB_HOST
1571