• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2007 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <stdio.h>
18 #include <stdlib.h>
19 #include <string.h>
20 #include <errno.h>
21 
22 #include "sysdeps.h"
23 #include <sys/types.h>
24 
25 #define  TRACE_TAG  TRACE_TRANSPORT
26 #include "adb.h"
27 
28 #ifdef HAVE_BIG_ENDIAN
29 #define H4(x)	(((x) & 0xFF000000) >> 24) | (((x) & 0x00FF0000) >> 8) | (((x) & 0x0000FF00) << 8) | (((x) & 0x000000FF) << 24)
fix_endians(apacket * p)30 static inline void fix_endians(apacket *p)
31 {
32     p->msg.command     = H4(p->msg.command);
33     p->msg.arg0        = H4(p->msg.arg0);
34     p->msg.arg1        = H4(p->msg.arg1);
35     p->msg.data_length = H4(p->msg.data_length);
36     p->msg.data_check  = H4(p->msg.data_check);
37     p->msg.magic       = H4(p->msg.magic);
38 }
39 #else
40 #define fix_endians(p) do {} while (0)
41 #endif
42 
43 #if ADB_HOST
44 /* we keep a list of opened transports. The atransport struct knows to which
45  * local transport it is connected. The list is used to detect when we're
46  * trying to connect twice to a given local transport.
47  */
48 #define  ADB_LOCAL_TRANSPORT_MAX  16
49 
50 ADB_MUTEX_DEFINE( local_transports_lock );
51 
52 static atransport*  local_transports[ ADB_LOCAL_TRANSPORT_MAX ];
53 #endif /* ADB_HOST */
54 
remote_read(apacket * p,atransport * t)55 static int remote_read(apacket *p, atransport *t)
56 {
57     if(readx(t->sfd, &p->msg, sizeof(amessage))){
58         D("remote local: read terminated (message)\n");
59         return -1;
60     }
61 
62     fix_endians(p);
63 
64 #if 0 && defined HAVE_BIG_ENDIAN
65     D("read remote packet: %04x arg0=%0x arg1=%0x data_length=%0x data_check=%0x magic=%0x\n",
66       p->msg.command, p->msg.arg0, p->msg.arg1, p->msg.data_length, p->msg.data_check, p->msg.magic);
67 #endif
68     if(check_header(p)) {
69         D("bad header: terminated (data)\n");
70         return -1;
71     }
72 
73     if(readx(t->sfd, p->data, p->msg.data_length)){
74         D("remote local: terminated (data)\n");
75         return -1;
76     }
77 
78     if(check_data(p)) {
79         D("bad data: terminated (data)\n");
80         return -1;
81     }
82 
83     return 0;
84 }
85 
remote_write(apacket * p,atransport * t)86 static int remote_write(apacket *p, atransport *t)
87 {
88     int   length = p->msg.data_length;
89 
90     fix_endians(p);
91 
92 #if 0 && defined HAVE_BIG_ENDIAN
93     D("write remote packet: %04x arg0=%0x arg1=%0x data_length=%0x data_check=%0x magic=%0x\n",
94       p->msg.command, p->msg.arg0, p->msg.arg1, p->msg.data_length, p->msg.data_check, p->msg.magic);
95 #endif
96     if(writex(t->sfd, &p->msg, sizeof(amessage) + length)) {
97         D("remote local: write terminated\n");
98         return -1;
99     }
100 
101     return 0;
102 }
103 
104 
local_connect(int port)105 int local_connect(int port) {
106     return local_connect_arbitrary_ports(port-1, port);
107 }
108 
local_connect_arbitrary_ports(int console_port,int adb_port)109 int local_connect_arbitrary_ports(int console_port, int adb_port)
110 {
111     char buf[64];
112     int  fd = -1;
113 
114 #if ADB_HOST
115     const char *host = getenv("ADBHOST");
116     if (host) {
117         fd = socket_network_client(host, adb_port, SOCK_STREAM);
118     }
119 #endif
120     if (fd < 0) {
121         fd = socket_loopback_client(adb_port, SOCK_STREAM);
122     }
123 
124     if (fd >= 0) {
125         D("client: connected on remote on fd %d\n", fd);
126         close_on_exec(fd);
127         disable_tcp_nagle(fd);
128         snprintf(buf, sizeof buf, "%s%d", LOCAL_CLIENT_PREFIX, console_port);
129         register_socket_transport(fd, buf, adb_port, 1);
130         return 0;
131     }
132     return -1;
133 }
134 
135 
client_socket_thread(void * x)136 static void *client_socket_thread(void *x)
137 {
138 #if ADB_HOST
139     int  port  = DEFAULT_ADB_LOCAL_TRANSPORT_PORT;
140     int  count = ADB_LOCAL_TRANSPORT_MAX;
141 
142     D("transport: client_socket_thread() starting\n");
143 
144     /* try to connect to any number of running emulator instances     */
145     /* this is only done when ADB starts up. later, each new emulator */
146     /* will send a message to ADB to indicate that is is starting up  */
147     for ( ; count > 0; count--, port += 2 ) {
148         (void) local_connect(port);
149     }
150 #endif
151     return 0;
152 }
153 
server_socket_thread(void * arg)154 static void *server_socket_thread(void * arg)
155 {
156     int serverfd, fd;
157     struct sockaddr addr;
158     socklen_t alen;
159     int port = (int)arg;
160 
161     D("transport: server_socket_thread() starting\n");
162     serverfd = -1;
163     for(;;) {
164         if(serverfd == -1) {
165             serverfd = socket_inaddr_any_server(port, SOCK_STREAM);
166             if(serverfd < 0) {
167                 D("server: cannot bind socket yet\n");
168                 adb_sleep_ms(1000);
169                 continue;
170             }
171             close_on_exec(serverfd);
172         }
173 
174         alen = sizeof(addr);
175         D("server: trying to get new connection from %d\n", port);
176         fd = adb_socket_accept(serverfd, &addr, &alen);
177         if(fd >= 0) {
178             D("server: new connection on fd %d\n", fd);
179             close_on_exec(fd);
180             disable_tcp_nagle(fd);
181             register_socket_transport(fd, "host", port, 1);
182         }
183     }
184     D("transport: server_socket_thread() exiting\n");
185     return 0;
186 }
187 
188 /* This is relevant only for ADB daemon running inside the emulator. */
189 #if !ADB_HOST
190 /*
191  * Redefine open and write for qemu_pipe.h that contains inlined references
192  * to those routines. We will redifine them back after qemu_pipe.h inclusion.
193  */
194 #undef open
195 #undef write
196 #define open    adb_open
197 #define write   adb_write
198 #include <hardware/qemu_pipe.h>
199 #undef open
200 #undef write
201 #define open    ___xxx_open
202 #define write   ___xxx_write
203 
204 /* A worker thread that monitors host connections, and registers a transport for
205  * every new host connection. This thread replaces server_socket_thread on
206  * condition that adbd daemon runs inside the emulator, and emulator uses QEMUD
207  * pipe to communicate with adbd daemon inside the guest. This is done in order
208  * to provide more robust communication channel between ADB host and guest. The
209  * main issue with server_socket_thread approach is that it runs on top of TCP,
210  * and thus is sensitive to network disruptions. For instance, the
211  * ConnectionManager may decide to reset all network connections, in which case
212  * the connection between ADB host and guest will be lost. To make ADB traffic
213  * independent from the network, we use here 'adb' QEMUD service to transfer data
214  * between the host, and the guest. See external/qemu/android/adb-*.* that
215  * implements the emulator's side of the protocol. Another advantage of using
216  * QEMUD approach is that ADB will be up much sooner, since it doesn't depend
217  * anymore on network being set up.
218  * The guest side of the protocol contains the following phases:
219  * - Connect with adb QEMUD service. In this phase a handle to 'adb' QEMUD service
220  *   is opened, and it becomes clear whether or not emulator supports that
221  *   protocol.
222  * - Wait for the ADB host to create connection with the guest. This is done by
223  *   sending an 'accept' request to the adb QEMUD service, and waiting on
224  *   response.
225  * - When new ADB host connection is accepted, the connection with adb QEMUD
226  *   service is registered as the transport, and a 'start' request is sent to the
227  *   adb QEMUD service, indicating that the guest is ready to receive messages.
228  *   Note that the guest will ignore messages sent down from the emulator before
229  *   the transport registration is completed. That's why we need to send the
230  *   'start' request after the transport is registered.
231  */
qemu_socket_thread(void * arg)232 static void *qemu_socket_thread(void * arg)
233 {
234 /* 'accept' request to the adb QEMUD service. */
235 static const char _accept_req[] = "accept";
236 /* 'start' request to the adb QEMUD service. */
237 static const char _start_req[]  = "start";
238 /* 'ok' reply from the adb QEMUD service. */
239 static const char _ok_resp[]    = "ok";
240 
241     const int port = (int)arg;
242     int res, fd;
243     char tmp[256];
244     char con_name[32];
245 
246     D("transport: qemu_socket_thread() starting\n");
247 
248     /* adb QEMUD service connection request. */
249     snprintf(con_name, sizeof(con_name), "qemud:adb:%d", port);
250 
251     /* Connect to the adb QEMUD service. */
252     fd = qemu_pipe_open(con_name);
253     if (fd < 0) {
254         /* This could be an older version of the emulator, that doesn't
255          * implement adb QEMUD service. Fall back to the old TCP way. */
256         adb_thread_t thr;
257         D("adb service is not available. Falling back to TCP socket.\n");
258         adb_thread_create(&thr, server_socket_thread, arg);
259         return 0;
260     }
261 
262     for(;;) {
263         /*
264          * Wait till the host creates a new connection.
265          */
266 
267         /* Send the 'accept' request. */
268         res = adb_write(fd, _accept_req, strlen(_accept_req));
269         if ((size_t)res == strlen(_accept_req)) {
270             /* Wait for the response. In the response we expect 'ok' on success,
271              * or 'ko' on failure. */
272             res = adb_read(fd, tmp, sizeof(tmp));
273             if (res != 2 || memcmp(tmp, _ok_resp, 2)) {
274                 D("Accepting ADB host connection has failed.\n");
275                 adb_close(fd);
276             } else {
277                 /* Host is connected. Register the transport, and start the
278                  * exchange. */
279                 register_socket_transport(fd, "host", port, 1);
280                 adb_write(fd, _start_req, strlen(_start_req));
281             }
282 
283             /* Prepare for accepting of the next ADB host connection. */
284             fd = qemu_pipe_open(con_name);
285             if (fd < 0) {
286                 D("adb service become unavailable.\n");
287                 return 0;
288             }
289         } else {
290             D("Unable to send the '%s' request to ADB service.\n", _accept_req);
291             return 0;
292         }
293     }
294     D("transport: qemu_socket_thread() exiting\n");
295     return 0;
296 }
297 #endif  // !ADB_HOST
298 
local_init(int port)299 void local_init(int port)
300 {
301     adb_thread_t thr;
302     void* (*func)(void *);
303 
304     if(HOST) {
305         func = client_socket_thread;
306     } else {
307 #if ADB_HOST
308         func = server_socket_thread;
309 #else
310         /* For the adbd daemon in the system image we need to distinguish
311          * between the device, and the emulator. */
312         char is_qemu[PROPERTY_VALUE_MAX];
313         property_get("ro.kernel.qemu", is_qemu, "");
314         if (!strcmp(is_qemu, "1")) {
315             /* Running inside the emulator: use QEMUD pipe as the transport. */
316             func = qemu_socket_thread;
317         } else {
318             /* Running inside the device: use TCP socket as the transport. */
319             func = server_socket_thread;
320         }
321 #endif // !ADB_HOST
322     }
323 
324     D("transport: local %s init\n", HOST ? "client" : "server");
325 
326     if(adb_thread_create(&thr, func, (void *)port)) {
327         fatal_errno("cannot create local socket %s thread",
328                     HOST ? "client" : "server");
329     }
330 }
331 
remote_kick(atransport * t)332 static void remote_kick(atransport *t)
333 {
334     int fd = t->sfd;
335     t->sfd = -1;
336     adb_shutdown(fd);
337     adb_close(fd);
338 
339 #if ADB_HOST
340     if(HOST) {
341         int  nn;
342         adb_mutex_lock( &local_transports_lock );
343         for (nn = 0; nn < ADB_LOCAL_TRANSPORT_MAX; nn++) {
344             if (local_transports[nn] == t) {
345                 local_transports[nn] = NULL;
346                 break;
347             }
348         }
349         adb_mutex_unlock( &local_transports_lock );
350     }
351 #endif
352 }
353 
remote_close(atransport * t)354 static void remote_close(atransport *t)
355 {
356     adb_close(t->fd);
357 }
358 
359 
360 #if ADB_HOST
361 /* Only call this function if you already hold local_transports_lock. */
find_emulator_transport_by_adb_port_locked(int adb_port)362 atransport* find_emulator_transport_by_adb_port_locked(int adb_port)
363 {
364     int i;
365     for (i = 0; i < ADB_LOCAL_TRANSPORT_MAX; i++) {
366         if (local_transports[i] && local_transports[i]->adb_port == adb_port) {
367             return local_transports[i];
368         }
369     }
370     return NULL;
371 }
372 
find_emulator_transport_by_adb_port(int adb_port)373 atransport* find_emulator_transport_by_adb_port(int adb_port)
374 {
375     adb_mutex_lock( &local_transports_lock );
376     atransport* result = find_emulator_transport_by_adb_port_locked(adb_port);
377     adb_mutex_unlock( &local_transports_lock );
378     return result;
379 }
380 
381 /* Only call this function if you already hold local_transports_lock. */
get_available_local_transport_index_locked()382 int get_available_local_transport_index_locked()
383 {
384     int i;
385     for (i = 0; i < ADB_LOCAL_TRANSPORT_MAX; i++) {
386         if (local_transports[i] == NULL) {
387             return i;
388         }
389     }
390     return -1;
391 }
392 
get_available_local_transport_index()393 int get_available_local_transport_index()
394 {
395     adb_mutex_lock( &local_transports_lock );
396     int result = get_available_local_transport_index_locked();
397     adb_mutex_unlock( &local_transports_lock );
398     return result;
399 }
400 #endif
401 
init_socket_transport(atransport * t,int s,int adb_port,int local)402 int init_socket_transport(atransport *t, int s, int adb_port, int local)
403 {
404     int  fail = 0;
405 
406     t->kick = remote_kick;
407     t->close = remote_close;
408     t->read_from_remote = remote_read;
409     t->write_to_remote = remote_write;
410     t->sfd = s;
411     t->sync_token = 1;
412     t->connection_state = CS_OFFLINE;
413     t->type = kTransportLocal;
414     t->adb_port = 0;
415 
416 #if ADB_HOST
417     if (HOST && local) {
418         adb_mutex_lock( &local_transports_lock );
419         {
420             t->adb_port = adb_port;
421             atransport* existing_transport =
422                     find_emulator_transport_by_adb_port_locked(adb_port);
423             int index = get_available_local_transport_index_locked();
424             if (existing_transport != NULL) {
425                 D("local transport for port %d already registered (%p)?\n",
426                 adb_port, existing_transport);
427                 fail = -1;
428             } else if (index < 0) {
429                 // Too many emulators.
430                 D("cannot register more emulators. Maximum is %d\n",
431                         ADB_LOCAL_TRANSPORT_MAX);
432                 fail = -1;
433             } else {
434                 local_transports[index] = t;
435             }
436        }
437        adb_mutex_unlock( &local_transports_lock );
438     }
439 #endif
440     return fail;
441 }
442