1 /*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define TRACE_TAG TRANSPORT
18
19 #include "sysdeps.h"
20
21 #include "transport.h"
22
23 #include <ctype.h>
24 #include <errno.h>
25 #include <inttypes.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <unistd.h>
30
31 #include <algorithm>
32 #include <list>
33 #include <memory>
34 #include <mutex>
35 #include <set>
36 #include <string>
37 #include <thread>
38
39 #include <adb/crypto/rsa_2048_key.h>
40 #include <adb/crypto/x509_generator.h>
41 #include <adb/tls/tls_connection.h>
42 #include <android-base/logging.h>
43 #include <android-base/no_destructor.h>
44 #include <android-base/parsenetaddress.h>
45 #include <android-base/stringprintf.h>
46 #include <android-base/strings.h>
47 #include <android-base/thread_annotations.h>
48 #include <diagnose_usb.h>
49
50 #include "adb.h"
51 #include "adb_auth.h"
52 #include "adb_io.h"
53 #include "adb_trace.h"
54 #include "adb_utils.h"
55 #include "fdevent/fdevent.h"
56 #include "sysdeps/chrono.h"
57
58 #if ADB_HOST
59 #include <google/protobuf/text_format.h>
60 #include "adb_host.pb.h"
61 #include "client/detach.h"
62 #include "client/usb.h"
63 #endif
64
65 using namespace adb::crypto;
66 using namespace adb::tls;
67 using namespace std::string_literals;
68 using android::base::ScopedLockAssertion;
69 using TlsError = TlsConnection::TlsError;
70
71 static void remove_transport(atransport* transport);
72 static void transport_destroy(atransport* transport);
73
74 static auto& transport_lock = *new std::recursive_mutex();
75 // When a tranport is created, it is not started yet (and in the case of the host side, it has
76 // not yet sent CNXN). These transports are staged in the pending list.
77 static auto& pending_list = *new std::list<atransport*>();
78 // TODO: unordered_map<TransportId, atransport*>
79 static auto& transport_list = *new std::list<atransport*>();
80
81 const char* const kFeatureShell2 = "shell_v2";
82 const char* const kFeatureCmd = "cmd";
83 const char* const kFeatureStat2 = "stat_v2";
84 const char* const kFeatureLs2 = "ls_v2";
85 const char* const kFeatureLibusb = "libusb";
86 const char* const kFeaturePushSync = "push_sync";
87 const char* const kFeatureApex = "apex";
88 const char* const kFeatureFixedPushMkdir = "fixed_push_mkdir";
89 const char* const kFeatureAbb = "abb";
90 const char* const kFeatureFixedPushSymlinkTimestamp = "fixed_push_symlink_timestamp";
91 const char* const kFeatureAbbExec = "abb_exec";
92 const char* const kFeatureRemountShell = "remount_shell";
93 const char* const kFeatureTrackApp = "track_app";
94 const char* const kFeatureSendRecv2 = "sendrecv_v2";
95 const char* const kFeatureSendRecv2Brotli = "sendrecv_v2_brotli";
96 const char* const kFeatureSendRecv2LZ4 = "sendrecv_v2_lz4";
97 const char* const kFeatureSendRecv2Zstd = "sendrecv_v2_zstd";
98 const char* const kFeatureSendRecv2DryRunSend = "sendrecv_v2_dry_run_send";
99 const char* const kFeatureDelayedAck = "delayed_ack";
100 // TODO(joshuaduong): Bump to v2 when openscreen discovery is enabled by default
101 const char* const kFeatureOpenscreenMdns = "openscreen_mdns";
102 const char* const kFeatureDeviceTrackerProtoFormat = "devicetracker_proto_format";
103 const char* const kFeatureDevRaw = "devraw";
104 const char* const kFeatureAppInfo = "app_info"; // Add information to track-app (package name, ...)
105 const char* const kFeatureServerStatus = "server_status"; // Ability to output server status
106
107 namespace {
108
109 #if ADB_HOST
110
111 // Tracks and handles atransport*s that are attempting reconnection.
112 class ReconnectHandler {
113 public:
114 ReconnectHandler() = default;
115 ~ReconnectHandler() = default;
116
117 // Starts the ReconnectHandler thread.
118 void Start();
119
120 // Requests the ReconnectHandler thread to stop.
121 void Stop();
122
123 // Adds the atransport* to the queue of reconnect attempts.
124 void TrackTransport(atransport* transport);
125
126 // Wake up the ReconnectHandler thread to have it check for kicked transports.
127 void CheckForKicked();
128
129 private:
130 // The main thread loop.
131 void Run();
132
133 // Tracks a reconnection attempt.
134 struct ReconnectAttempt {
135 atransport* transport;
136 std::chrono::steady_clock::time_point reconnect_time;
137 size_t attempts_left;
138
operator <__anon2ca61e5f0111::ReconnectHandler::ReconnectAttempt139 bool operator<(const ReconnectAttempt& rhs) const {
140 if (reconnect_time == rhs.reconnect_time) {
141 return reinterpret_cast<uintptr_t>(transport) <
142 reinterpret_cast<uintptr_t>(rhs.transport);
143 }
144 return reconnect_time < rhs.reconnect_time;
145 }
146 };
147
148 // Only retry for up to one minute.
149 static constexpr const std::chrono::seconds kDefaultTimeout = 3s;
150 static constexpr const size_t kMaxAttempts = 20;
151
152 // Protects all members.
153 std::mutex reconnect_mutex_;
154 bool running_ GUARDED_BY(reconnect_mutex_) = true;
155 std::thread handler_thread_;
156 std::condition_variable reconnect_cv_;
157 std::set<ReconnectAttempt> reconnect_queue_ GUARDED_BY(reconnect_mutex_);
158
159 DISALLOW_COPY_AND_ASSIGN(ReconnectHandler);
160 };
161
Start()162 void ReconnectHandler::Start() {
163 fdevent_check_looper();
164 handler_thread_ = std::thread(&ReconnectHandler::Run, this);
165 }
166
Stop()167 void ReconnectHandler::Stop() {
168 fdevent_check_looper();
169 {
170 std::lock_guard<std::mutex> lock(reconnect_mutex_);
171 running_ = false;
172 }
173 reconnect_cv_.notify_one();
174 handler_thread_.join();
175
176 // Drain the queue to free all resources.
177 std::lock_guard<std::mutex> lock(reconnect_mutex_);
178 while (!reconnect_queue_.empty()) {
179 ReconnectAttempt attempt = *reconnect_queue_.begin();
180 reconnect_queue_.erase(reconnect_queue_.begin());
181 remove_transport(attempt.transport);
182 }
183 }
184
TrackTransport(atransport * transport)185 void ReconnectHandler::TrackTransport(atransport* transport) {
186 fdevent_check_looper();
187 {
188 std::lock_guard<std::mutex> lock(reconnect_mutex_);
189 if (!running_) return;
190 // Arbitrary sleep to give adbd time to get ready, if we disconnected because it exited.
191 auto reconnect_time = std::chrono::steady_clock::now() + 250ms;
192 reconnect_queue_.emplace(
193 ReconnectAttempt{transport, reconnect_time, ReconnectHandler::kMaxAttempts});
194 }
195 reconnect_cv_.notify_one();
196 }
197
CheckForKicked()198 void ReconnectHandler::CheckForKicked() {
199 reconnect_cv_.notify_one();
200 }
201
Run()202 void ReconnectHandler::Run() {
203 while (true) {
204 ReconnectAttempt attempt;
205 {
206 std::unique_lock<std::mutex> lock(reconnect_mutex_);
207 ScopedLockAssertion assume_lock(reconnect_mutex_);
208
209 if (!reconnect_queue_.empty()) {
210 // FIXME: libstdc++ (used on Windows) implements condition_variable with
211 // system_clock as its clock, so we're probably hosed if the clock changes,
212 // even if we use steady_clock throughout. This problem goes away once we
213 // switch to libc++.
214 reconnect_cv_.wait_until(lock, reconnect_queue_.begin()->reconnect_time);
215 } else {
216 reconnect_cv_.wait(lock);
217 }
218
219 if (!running_) return;
220
221 // Scan the whole list for kicked transports, so that we immediately handle an explicit
222 // disconnect request.
223 for (auto it = reconnect_queue_.begin(); it != reconnect_queue_.end();) {
224 if (it->transport->kicked()) {
225 D("transport %s was kicked. giving up on it.", it->transport->serial.c_str());
226 remove_transport(it->transport);
227 it = reconnect_queue_.erase(it);
228 } else {
229 ++it;
230 }
231 }
232
233 if (reconnect_queue_.empty()) continue;
234
235 // Go back to sleep if we either woke up spuriously, or we were woken up to remove
236 // a kicked transport, and the first transport isn't ready for reconnection yet.
237 auto now = std::chrono::steady_clock::now();
238 if (reconnect_queue_.begin()->reconnect_time > now) {
239 continue;
240 }
241
242 attempt = *reconnect_queue_.begin();
243 reconnect_queue_.erase(reconnect_queue_.begin());
244 }
245 D("attempting to reconnect %s", attempt.transport->serial.c_str());
246
247 switch (attempt.transport->Reconnect()) {
248 case ReconnectResult::Retry: {
249 D("attempting to reconnect %s failed.", attempt.transport->serial.c_str());
250 if (attempt.attempts_left == 0) {
251 D("transport %s exceeded the number of retry attempts. giving up on it.",
252 attempt.transport->serial.c_str());
253 remove_transport(attempt.transport);
254 continue;
255 }
256
257 std::lock_guard<std::mutex> lock(reconnect_mutex_);
258 reconnect_queue_.emplace(ReconnectAttempt{
259 attempt.transport,
260 std::chrono::steady_clock::now() + ReconnectHandler::kDefaultTimeout,
261 attempt.attempts_left - 1});
262 continue;
263 }
264
265 case ReconnectResult::Success:
266 D("reconnection to %s succeeded.", attempt.transport->serial.c_str());
267 register_transport(attempt.transport);
268 continue;
269
270 case ReconnectResult::Abort:
271 D("cancelling reconnection attempt to %s.", attempt.transport->serial.c_str());
272 remove_transport(attempt.transport);
273 continue;
274 }
275 }
276 }
277
278 static auto& reconnect_handler = *new ReconnectHandler();
279
280 #endif
281
282 } // namespace
283
NextTransportId()284 TransportId NextTransportId() {
285 static std::atomic<TransportId> next(1);
286 return next++;
287 }
288
Reset()289 void Connection::Reset() {
290 LOG(INFO) << "Connection::Reset(): stopping";
291 Stop();
292 }
293
Serial() const294 std::string Connection::Serial() const {
295 return transport_ ? transport_->serial_name() : "<unknown>";
296 }
297
BlockingConnectionAdapter(std::unique_ptr<BlockingConnection> connection)298 BlockingConnectionAdapter::BlockingConnectionAdapter(std::unique_ptr<BlockingConnection> connection)
299 : underlying_(std::move(connection)) {}
300
~BlockingConnectionAdapter()301 BlockingConnectionAdapter::~BlockingConnectionAdapter() {
302 LOG(INFO) << "BlockingConnectionAdapter(" << Serial() << "): destructing";
303 Stop();
304 }
305
Start()306 bool BlockingConnectionAdapter::Start() {
307 std::lock_guard<std::mutex> lock(mutex_);
308 if (started_) {
309 LOG(FATAL) << "BlockingConnectionAdapter(" << Serial() << "): started multiple times";
310 }
311
312 StartReadThread();
313
314 write_thread_ = std::thread([this]() {
315 LOG(INFO) << Serial() << ": write thread spawning";
316 while (true) {
317 std::unique_lock<std::mutex> lock(mutex_);
318 ScopedLockAssertion assume_locked(mutex_);
319 cv_.wait(lock, [this]() REQUIRES(mutex_) {
320 return this->stopped_ || !this->write_queue_.empty();
321 });
322
323 if (this->stopped_) {
324 return;
325 }
326
327 std::unique_ptr<apacket> packet = std::move(this->write_queue_.front());
328 this->write_queue_.pop_front();
329 lock.unlock();
330
331 if (!this->underlying_->Write(packet.get())) {
332 break;
333 }
334 }
335 std::call_once(this->error_flag_, [this]() { transport_->HandleError("write failed"); });
336 });
337
338 started_ = true;
339 return true;
340 }
341
StartReadThread()342 void BlockingConnectionAdapter::StartReadThread() {
343 read_thread_ = std::thread([this]() {
344 LOG(INFO) << Serial() << ": read thread spawning";
345 while (true) {
346 auto packet = std::make_unique<apacket>();
347 if (!underlying_->Read(packet.get())) {
348 PLOG(INFO) << Serial() << ": read failed";
349 break;
350 }
351
352 bool got_stls_cmd = false;
353 if (packet->msg.command == A_STLS) {
354 got_stls_cmd = true;
355 }
356
357 transport_->HandleRead(std::move(packet));
358
359 // If we received the STLS packet, we are about to perform the TLS
360 // handshake. So this read thread must stop and resume after the
361 // handshake completes otherwise this will interfere in the process.
362 if (got_stls_cmd) {
363 LOG(INFO) << Serial() << ": Received STLS packet. Stopping read thread.";
364 return;
365 }
366 }
367 std::call_once(this->error_flag_, [this]() { transport_->HandleError("read failed"); });
368 });
369 }
370
DoTlsHandshake(RSA * key,std::string * auth_key)371 bool BlockingConnectionAdapter::DoTlsHandshake(RSA* key, std::string* auth_key) {
372 std::lock_guard<std::mutex> lock(mutex_);
373 if (read_thread_.joinable()) {
374 read_thread_.join();
375 }
376 bool success = this->underlying_->DoTlsHandshake(key, auth_key);
377 StartReadThread();
378 return success;
379 }
380
Reset()381 void BlockingConnectionAdapter::Reset() {
382 {
383 std::lock_guard<std::mutex> lock(mutex_);
384 if (!started_) {
385 LOG(INFO) << "BlockingConnectionAdapter(" << Serial() << "): not started";
386 return;
387 }
388
389 if (stopped_) {
390 LOG(INFO) << "BlockingConnectionAdapter(" << Serial() << "): already stopped";
391 return;
392 }
393 }
394
395 LOG(INFO) << "BlockingConnectionAdapter(" << Serial() << "): resetting";
396 this->underlying_->Reset();
397 Stop();
398 }
399
Stop()400 void BlockingConnectionAdapter::Stop() {
401 {
402 std::lock_guard<std::mutex> lock(mutex_);
403 if (!started_) {
404 LOG(INFO) << "BlockingConnectionAdapter(" << Serial() << "): not started";
405 return;
406 }
407
408 if (stopped_) {
409 LOG(INFO) << "BlockingConnectionAdapter(" << Serial() << "): already stopped";
410 return;
411 }
412
413 stopped_ = true;
414 }
415
416 LOG(INFO) << "BlockingConnectionAdapter(" << Serial() << "): stopping";
417
418 this->underlying_->Close();
419 this->cv_.notify_one();
420
421 // Move the threads out into locals with the lock taken, and then unlock to let them exit.
422 std::thread read_thread;
423 std::thread write_thread;
424
425 {
426 std::lock_guard<std::mutex> lock(mutex_);
427 read_thread = std::move(read_thread_);
428 write_thread = std::move(write_thread_);
429 }
430
431 read_thread.join();
432 write_thread.join();
433
434 LOG(INFO) << "BlockingConnectionAdapter(" << Serial() << "): stopped";
435 std::call_once(this->error_flag_, [this]() { transport_->HandleError("requested stop"); });
436 }
437
Write(std::unique_ptr<apacket> packet)438 bool BlockingConnectionAdapter::Write(std::unique_ptr<apacket> packet) {
439 {
440 std::lock_guard<std::mutex> lock(this->mutex_);
441 write_queue_.emplace_back(std::move(packet));
442 }
443
444 cv_.notify_one();
445 return true;
446 }
447
FdConnection(unique_fd fd)448 FdConnection::FdConnection(unique_fd fd) : fd_(std::move(fd)) {}
449
~FdConnection()450 FdConnection::~FdConnection() {}
451
DispatchRead(void * buf,size_t len)452 bool FdConnection::DispatchRead(void* buf, size_t len) {
453 if (tls_ != nullptr) {
454 // The TlsConnection doesn't allow 0 byte reads
455 if (len == 0) {
456 return true;
457 }
458 return tls_->ReadFully(buf, len);
459 }
460
461 return ReadFdExactly(fd_.get(), buf, len);
462 }
463
DispatchWrite(void * buf,size_t len)464 bool FdConnection::DispatchWrite(void* buf, size_t len) {
465 if (tls_ != nullptr) {
466 // The TlsConnection doesn't allow 0 byte writes
467 if (len == 0) {
468 return true;
469 }
470 return tls_->WriteFully(std::string_view(reinterpret_cast<const char*>(buf), len));
471 }
472
473 return WriteFdExactly(fd_.get(), buf, len);
474 }
475
Read(apacket * packet)476 bool FdConnection::Read(apacket* packet) {
477 if (!DispatchRead(&packet->msg, sizeof(amessage))) {
478 D("remote local: read terminated (message)");
479 return false;
480 }
481
482 if (packet->msg.data_length > MAX_PAYLOAD) {
483 D("remote local: read overflow (data length = %" PRIu32 ")", packet->msg.data_length);
484 return false;
485 }
486
487 packet->payload.resize(packet->msg.data_length);
488
489 if (!DispatchRead(&packet->payload[0], packet->payload.size())) {
490 D("remote local: terminated (data)");
491 return false;
492 }
493
494 return true;
495 }
496
Write(apacket * packet)497 bool FdConnection::Write(apacket* packet) {
498 if (!DispatchWrite(&packet->msg, sizeof(packet->msg))) {
499 D("remote local: write terminated");
500 return false;
501 }
502
503 if (packet->msg.data_length) {
504 if (!DispatchWrite(&packet->payload[0], packet->msg.data_length)) {
505 D("remote local: write terminated");
506 return false;
507 }
508 }
509
510 return true;
511 }
512
DoTlsHandshake(RSA * key,std::string * auth_key)513 bool FdConnection::DoTlsHandshake(RSA* key, std::string* auth_key) {
514 bssl::UniquePtr<EVP_PKEY> evp_pkey(EVP_PKEY_new());
515 if (!EVP_PKEY_set1_RSA(evp_pkey.get(), key)) {
516 LOG(ERROR) << "EVP_PKEY_set1_RSA failed";
517 return false;
518 }
519 auto x509 = GenerateX509Certificate(evp_pkey.get());
520 auto x509_str = X509ToPEMString(x509.get());
521 auto evp_str = Key::ToPEMString(evp_pkey.get());
522
523 int osh = cast_handle_to_int(adb_get_os_handle(fd_));
524 #if ADB_HOST
525 tls_ = TlsConnection::Create(TlsConnection::Role::Client, x509_str, evp_str, osh);
526 #else
527 tls_ = TlsConnection::Create(TlsConnection::Role::Server, x509_str, evp_str, osh);
528 #endif
529 CHECK(tls_);
530 #if ADB_HOST
531 // TLS 1.3 gives the client no message if the server rejected the
532 // certificate. This will enable a check in the tls connection to check
533 // whether the client certificate got rejected. Note that this assumes
534 // that, on handshake success, the server speaks first.
535 tls_->EnableClientPostHandshakeCheck(true);
536 // Add callback to set the certificate when server issues the
537 // CertificateRequest.
538 tls_->SetCertificateCallback(adb_tls_set_certificate);
539 // Allow any server certificate
540 tls_->SetCertVerifyCallback([](X509_STORE_CTX*) { return 1; });
541 #else
542 // Add callback to check certificate against a list of known public keys
543 tls_->SetCertVerifyCallback(
544 [auth_key](X509_STORE_CTX* ctx) { return adbd_tls_verify_cert(ctx, auth_key); });
545 // Add the list of allowed client CA issuers
546 auto ca_list = adbd_tls_client_ca_list();
547 tls_->SetClientCAList(ca_list.get());
548 #endif
549
550 auto err = tls_->DoHandshake();
551 if (err == TlsError::Success) {
552 return true;
553 }
554
555 tls_.reset();
556 return false;
557 }
558
Close()559 void FdConnection::Close() {
560 adb_shutdown(fd_.get());
561 fd_.reset();
562 }
563
send_packet(apacket * p,atransport * t)564 void send_packet(apacket* p, atransport* t) {
565 p->msg.magic = p->msg.command ^ 0xffffffff;
566 // compute a checksum for connection/auth packets for compatibility reasons
567 if (t->get_protocol_version() >= A_VERSION_SKIP_CHECKSUM) {
568 p->msg.data_check = 0;
569 } else {
570 p->msg.data_check = calculate_apacket_checksum(p);
571 }
572
573 VLOG(TRANSPORT) << dump_packet(t->serial.c_str(), "to remote", p);
574
575 if (t == nullptr) {
576 LOG(FATAL) << "Transport is null";
577 }
578
579 if (t->Write(p) != 0) {
580 D("%s: failed to enqueue packet, closing transport", t->serial.c_str());
581 t->Kick();
582 }
583 }
584
kick_transport(atransport * t,bool reset)585 void kick_transport(atransport* t, bool reset) {
586 std::lock_guard<std::recursive_mutex> lock(transport_lock);
587 // As kick_transport() can be called from threads without guarantee that t is valid,
588 // check if the transport is in transport_list first.
589 //
590 // TODO(jmgao): WTF? Is this actually true?
591 if (std::find(transport_list.begin(), transport_list.end(), t) != transport_list.end()) {
592 if (reset) {
593 t->Reset();
594 } else {
595 t->Kick();
596 }
597 }
598
599 #if ADB_HOST
600 reconnect_handler.CheckForKicked();
601 #endif
602 }
603
604 #if ADB_HOST
605
606 /* this adds support required by the 'track-devices' service.
607 * this is used to send the content of "list_transport" to any
608 * number of client connections that want it through a single
609 * live TCP connection
610 */
611 struct device_tracker {
612 asocket socket;
613 bool update_needed = false;
614 TrackerOutputType output_type = SHORT_TEXT;
615 device_tracker* next = nullptr;
616 };
617
618 /* linked list of all device trackers */
619 static device_tracker* device_tracker_list;
620
device_tracker_remove(device_tracker * tracker)621 static void device_tracker_remove(device_tracker* tracker) {
622 device_tracker** pnode = &device_tracker_list;
623 device_tracker* node = *pnode;
624
625 std::lock_guard<std::recursive_mutex> lock(transport_lock);
626 while (node) {
627 if (node == tracker) {
628 *pnode = node->next;
629 break;
630 }
631 pnode = &node->next;
632 node = *pnode;
633 }
634 }
635
device_tracker_close(asocket * socket)636 static void device_tracker_close(asocket* socket) {
637 device_tracker* tracker = (device_tracker*)socket;
638 asocket* peer = socket->peer;
639
640 D("device tracker %p removed", tracker);
641 if (peer) {
642 peer->peer = nullptr;
643 peer->close(peer);
644 }
645 device_tracker_remove(tracker);
646 delete tracker;
647 }
648
device_tracker_enqueue(asocket * socket,apacket::payload_type)649 static int device_tracker_enqueue(asocket* socket, apacket::payload_type) {
650 /* you can't read from a device tracker, close immediately */
651 device_tracker_close(socket);
652 return -1;
653 }
654
device_tracker_send(device_tracker * tracker,const std::string & string)655 static int device_tracker_send(device_tracker* tracker, const std::string& string) {
656 asocket* peer = tracker->socket.peer;
657
658 apacket::payload_type data;
659 data.resize(4 + string.size());
660 char buf[5];
661 snprintf(buf, sizeof(buf), "%04x", static_cast<int>(string.size()));
662 memcpy(&data[0], buf, 4);
663 memcpy(&data[4], string.data(), string.size());
664 return peer->enqueue(peer, std::move(data));
665 }
666
device_tracker_ready(asocket * socket)667 static void device_tracker_ready(asocket* socket) {
668 device_tracker* tracker = reinterpret_cast<device_tracker*>(socket);
669
670 // We want to send the device list when the tracker connects
671 // for the first time, even if no update occurred.
672 if (tracker->update_needed) {
673 tracker->update_needed = false;
674 device_tracker_send(tracker, list_transports(tracker->output_type));
675 }
676 }
677
create_device_tracker(TrackerOutputType output_type)678 asocket* create_device_tracker(TrackerOutputType output_type) {
679 device_tracker* tracker = new device_tracker();
680 if (tracker == nullptr) LOG(FATAL) << "cannot allocate device tracker";
681
682 D("device tracker %p created", tracker);
683
684 tracker->socket.enqueue = device_tracker_enqueue;
685 tracker->socket.ready = device_tracker_ready;
686 tracker->socket.close = device_tracker_close;
687 tracker->update_needed = true;
688 tracker->output_type = output_type;
689
690 tracker->next = device_tracker_list;
691 device_tracker_list = tracker;
692
693 return &tracker->socket;
694 }
695
696 // Check if all of the USB transports are connected.
iterate_transports(std::function<bool (const atransport *)> fn)697 bool iterate_transports(std::function<bool(const atransport*)> fn) {
698 std::lock_guard<std::recursive_mutex> lock(transport_lock);
699 for (const auto& t : transport_list) {
700 if (!fn(t)) {
701 return false;
702 }
703 }
704 for (const auto& t : pending_list) {
705 if (!fn(t)) {
706 return false;
707 }
708 }
709 return true;
710 }
711
712 // Call this function each time the transport list has changed.
update_transports()713 void update_transports() {
714 update_transport_status();
715
716 // Notify `adb track-devices` clients.
717 device_tracker* tracker = device_tracker_list;
718 while (tracker != nullptr) {
719 device_tracker* next = tracker->next;
720 // This may destroy the tracker if the connection is closed.
721 device_tracker_send(tracker, list_transports(tracker->output_type));
722 tracker = next;
723 }
724 }
725
726 #else
727
update_transports()728 void update_transports() {
729 // Nothing to do on the device side.
730 }
731
732 #endif // ADB_HOST
733
fdevent_unregister_transport(atransport * t)734 static void fdevent_unregister_transport(atransport* t) {
735 VLOG(TRANSPORT) << "unregistering transport: " << t->serial;
736
737 {
738 std::lock_guard<std::recursive_mutex> lock(transport_lock);
739 transport_list.remove(t);
740 pending_list.remove(t);
741 }
742
743 delete t;
744
745 update_transports();
746 }
747
fdevent_register_transport(atransport * t)748 static void fdevent_register_transport(atransport* t) {
749 auto state = to_string(t->GetConnectionState());
750 VLOG(TRANSPORT) << "registering: " << t->serial.c_str() << " state=" << state
751 << " type=" << t->type;
752
753 /* don't create transport threads for inaccessible devices */
754 if (t->GetConnectionState() != kCsNoPerm) {
755 t->connection()->SetTransport(t);
756
757 #if ADB_HOST
758 if (t->type == kTransportUsb &&
759 attached_devices.ShouldStartDetached(*t->connection().get())) {
760 VLOG(TRANSPORT) << "Force-detaching transport:" << t->serial;
761 t->SetConnectionState(kCsDetached);
762 }
763
764 VLOG(TRANSPORT) << "transport:" << t->serial << "(" << state << ")";
765 if (t->GetConnectionState() != kCsDetached) {
766 VLOG(TRANSPORT) << "Starting transport:" << t->serial;
767 if (t->connection()->Start()) {
768 send_connect(t);
769 } else {
770 VLOG(TRANSPORT) << "transport:" << t->serial << " failed to start.";
771 return;
772 }
773 }
774 #else
775 VLOG(TRANSPORT) << "Starting transport:" << t->serial;
776 t->connection()->Start();
777 #endif
778 }
779
780 {
781 std::lock_guard<std::recursive_mutex> lock(transport_lock);
782 auto it = std::find(pending_list.begin(), pending_list.end(), t);
783 if (it != pending_list.end()) {
784 pending_list.remove(t);
785 transport_list.push_front(t);
786 }
787 }
788
789 update_transports();
790 }
791
792 #if ADB_HOST
init_reconnect_handler()793 void init_reconnect_handler() {
794 reconnect_handler.Start();
795 }
796 #endif
797
kick_all_transports()798 void kick_all_transports() {
799 #if ADB_HOST
800 reconnect_handler.Stop();
801 #endif
802 // To avoid only writing part of a packet to a transport after exit, kick all transports.
803 std::lock_guard<std::recursive_mutex> lock(transport_lock);
804 for (auto t : transport_list) {
805 t->Kick();
806 }
807 }
808
kick_all_tcp_tls_transports()809 void kick_all_tcp_tls_transports() {
810 std::lock_guard<std::recursive_mutex> lock(transport_lock);
811 for (auto t : transport_list) {
812 if (t->IsTcpDevice() && t->use_tls) {
813 t->Kick();
814 }
815 }
816 }
817
818 #if !ADB_HOST
kick_all_transports_by_auth_key(std::string_view auth_key)819 void kick_all_transports_by_auth_key(std::string_view auth_key) {
820 std::lock_guard<std::recursive_mutex> lock(transport_lock);
821 for (auto t : transport_list) {
822 if (auth_key == t->auth_key) {
823 t->Kick();
824 }
825 }
826 }
827 #endif
828
register_transport(atransport * transport)829 void register_transport(atransport* transport) {
830 fdevent_run_on_looper([=]() { fdevent_register_transport(transport); });
831 }
832
remove_transport(atransport * transport)833 static void remove_transport(atransport* transport) {
834 fdevent_run_on_looper([=]() { fdevent_unregister_transport(transport); });
835 }
836
transport_destroy(atransport * t)837 static void transport_destroy(atransport* t) {
838 fdevent_check_looper();
839 CHECK(t != nullptr);
840
841 std::lock_guard<std::recursive_mutex> lock(transport_lock);
842 VLOG(TRANSPORT) << "destroying transport " << t->serial_name();
843 t->connection()->Stop();
844 #if ADB_HOST
845 if (t->IsTcpDevice() && !t->kicked()) {
846 D("transport: %s destroy (attempting reconnection)", t->serial.c_str());
847
848 // We need to clear the transport's keys, so that on the next connection, it tries
849 // again from the beginning.
850 t->ResetKeys();
851 reconnect_handler.TrackTransport(t);
852 return;
853 }
854 #endif
855
856 D("transport: %s destroy (kicking and closing)", t->serial.c_str());
857 remove_transport(t);
858 }
859
860 #if ADB_HOST
qual_match(const std::string & to_test,const char * prefix,const std::string & qual,bool sanitize_qual)861 static int qual_match(const std::string& to_test, const char* prefix, const std::string& qual,
862 bool sanitize_qual) {
863 if (to_test.empty()) /* Return true if both the qual and to_test are empty strings. */
864 return qual.empty();
865
866 if (qual.empty()) return 0;
867
868 const char* ptr = to_test.c_str();
869 if (prefix) {
870 while (*prefix) {
871 if (*prefix++ != *ptr++) return 0;
872 }
873 }
874
875 for (char ch : qual) {
876 if (sanitize_qual && !isalnum(ch)) ch = '_';
877 if (ch != *ptr++) return 0;
878 }
879
880 /* Everything matched so far. Return true if *ptr is a NUL. */
881 return !*ptr;
882 }
883
884 // Contains either a device serial string or a USB device address like "usb:2-6"
885 const char* __transport_server_one_device = nullptr;
886
transport_set_one_device(const char * adb_one_device)887 void transport_set_one_device(const char* adb_one_device) {
888 __transport_server_one_device = adb_one_device;
889 }
890
transport_get_one_device()891 const char* transport_get_one_device() {
892 return __transport_server_one_device;
893 }
894
transport_server_owns_device(std::string_view serial)895 bool transport_server_owns_device(std::string_view serial) {
896 if (!__transport_server_one_device) {
897 // If the server doesn't own one device, server owns all devices.
898 return true;
899 }
900 return serial.compare(__transport_server_one_device) == 0;
901 }
902
transport_server_owns_device(std::string_view dev_path,std::string_view serial)903 bool transport_server_owns_device(std::string_view dev_path, std::string_view serial) {
904 if (!__transport_server_one_device) {
905 // If the server doesn't own one device, server owns all devices.
906 return true;
907 }
908 return serial.compare(__transport_server_one_device) == 0 ||
909 dev_path.compare(__transport_server_one_device) == 0;
910 }
911
acquire_one_transport(TransportType type,const char * serial,TransportId transport_id,bool * is_ambiguous,std::string * error_out,bool accept_any_state)912 atransport* acquire_one_transport(TransportType type, const char* serial, TransportId transport_id,
913 bool* is_ambiguous, std::string* error_out,
914 bool accept_any_state) {
915 atransport* result = nullptr;
916
917 if (transport_id != 0) {
918 *error_out = android::base::StringPrintf("no device with transport id '%" PRIu64 "'",
919 transport_id);
920 } else if (serial) {
921 *error_out = android::base::StringPrintf("device '%s' not found", serial);
922 } else if (type == kTransportLocal) {
923 *error_out = "no emulators found";
924 } else if (type == kTransportAny) {
925 *error_out = "no devices/emulators found";
926 } else {
927 *error_out = "no devices found";
928 }
929
930 std::unique_lock<std::recursive_mutex> lock(transport_lock);
931 for (const auto& t : transport_list) {
932 if (t->GetConnectionState() == kCsNoPerm) {
933 *error_out = UsbNoPermissionsLongHelpText();
934 continue;
935 }
936
937 if (transport_id) {
938 if (t->id == transport_id) {
939 result = t;
940 break;
941 }
942 } else if (serial) {
943 if (t->MatchesTarget(serial)) {
944 if (result) {
945 *error_out = "more than one device with serial "s + serial;
946 if (is_ambiguous) *is_ambiguous = true;
947 result = nullptr;
948 break;
949 }
950 result = t;
951 }
952 } else {
953 if (type == kTransportUsb && t->type == kTransportUsb) {
954 if (result) {
955 *error_out = "more than one USB device";
956 if (is_ambiguous) *is_ambiguous = true;
957 result = nullptr;
958 break;
959 }
960 result = t;
961 } else if (type == kTransportLocal && t->type == kTransportLocal) {
962 if (result) {
963 *error_out = "more than one emulator";
964 if (is_ambiguous) *is_ambiguous = true;
965 result = nullptr;
966 break;
967 }
968 result = t;
969 } else if (type == kTransportAny) {
970 if (result) {
971 *error_out = "more than one device/emulator";
972 if (is_ambiguous) *is_ambiguous = true;
973 result = nullptr;
974 break;
975 }
976 result = t;
977 }
978 }
979 }
980 lock.unlock();
981
982 if (result && !accept_any_state) {
983 // The caller requires an active transport.
984 // Make sure that we're actually connected.
985 ConnectionState state = result->GetConnectionState();
986 switch (state) {
987 case kCsConnecting:
988 *error_out = "device still connecting";
989 result = nullptr;
990 break;
991
992 case kCsAuthorizing:
993 *error_out = "device still authorizing";
994 result = nullptr;
995 break;
996
997 case kCsUnauthorized: {
998 *error_out = "device unauthorized.\n";
999 char* ADB_VENDOR_KEYS = getenv("ADB_VENDOR_KEYS");
1000 *error_out += "This adb server's $ADB_VENDOR_KEYS is ";
1001 *error_out += ADB_VENDOR_KEYS ? ADB_VENDOR_KEYS : "not set";
1002 *error_out += "\n";
1003 *error_out += "Try 'adb kill-server' if that seems wrong.\n";
1004 *error_out += "Otherwise check for a confirmation dialog on your device.";
1005 result = nullptr;
1006 break;
1007 }
1008
1009 case kCsOffline:
1010 *error_out = "device offline";
1011 result = nullptr;
1012 break;
1013
1014 default:
1015 break;
1016 }
1017 }
1018
1019 if (result) {
1020 *error_out = "success";
1021 }
1022
1023 return result;
1024 }
1025
WaitForConnection(std::chrono::milliseconds timeout)1026 bool ConnectionWaitable::WaitForConnection(std::chrono::milliseconds timeout) {
1027 std::unique_lock<std::mutex> lock(mutex_);
1028 ScopedLockAssertion assume_locked(mutex_);
1029 return cv_.wait_for(lock, timeout, [&]() REQUIRES(mutex_) {
1030 return connection_established_ready_;
1031 }) && connection_established_;
1032 }
1033
SetConnectionEstablished(bool success)1034 void ConnectionWaitable::SetConnectionEstablished(bool success) {
1035 {
1036 std::lock_guard<std::mutex> lock(mutex_);
1037 if (connection_established_ready_) return;
1038 connection_established_ready_ = true;
1039 connection_established_ = success;
1040 D("connection established with %d", success);
1041 }
1042 cv_.notify_one();
1043 }
1044 #endif
1045
~atransport()1046 atransport::~atransport() {
1047 #if ADB_HOST
1048 // If the connection callback had not been run before, run it now.
1049 SetConnectionEstablished(false);
1050 #endif
1051 }
1052
Write(apacket * p)1053 int atransport::Write(apacket* p) {
1054 return this->connection()->Write(std::unique_ptr<apacket>(p)) ? 0 : -1;
1055 }
1056
Reset()1057 void atransport::Reset() {
1058 if (!kicked_.exchange(true)) {
1059 LOG(INFO) << "resetting transport " << this << " " << this->serial;
1060 this->connection()->Reset();
1061 }
1062 }
1063
Kick()1064 void atransport::Kick() {
1065 if (!kicked_.exchange(true)) {
1066 LOG(INFO) << "kicking transport " << this << " " << this->serial;
1067 this->connection()->Stop();
1068 }
1069 }
1070
GetConnectionState() const1071 ConnectionState atransport::GetConnectionState() const {
1072 return connection_state_;
1073 }
1074
SetConnectionState(ConnectionState state)1075 void atransport::SetConnectionState(ConnectionState state) {
1076 fdevent_check_looper();
1077 connection_state_ = state;
1078 update_transports();
1079 }
1080
1081 #if ADB_HOST
Attach(std::string * error)1082 bool atransport::Attach(std::string* error) {
1083 D("%s: attach", serial.c_str());
1084 fdevent_check_looper();
1085
1086 {
1087 std::lock_guard<std::mutex> lock(mutex_);
1088 if (!connection_->SupportsDetach()) {
1089 *error = "attach/detach not supported";
1090 return false;
1091 }
1092 }
1093
1094 if (GetConnectionState() != ConnectionState::kCsDetached) {
1095 *error = android::base::StringPrintf("transport %s is not detached", serial.c_str());
1096 return false;
1097 }
1098
1099 ResetKeys();
1100
1101 {
1102 std::lock_guard<std::mutex> lock(mutex_);
1103 if (!connection_->Attach(error)) {
1104 return false;
1105 }
1106 }
1107
1108 send_connect(this);
1109 return true;
1110 }
1111
Detach(std::string * error)1112 bool atransport::Detach(std::string* error) {
1113 D("%s: detach", serial.c_str());
1114 fdevent_check_looper();
1115
1116 {
1117 std::lock_guard<std::mutex> lock(mutex_);
1118 if (!connection_->SupportsDetach()) {
1119 *error = "attach/detach not supported!";
1120 return false;
1121 }
1122 }
1123
1124 if (GetConnectionState() == ConnectionState::kCsDetached) {
1125 *error = android::base::StringPrintf("transport %s is already detached", serial.c_str());
1126 return false;
1127 }
1128
1129 handle_offline(this);
1130
1131 {
1132 std::lock_guard<std::mutex> lock(mutex_);
1133 if (!connection_->Detach(error)) {
1134 return false;
1135 }
1136 }
1137
1138 this->SetConnectionState(kCsDetached);
1139 return true;
1140 }
1141 #endif // ADB_HOST
1142
SetConnection(std::shared_ptr<Connection> connection)1143 void atransport::SetConnection(std::shared_ptr<Connection> connection) {
1144 std::lock_guard<std::mutex> lock(mutex_);
1145 connection_ = std::shared_ptr<Connection>(std::move(connection));
1146 }
1147
HandleRead(std::unique_ptr<apacket> p)1148 bool atransport::HandleRead(std::unique_ptr<apacket> p) {
1149 if (!check_header(p.get(), this)) {
1150 D("%s: remote read: bad header", serial.c_str());
1151 return false;
1152 }
1153
1154 VLOG(TRANSPORT) << dump_packet(serial.c_str(), "from remote", p.get());
1155 apacket* packet = p.release();
1156
1157 // This needs to run on the looper thread since the associated fdevent
1158 // message pump exists in that context.
1159 fdevent_run_on_looper([packet, this]() { handle_packet(packet, this); });
1160
1161 return true;
1162 }
1163
HandleError(const std::string & error)1164 void atransport::HandleError(const std::string& error) {
1165 LOG(INFO) << serial_name() << ": connection terminated: " << error;
1166 fdevent_run_on_looper([this]() {
1167 handle_offline(this);
1168 transport_destroy(this);
1169 });
1170 }
1171
update_version(int version,size_t payload)1172 void atransport::update_version(int version, size_t payload) {
1173 protocol_version = std::min(version, A_VERSION);
1174 max_payload = std::min(payload, MAX_PAYLOAD);
1175 }
1176
get_protocol_version() const1177 int atransport::get_protocol_version() const {
1178 return protocol_version;
1179 }
1180
get_tls_version() const1181 int atransport::get_tls_version() const {
1182 return tls_version;
1183 }
1184
get_max_payload() const1185 size_t atransport::get_max_payload() const {
1186 return max_payload;
1187 }
1188
1189 #if ADB_HOST
burst_mode_enabled()1190 bool burst_mode_enabled() {
1191 static const char* env = getenv("ADB_BURST_MODE");
1192 static bool result = env && strcmp(env, "1") == 0;
1193 return result;
1194 }
1195 #endif
1196
supported_features()1197 const FeatureSet& supported_features() {
1198 static const android::base::NoDestructor<FeatureSet> features([]() {
1199 // Increment ADB_SERVER_VERSION when adding a feature that adbd needs
1200 // to know about. Otherwise, the client can be stuck running an old
1201 // version of the server even after upgrading their copy of adb.
1202 // (http://b/24370690)
1203
1204 // clang-format off
1205 FeatureSet result {
1206 kFeatureShell2,
1207 kFeatureCmd,
1208 kFeatureStat2,
1209 kFeatureLs2,
1210 kFeatureFixedPushMkdir,
1211 kFeatureApex,
1212 kFeatureAbb,
1213 kFeatureFixedPushSymlinkTimestamp,
1214 kFeatureAbbExec,
1215 kFeatureRemountShell,
1216 kFeatureTrackApp,
1217 kFeatureSendRecv2,
1218 kFeatureSendRecv2Brotli,
1219 kFeatureSendRecv2LZ4,
1220 kFeatureSendRecv2Zstd,
1221 kFeatureSendRecv2DryRunSend,
1222 kFeatureOpenscreenMdns,
1223 kFeatureDeviceTrackerProtoFormat,
1224 kFeatureDevRaw,
1225 kFeatureAppInfo,
1226 kFeatureServerStatus,
1227 };
1228 // clang-format on
1229
1230 #if ADB_HOST
1231 if (burst_mode_enabled()) {
1232 result.push_back(kFeatureDelayedAck);
1233 }
1234 #else
1235 result.push_back(kFeatureDelayedAck);
1236 #endif
1237 return result;
1238 }());
1239
1240 return *features;
1241 }
1242
FeatureSetToString(const FeatureSet & features)1243 std::string FeatureSetToString(const FeatureSet& features) {
1244 return android::base::Join(features, ',');
1245 }
1246
StringToFeatureSet(const std::string & features_string)1247 FeatureSet StringToFeatureSet(const std::string& features_string) {
1248 if (features_string.empty()) {
1249 return FeatureSet();
1250 }
1251
1252 return android::base::Split(features_string, ",");
1253 }
1254
1255 template <class Range, class Value>
contains(const Range & r,const Value & v)1256 static bool contains(const Range& r, const Value& v) {
1257 return std::find(std::begin(r), std::end(r), v) != std::end(r);
1258 }
1259
CanUseFeature(const FeatureSet & feature_set,const std::string & feature)1260 bool CanUseFeature(const FeatureSet& feature_set, const std::string& feature) {
1261 return contains(feature_set, feature) && contains(supported_features(), feature);
1262 }
1263
has_feature(const std::string & feature) const1264 bool atransport::has_feature(const std::string& feature) const {
1265 return contains(features_, feature);
1266 }
1267
SetFeatures(const std::string & features_string)1268 void atransport::SetFeatures(const std::string& features_string) {
1269 features_ = StringToFeatureSet(features_string);
1270 delayed_ack_ = CanUseFeature(features_, kFeatureDelayedAck);
1271 }
1272
AddDisconnect(adisconnect * disconnect)1273 void atransport::AddDisconnect(adisconnect* disconnect) {
1274 disconnects_.push_back(disconnect);
1275 }
1276
RemoveDisconnect(adisconnect * disconnect)1277 void atransport::RemoveDisconnect(adisconnect* disconnect) {
1278 disconnects_.remove(disconnect);
1279 }
1280
RunDisconnects()1281 void atransport::RunDisconnects() {
1282 for (const auto& disconnect : disconnects_) {
1283 disconnect->func(disconnect->opaque, this);
1284 }
1285 disconnects_.clear();
1286 }
1287
1288 #if ADB_HOST
MatchesTarget(const std::string & target) const1289 bool atransport::MatchesTarget(const std::string& target) const {
1290 if (!serial.empty()) {
1291 if (target == serial) {
1292 return true;
1293 } else if (type == kTransportLocal) {
1294 // Local transports can match [tcp:|udp:]<hostname>[:port].
1295 const char* local_target_ptr = target.c_str();
1296
1297 // For fastboot compatibility, ignore protocol prefixes.
1298 if (android::base::StartsWith(target, "tcp:") ||
1299 android::base::StartsWith(target, "udp:")) {
1300 local_target_ptr += 4;
1301 }
1302
1303 // Parse our |serial| and the given |target| to check if the hostnames and ports match.
1304 std::string serial_host, error;
1305 int serial_port = -1;
1306 if (android::base::ParseNetAddress(serial, &serial_host, &serial_port, nullptr,
1307 &error)) {
1308 // |target| may omit the port to default to ours.
1309 std::string target_host;
1310 int target_port = serial_port;
1311 if (android::base::ParseNetAddress(local_target_ptr, &target_host, &target_port,
1312 nullptr, &error) &&
1313 serial_host == target_host && serial_port == target_port) {
1314 return true;
1315 }
1316 }
1317 }
1318 }
1319
1320 return (target == devpath) || qual_match(target, "product:", product, false) ||
1321 qual_match(target, "model:", model, true) ||
1322 qual_match(target, "device:", device, false);
1323 }
1324
SetConnectionEstablished(bool success)1325 void atransport::SetConnectionEstablished(bool success) {
1326 connection_waitable_->SetConnectionEstablished(success);
1327 }
1328
Reconnect()1329 ReconnectResult atransport::Reconnect() {
1330 return reconnect_(this);
1331 }
1332
1333 // We use newline as our delimiter, make sure to never output it.
sanitize(std::string str,bool alphanumeric)1334 static std::string sanitize(std::string str, bool alphanumeric) {
1335 auto pred = alphanumeric ? [](const char c) { return !isalnum(c); }
1336 : [](const char c) { return c == '\n'; };
1337 std::replace_if(str.begin(), str.end(), pred, '_');
1338 return str;
1339 }
1340
adbStateFromProto(ConnectionState state)1341 static adb::proto::ConnectionState adbStateFromProto(ConnectionState state) {
1342 switch (state) {
1343 case kCsConnecting:
1344 return adb::proto::ConnectionState::CONNECTING;
1345 case kCsAuthorizing:
1346 return adb::proto::ConnectionState::AUTHORIZING;
1347 case kCsUnauthorized:
1348 return adb::proto::ConnectionState::UNAUTHORIZED;
1349 case kCsNoPerm:
1350 return adb::proto::ConnectionState::NOPERMISSION;
1351 case kCsDetached:
1352 return adb::proto::ConnectionState::DETACHED;
1353 case kCsOffline:
1354 return adb::proto::ConnectionState::OFFLINE;
1355 case kCsBootloader:
1356 return adb::proto::ConnectionState::BOOTLOADER;
1357 case kCsDevice:
1358 return adb::proto::ConnectionState::DEVICE;
1359 case kCsHost:
1360 return adb::proto::ConnectionState::HOST;
1361 case kCsRecovery:
1362 return adb::proto::ConnectionState::RECOVERY;
1363 case kCsSideload:
1364 return adb::proto::ConnectionState::SIDELOAD;
1365 case kCsRescue:
1366 return adb::proto::ConnectionState::RESCUE;
1367 case kCsAny:
1368 return adb::proto::ConnectionState::ANY;
1369 }
1370 }
1371
transportListToProto(const std::list<atransport * > & sorted_transport_list,bool text_version)1372 static std::string transportListToProto(const std::list<atransport*>& sorted_transport_list,
1373 bool text_version) {
1374 adb::proto::Devices devices;
1375 for (const auto& t : sorted_transport_list) {
1376 auto* device = devices.add_device();
1377 device->set_serial(t->serial.c_str());
1378 device->set_connection_type(t->type == kTransportUsb ? adb::proto::ConnectionType::USB
1379 : adb::proto::ConnectionType::SOCKET);
1380 device->set_state(adbStateFromProto(t->GetConnectionState()));
1381 device->set_bus_address(sanitize(t->devpath, false));
1382 device->set_product(sanitize(t->product, false));
1383 device->set_model(sanitize(t->model, true));
1384 device->set_device(sanitize(t->device, false));
1385 device->set_negotiated_speed(t->connection()->NegotiatedSpeedMbps());
1386 device->set_max_speed(t->connection()->MaxSpeedMbps());
1387 device->set_transport_id(t->id);
1388 }
1389
1390 std::string proto;
1391 if (text_version) {
1392 google::protobuf::TextFormat::PrintToString(devices, &proto);
1393 } else {
1394 devices.SerializeToString(&proto);
1395 }
1396 return proto;
1397 }
1398
append_transport_info(std::string * result,const char * key,const std::string & value,bool alphanumeric)1399 static void append_transport_info(std::string* result, const char* key, const std::string& value,
1400 bool alphanumeric) {
1401 if (value.empty()) {
1402 return;
1403 }
1404
1405 *result += ' ';
1406 *result += key;
1407 *result += sanitize(value, alphanumeric);
1408 }
1409
append_transport(const atransport * t,std::string * result,bool long_listing)1410 static void append_transport(const atransport* t, std::string* result, bool long_listing) {
1411 std::string serial = t->serial;
1412 if (serial.empty()) {
1413 serial = "(no serial number)";
1414 }
1415
1416 if (!long_listing) {
1417 *result += serial;
1418 *result += '\t';
1419 *result += to_string(t->GetConnectionState());
1420 } else {
1421 android::base::StringAppendF(result, "%-22s %s", serial.c_str(),
1422 to_string(t->GetConnectionState()).c_str());
1423
1424 append_transport_info(result, "", t->devpath, false);
1425 append_transport_info(result, "product:", t->product, false);
1426 append_transport_info(result, "model:", t->model, true);
1427 append_transport_info(result, "device:", t->device, false);
1428
1429 // Put id at the end, so that anyone parsing the output here can always find it by scanning
1430 // backwards from newlines, even with hypothetical devices named 'transport_id:1'.
1431 *result += " transport_id:";
1432 *result += std::to_string(t->id);
1433 }
1434 *result += '\n';
1435 }
1436
transportListToText(const std::list<atransport * > & sorted_transport_list,bool long_listing)1437 static std::string transportListToText(const std::list<atransport*>& sorted_transport_list,
1438 bool long_listing) {
1439 std::string result;
1440 for (const auto& t : sorted_transport_list) {
1441 append_transport(t, &result, long_listing);
1442 }
1443 return result;
1444 }
1445
list_transports(TrackerOutputType outputType)1446 std::string list_transports(TrackerOutputType outputType) {
1447 std::lock_guard<std::recursive_mutex> lock(transport_lock);
1448
1449 auto sorted_transport_list = transport_list;
1450 sorted_transport_list.sort([](atransport*& x, atransport*& y) {
1451 if (x->type != y->type) {
1452 return x->type < y->type;
1453 }
1454 return x->serial < y->serial;
1455 });
1456
1457 switch (outputType) {
1458 case SHORT_TEXT:
1459 case LONG_TEXT: {
1460 return transportListToText(sorted_transport_list, outputType == LONG_TEXT);
1461 }
1462 case PROTOBUF:
1463 case TEXT_PROTOBUF: {
1464 return transportListToProto(sorted_transport_list, outputType == TEXT_PROTOBUF);
1465 }
1466 }
1467 }
1468
close_usb_devices(std::function<bool (const atransport *)> predicate,bool reset)1469 void close_usb_devices(std::function<bool(const atransport*)> predicate, bool reset) {
1470 std::lock_guard<std::recursive_mutex> lock(transport_lock);
1471 for (auto& t : transport_list) {
1472 if (predicate(t)) {
1473 if (reset) {
1474 t->Reset();
1475 } else {
1476 t->Kick();
1477 }
1478 }
1479 }
1480 }
1481
1482 /* hack for osx */
close_usb_devices(bool reset)1483 void close_usb_devices(bool reset) {
1484 close_usb_devices([](const atransport*) { return true; }, reset);
1485 }
1486 #endif
1487
validate_transport_list(const std::list<atransport * > & list,const std::string & serial,atransport * t,int * error)1488 bool validate_transport_list(const std::list<atransport*>& list, const std::string& serial,
1489 atransport* t, int* error) {
1490 for (const auto& transport : list) {
1491 if (serial == transport->serial) {
1492 const std::string list_name(&list == &pending_list ? "pending" : "transport");
1493 VLOG(TRANSPORT) << "socket transport " << transport->serial << " is already in the "
1494 << list_name << " list and fails to register";
1495 delete t;
1496 if (error) *error = EALREADY;
1497 return false;
1498 }
1499 }
1500 return true;
1501 }
1502
register_socket_transport(unique_fd s,std::string serial,int port,bool is_emulator,atransport::ReconnectCallback reconnect,bool use_tls,int * error)1503 bool register_socket_transport(unique_fd s, std::string serial, int port, bool is_emulator,
1504 atransport::ReconnectCallback reconnect, bool use_tls, int* error) {
1505 atransport* t = new atransport(kTransportLocal, std::move(reconnect), kCsOffline);
1506 t->use_tls = use_tls;
1507 t->serial = std::move(serial);
1508
1509 D("transport: %s init'ing for socket %d, on port %d", t->serial.c_str(), s.get(), port);
1510 if (init_socket_transport(t, std::move(s), port, is_emulator) < 0) {
1511 delete t;
1512 if (error) *error = errno;
1513 return false;
1514 }
1515
1516 std::unique_lock<std::recursive_mutex> lock(transport_lock);
1517 if (!validate_transport_list(pending_list, t->serial, t, error)) {
1518 return false;
1519 }
1520
1521 if (!validate_transport_list(transport_list, t->serial, t, error)) {
1522 return false;
1523 }
1524
1525 pending_list.push_front(t);
1526
1527 lock.unlock();
1528
1529 #if ADB_HOST
1530 auto waitable = t->connection_waitable();
1531 #endif
1532 register_transport(t);
1533
1534 if (is_emulator) {
1535 return true;
1536 }
1537
1538 #if ADB_HOST
1539 if (!waitable->WaitForConnection(std::chrono::seconds(10))) {
1540 if (error) *error = ETIMEDOUT;
1541 return false;
1542 }
1543
1544 if (t->GetConnectionState() == kCsUnauthorized) {
1545 if (error) *error = EPERM;
1546 return false;
1547 }
1548 #endif
1549
1550 return true;
1551 }
1552
1553 #if ADB_HOST
find_transport(const char * serial)1554 atransport* find_transport(const char* serial) {
1555 atransport* result = nullptr;
1556
1557 std::lock_guard<std::recursive_mutex> lock(transport_lock);
1558 for (auto& t : transport_list) {
1559 if (strcmp(serial, t->serial.c_str()) == 0) {
1560 result = t;
1561 break;
1562 }
1563 }
1564
1565 return result;
1566 }
1567
kick_all_tcp_devices()1568 void kick_all_tcp_devices() {
1569 std::lock_guard<std::recursive_mutex> lock(transport_lock);
1570 for (auto& t : transport_list) {
1571 if (t->IsTcpDevice()) {
1572 // Kicking breaks the read_transport thread of this transport out of any read, then
1573 // the read_transport thread will notify the main thread to make this transport
1574 // offline. Then the main thread will notify the write_transport thread to exit.
1575 // Finally, this transport will be closed and freed in the main thread.
1576 t->Kick();
1577 }
1578 }
1579 reconnect_handler.CheckForKicked();
1580 }
1581
1582 #if ADB_HOST
register_libusb_transport(std::shared_ptr<Connection> connection,const char * serial,const char * devpath,unsigned writeable)1583 void register_libusb_transport(std::shared_ptr<Connection> connection, const char* serial,
1584 const char* devpath, unsigned writeable) {
1585 atransport* t = new atransport(kTransportUsb, writeable ? kCsOffline : kCsNoPerm);
1586 if (serial) {
1587 t->serial = serial;
1588 }
1589 if (devpath) {
1590 t->devpath = devpath;
1591 }
1592
1593 t->SetConnection(std::move(connection));
1594
1595 {
1596 std::lock_guard<std::recursive_mutex> lock(transport_lock);
1597 pending_list.push_front(t);
1598 }
1599
1600 register_transport(t);
1601 }
1602
register_usb_transport(usb_handle * usb,const char * serial,const char * devpath,unsigned writeable)1603 void register_usb_transport(usb_handle* usb, const char* serial, const char* devpath,
1604 unsigned writeable) {
1605 atransport* t = new atransport(kTransportUsb, writeable ? kCsOffline : kCsNoPerm);
1606
1607 D("transport: %p init'ing for usb_handle %p (sn='%s')", t, usb, serial ? serial : "");
1608 init_usb_transport(t, usb);
1609 if (serial) {
1610 t->serial = serial;
1611 }
1612
1613 if (devpath) {
1614 t->devpath = devpath;
1615 }
1616
1617 {
1618 std::lock_guard<std::recursive_mutex> lock(transport_lock);
1619 pending_list.push_front(t);
1620 }
1621
1622 register_transport(t);
1623 }
1624
1625 // This should only be used for transports with connection_state == kCsNoPerm.
unregister_usb_transport(usb_handle * usb)1626 void unregister_usb_transport(usb_handle* usb) {
1627 std::lock_guard<std::recursive_mutex> lock(transport_lock);
1628 transport_list.remove_if([usb](atransport* t) {
1629 return t->GetUsbHandle() == usb && t->GetConnectionState() == kCsNoPerm;
1630 });
1631 }
1632 #endif
1633
1634 // Track reverse:forward commands, so that info can be used to develop
1635 // an 'allow-list':
1636 // - adb reverse tcp:<device_port> localhost:<host_port> : responds with the
1637 // device_port
1638 // - adb reverse --remove tcp:<device_port> : responds OKAY
1639 // - adb reverse --remove-all : responds OKAY
UpdateReverseConfig(std::string_view service_addr)1640 void atransport::UpdateReverseConfig(std::string_view service_addr) {
1641 fdevent_check_looper();
1642 if (!android::base::ConsumePrefix(&service_addr, "reverse:")) {
1643 return;
1644 }
1645
1646 if (android::base::ConsumePrefix(&service_addr, "forward:")) {
1647 // forward:[norebind:]<remote>;<local>
1648 bool norebind = android::base::ConsumePrefix(&service_addr, "norebind:");
1649 auto it = service_addr.find(';');
1650 if (it == std::string::npos) {
1651 return;
1652 }
1653 std::string remote(service_addr.substr(0, it));
1654
1655 if (norebind && reverse_forwards_.contains(remote)) {
1656 // This will fail, don't update the map.
1657 LOG(DEBUG) << "ignoring reverse forward that will fail due to norebind";
1658 return;
1659 }
1660
1661 std::string local(service_addr.substr(it + 1));
1662 reverse_forwards_[remote] = local;
1663 } else if (android::base::ConsumePrefix(&service_addr, "killforward:")) {
1664 // kill-forward:<remote>
1665 auto it = service_addr.find(';');
1666 if (it != std::string::npos) {
1667 return;
1668 }
1669 reverse_forwards_.erase(std::string(service_addr));
1670 } else if (service_addr == "killforward-all") {
1671 reverse_forwards_.clear();
1672 } else if (service_addr == "list-forward") {
1673 LOG(DEBUG) << __func__ << " ignoring --list";
1674 } else { // Anything else we need to know about?
1675 LOG(FATAL) << "unhandled reverse service: " << service_addr;
1676 }
1677 }
1678
1679 // Is this an authorized :connect request?
IsReverseConfigured(const std::string & local_addr)1680 bool atransport::IsReverseConfigured(const std::string& local_addr) {
1681 fdevent_check_looper();
1682 for (const auto& [remote, local] : reverse_forwards_) {
1683 if (local == local_addr) {
1684 return true;
1685 }
1686 }
1687 return false;
1688 }
1689
1690 #endif
1691
check_header(apacket * p,atransport * t)1692 bool check_header(apacket* p, atransport* t) {
1693 if (p->msg.magic != (p->msg.command ^ 0xffffffff)) {
1694 VLOG(RWX) << "check_header(): invalid magic command = " << std::hex << p->msg.command
1695 << ", magic = " << p->msg.magic;
1696 return false;
1697 }
1698
1699 if (p->msg.data_length > t->get_max_payload()) {
1700 VLOG(RWX) << "check_header(): " << p->msg.data_length
1701 << " atransport::max_payload = " << t->get_max_payload();
1702 return false;
1703 }
1704
1705 return true;
1706 }
1707
1708 #if ADB_HOST
Key()1709 std::shared_ptr<RSA> atransport::Key() {
1710 if (keys_.empty()) {
1711 return nullptr;
1712 }
1713
1714 std::shared_ptr<RSA> result = keys_[0];
1715 return result;
1716 }
1717
NextKey()1718 std::shared_ptr<RSA> atransport::NextKey() {
1719 if (keys_.empty()) {
1720 LOG(INFO) << "fetching keys for transport " << this->serial_name();
1721 keys_ = adb_auth_get_private_keys();
1722
1723 // We should have gotten at least one key: the one that's automatically generated.
1724 CHECK(!keys_.empty());
1725 } else {
1726 keys_.pop_front();
1727 }
1728
1729 return Key();
1730 }
1731
ResetKeys()1732 void atransport::ResetKeys() {
1733 keys_.clear();
1734 }
1735 #endif
1736