1 /*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <stddef.h>
18 #include <stdlib.h>
19 #include <stdio.h>
20 #include <unistd.h>
21 #include <string.h>
22 #include <errno.h>
23
24 #include "sysdeps.h"
25
26 #define TRACE_TAG TRACE_SERVICES
27 #include "adb.h"
28 #include "file_sync_service.h"
29
30 #if ADB_HOST
31 # ifndef HAVE_WINSOCK
32 # include <netinet/in.h>
33 # include <netdb.h>
34 # include <sys/ioctl.h>
35 # endif
36 #else
37 # include <cutils/android_reboot.h>
38 # include <cutils/properties.h>
39 #endif
40
41 typedef struct stinfo stinfo;
42
43 struct stinfo {
44 void (*func)(int fd, void *cookie);
45 int fd;
46 void *cookie;
47 };
48
49
service_bootstrap_func(void * x)50 void *service_bootstrap_func(void *x)
51 {
52 stinfo *sti = x;
53 sti->func(sti->fd, sti->cookie);
54 free(sti);
55 return 0;
56 }
57
58 #if !ADB_HOST
59
restart_root_service(int fd,void * cookie)60 void restart_root_service(int fd, void *cookie)
61 {
62 char buf[100];
63 char value[PROPERTY_VALUE_MAX];
64
65 if (getuid() == 0) {
66 snprintf(buf, sizeof(buf), "adbd is already running as root\n");
67 writex(fd, buf, strlen(buf));
68 adb_close(fd);
69 } else {
70 property_get("ro.debuggable", value, "");
71 if (strcmp(value, "1") != 0) {
72 snprintf(buf, sizeof(buf), "adbd cannot run as root in production builds\n");
73 writex(fd, buf, strlen(buf));
74 adb_close(fd);
75 return;
76 }
77
78 property_set("service.adb.root", "1");
79 snprintf(buf, sizeof(buf), "restarting adbd as root\n");
80 writex(fd, buf, strlen(buf));
81 adb_close(fd);
82 }
83 }
84
restart_tcp_service(int fd,void * cookie)85 void restart_tcp_service(int fd, void *cookie)
86 {
87 char buf[100];
88 char value[PROPERTY_VALUE_MAX];
89 int port = (int) (uintptr_t) cookie;
90
91 if (port <= 0) {
92 snprintf(buf, sizeof(buf), "invalid port\n");
93 writex(fd, buf, strlen(buf));
94 adb_close(fd);
95 return;
96 }
97
98 snprintf(value, sizeof(value), "%d", port);
99 property_set("service.adb.tcp.port", value);
100 snprintf(buf, sizeof(buf), "restarting in TCP mode port: %d\n", port);
101 writex(fd, buf, strlen(buf));
102 adb_close(fd);
103 }
104
restart_usb_service(int fd,void * cookie)105 void restart_usb_service(int fd, void *cookie)
106 {
107 char buf[100];
108
109 property_set("service.adb.tcp.port", "0");
110 snprintf(buf, sizeof(buf), "restarting in USB mode\n");
111 writex(fd, buf, strlen(buf));
112 adb_close(fd);
113 }
114
reboot_service(int fd,void * arg)115 void reboot_service(int fd, void *arg)
116 {
117 char buf[100];
118 char property_val[PROPERTY_VALUE_MAX];
119 int ret;
120
121 sync();
122
123 ret = snprintf(property_val, sizeof(property_val), "reboot,%s", (char *) arg);
124 if (ret >= (int) sizeof(property_val)) {
125 snprintf(buf, sizeof(buf), "reboot string too long. length=%d\n", ret);
126 writex(fd, buf, strlen(buf));
127 goto cleanup;
128 }
129
130 ret = property_set(ANDROID_RB_PROPERTY, property_val);
131 if (ret < 0) {
132 snprintf(buf, sizeof(buf), "reboot failed: %d\n", ret);
133 writex(fd, buf, strlen(buf));
134 goto cleanup;
135 }
136 // Don't return early. Give the reboot command time to take effect
137 // to avoid messing up scripts which do "adb reboot && adb wait-for-device"
138 while(1) { pause(); }
139 cleanup:
140 free(arg);
141 adb_close(fd);
142 }
143
reverse_service(int fd,void * arg)144 void reverse_service(int fd, void* arg)
145 {
146 const char* command = arg;
147
148 if (handle_forward_request(command, kTransportAny, NULL, fd) < 0) {
149 sendfailmsg(fd, "not a reverse forwarding command");
150 }
151 free(arg);
152 adb_close(fd);
153 }
154
155 #endif
156
create_service_thread(void (* func)(int,void *),void * cookie)157 static int create_service_thread(void (*func)(int, void *), void *cookie)
158 {
159 stinfo *sti;
160 adb_thread_t t;
161 int s[2];
162
163 if(adb_socketpair(s)) {
164 printf("cannot create service socket pair\n");
165 return -1;
166 }
167
168 sti = malloc(sizeof(stinfo));
169 if(sti == 0) fatal("cannot allocate stinfo");
170 sti->func = func;
171 sti->cookie = cookie;
172 sti->fd = s[1];
173
174 if(adb_thread_create( &t, service_bootstrap_func, sti)){
175 free(sti);
176 adb_close(s[0]);
177 adb_close(s[1]);
178 printf("cannot create service thread\n");
179 return -1;
180 }
181
182 D("service thread started, %d:%d\n",s[0], s[1]);
183 return s[0];
184 }
185
186 #if !ADB_HOST
187
init_subproc_child()188 static void init_subproc_child()
189 {
190 setsid();
191
192 // Set OOM score adjustment to prevent killing
193 int fd = adb_open("/proc/self/oom_score_adj", O_WRONLY | O_CLOEXEC);
194 if (fd >= 0) {
195 adb_write(fd, "0", 1);
196 adb_close(fd);
197 } else {
198 D("adb: unable to update oom_score_adj\n");
199 }
200 }
201
create_subproc_pty(const char * cmd,const char * arg0,const char * arg1,pid_t * pid)202 static int create_subproc_pty(const char *cmd, const char *arg0, const char *arg1, pid_t *pid)
203 {
204 D("create_subproc_pty(cmd=%s, arg0=%s, arg1=%s)\n", cmd, arg0, arg1);
205 #ifdef HAVE_WIN32_PROC
206 fprintf(stderr, "error: create_subproc_pty not implemented on Win32 (%s %s %s)\n", cmd, arg0, arg1);
207 return -1;
208 #else /* !HAVE_WIN32_PROC */
209 int ptm;
210
211 ptm = unix_open("/dev/ptmx", O_RDWR | O_CLOEXEC); // | O_NOCTTY);
212 if(ptm < 0){
213 printf("[ cannot open /dev/ptmx - %s ]\n",strerror(errno));
214 return -1;
215 }
216
217 char devname[64];
218 if(grantpt(ptm) || unlockpt(ptm) || ptsname_r(ptm, devname, sizeof(devname)) != 0) {
219 printf("[ trouble with /dev/ptmx - %s ]\n", strerror(errno));
220 adb_close(ptm);
221 return -1;
222 }
223
224 *pid = fork();
225 if(*pid < 0) {
226 printf("- fork failed: %s -\n", strerror(errno));
227 adb_close(ptm);
228 return -1;
229 }
230
231 if (*pid == 0) {
232 init_subproc_child();
233
234 int pts = unix_open(devname, O_RDWR | O_CLOEXEC);
235 if (pts < 0) {
236 fprintf(stderr, "child failed to open pseudo-term slave: %s\n", devname);
237 exit(-1);
238 }
239
240 dup2(pts, STDIN_FILENO);
241 dup2(pts, STDOUT_FILENO);
242 dup2(pts, STDERR_FILENO);
243
244 adb_close(pts);
245 adb_close(ptm);
246
247 execl(cmd, cmd, arg0, arg1, NULL);
248 fprintf(stderr, "- exec '%s' failed: %s (%d) -\n",
249 cmd, strerror(errno), errno);
250 exit(-1);
251 } else {
252 return ptm;
253 }
254 #endif /* !HAVE_WIN32_PROC */
255 }
256
create_subproc_raw(const char * cmd,const char * arg0,const char * arg1,pid_t * pid)257 static int create_subproc_raw(const char *cmd, const char *arg0, const char *arg1, pid_t *pid)
258 {
259 D("create_subproc_raw(cmd=%s, arg0=%s, arg1=%s)\n", cmd, arg0, arg1);
260 #ifdef HAVE_WIN32_PROC
261 fprintf(stderr, "error: create_subproc_raw not implemented on Win32 (%s %s %s)\n", cmd, arg0, arg1);
262 return -1;
263 #else /* !HAVE_WIN32_PROC */
264
265 // 0 is parent socket, 1 is child socket
266 int sv[2];
267 if (unix_socketpair(AF_UNIX, SOCK_STREAM, 0, sv) < 0) {
268 printf("[ cannot create socket pair - %s ]\n", strerror(errno));
269 return -1;
270 }
271
272 *pid = fork();
273 if (*pid < 0) {
274 printf("- fork failed: %s -\n", strerror(errno));
275 adb_close(sv[0]);
276 adb_close(sv[1]);
277 return -1;
278 }
279
280 if (*pid == 0) {
281 adb_close(sv[0]);
282 init_subproc_child();
283
284 dup2(sv[1], STDIN_FILENO);
285 dup2(sv[1], STDOUT_FILENO);
286 dup2(sv[1], STDERR_FILENO);
287
288 adb_close(sv[1]);
289
290 execl(cmd, cmd, arg0, arg1, NULL);
291 fprintf(stderr, "- exec '%s' failed: %s (%d) -\n",
292 cmd, strerror(errno), errno);
293 exit(-1);
294 } else {
295 adb_close(sv[1]);
296 return sv[0];
297 }
298 #endif /* !HAVE_WIN32_PROC */
299 }
300 #endif /* !ABD_HOST */
301
302 #if ADB_HOST
303 #define SHELL_COMMAND "/bin/sh"
304 #else
305 #define SHELL_COMMAND "/system/bin/sh"
306 #endif
307
308 #if !ADB_HOST
subproc_waiter_service(int fd,void * cookie)309 static void subproc_waiter_service(int fd, void *cookie)
310 {
311 pid_t pid = (pid_t) (uintptr_t) cookie;
312
313 D("entered. fd=%d of pid=%d\n", fd, pid);
314 for (;;) {
315 int status;
316 pid_t p = waitpid(pid, &status, 0);
317 if (p == pid) {
318 D("fd=%d, post waitpid(pid=%d) status=%04x\n", fd, p, status);
319 if (WIFSIGNALED(status)) {
320 D("*** Killed by signal %d\n", WTERMSIG(status));
321 break;
322 } else if (!WIFEXITED(status)) {
323 D("*** Didn't exit!!. status %d\n", status);
324 break;
325 } else if (WEXITSTATUS(status) >= 0) {
326 D("*** Exit code %d\n", WEXITSTATUS(status));
327 break;
328 }
329 }
330 }
331 D("shell exited fd=%d of pid=%d err=%d\n", fd, pid, errno);
332 if (SHELL_EXIT_NOTIFY_FD >=0) {
333 int res;
334 res = writex(SHELL_EXIT_NOTIFY_FD, &fd, sizeof(fd));
335 D("notified shell exit via fd=%d for pid=%d res=%d errno=%d\n",
336 SHELL_EXIT_NOTIFY_FD, pid, res, errno);
337 }
338 }
339
create_subproc_thread(const char * name,const subproc_mode mode)340 static int create_subproc_thread(const char *name, const subproc_mode mode)
341 {
342 stinfo *sti;
343 adb_thread_t t;
344 int ret_fd;
345 pid_t pid = -1;
346
347 const char *arg0, *arg1;
348 if (name == 0 || *name == 0) {
349 arg0 = "-"; arg1 = 0;
350 } else {
351 arg0 = "-c"; arg1 = name;
352 }
353
354 switch (mode) {
355 case SUBPROC_PTY:
356 ret_fd = create_subproc_pty(SHELL_COMMAND, arg0, arg1, &pid);
357 break;
358 case SUBPROC_RAW:
359 ret_fd = create_subproc_raw(SHELL_COMMAND, arg0, arg1, &pid);
360 break;
361 default:
362 fprintf(stderr, "invalid subproc_mode %d\n", mode);
363 return -1;
364 }
365 D("create_subproc ret_fd=%d pid=%d\n", ret_fd, pid);
366
367 sti = malloc(sizeof(stinfo));
368 if(sti == 0) fatal("cannot allocate stinfo");
369 sti->func = subproc_waiter_service;
370 sti->cookie = (void*) (uintptr_t) pid;
371 sti->fd = ret_fd;
372
373 if (adb_thread_create(&t, service_bootstrap_func, sti)) {
374 free(sti);
375 adb_close(ret_fd);
376 fprintf(stderr, "cannot create service thread\n");
377 return -1;
378 }
379
380 D("service thread started, fd=%d pid=%d\n", ret_fd, pid);
381 return ret_fd;
382 }
383 #endif
384
service_to_fd(const char * name)385 int service_to_fd(const char *name)
386 {
387 int ret = -1;
388
389 if(!strncmp(name, "tcp:", 4)) {
390 int port = atoi(name + 4);
391 name = strchr(name + 4, ':');
392 if(name == 0) {
393 ret = socket_loopback_client(port, SOCK_STREAM);
394 if (ret >= 0)
395 disable_tcp_nagle(ret);
396 } else {
397 #if ADB_HOST
398 ret = socket_network_client(name + 1, port, SOCK_STREAM);
399 #else
400 return -1;
401 #endif
402 }
403 #ifndef HAVE_WINSOCK /* winsock doesn't implement unix domain sockets */
404 } else if(!strncmp(name, "local:", 6)) {
405 ret = socket_local_client(name + 6,
406 ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
407 } else if(!strncmp(name, "localreserved:", 14)) {
408 ret = socket_local_client(name + 14,
409 ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
410 } else if(!strncmp(name, "localabstract:", 14)) {
411 ret = socket_local_client(name + 14,
412 ANDROID_SOCKET_NAMESPACE_ABSTRACT, SOCK_STREAM);
413 } else if(!strncmp(name, "localfilesystem:", 16)) {
414 ret = socket_local_client(name + 16,
415 ANDROID_SOCKET_NAMESPACE_FILESYSTEM, SOCK_STREAM);
416 #endif
417 #if !ADB_HOST
418 } else if(!strncmp("dev:", name, 4)) {
419 ret = unix_open(name + 4, O_RDWR | O_CLOEXEC);
420 } else if(!strncmp(name, "framebuffer:", 12)) {
421 ret = create_service_thread(framebuffer_service, 0);
422 } else if (!strncmp(name, "jdwp:", 5)) {
423 ret = create_jdwp_connection_fd(atoi(name+5));
424 } else if(!HOST && !strncmp(name, "shell:", 6)) {
425 ret = create_subproc_thread(name + 6, SUBPROC_PTY);
426 } else if(!HOST && !strncmp(name, "exec:", 5)) {
427 ret = create_subproc_thread(name + 5, SUBPROC_RAW);
428 } else if(!strncmp(name, "sync:", 5)) {
429 ret = create_service_thread(file_sync_service, NULL);
430 } else if(!strncmp(name, "remount:", 8)) {
431 ret = create_service_thread(remount_service, NULL);
432 } else if(!strncmp(name, "reboot:", 7)) {
433 void* arg = strdup(name + 7);
434 if (arg == NULL) return -1;
435 ret = create_service_thread(reboot_service, arg);
436 } else if(!strncmp(name, "root:", 5)) {
437 ret = create_service_thread(restart_root_service, NULL);
438 } else if(!strncmp(name, "backup:", 7)) {
439 char* arg = strdup(name + 7);
440 if (arg == NULL) return -1;
441 char* c = arg;
442 for (; *c != '\0'; c++) {
443 if (*c == ':')
444 *c = ' ';
445 }
446 char* cmd;
447 if (asprintf(&cmd, "/system/bin/bu backup %s", arg) != -1) {
448 ret = create_subproc_thread(cmd, SUBPROC_RAW);
449 free(cmd);
450 }
451 free(arg);
452 } else if(!strncmp(name, "restore:", 8)) {
453 ret = create_subproc_thread("/system/bin/bu restore", SUBPROC_RAW);
454 } else if(!strncmp(name, "tcpip:", 6)) {
455 int port;
456 if (sscanf(name + 6, "%d", &port) == 0) {
457 port = 0;
458 }
459 ret = create_service_thread(restart_tcp_service, (void *) (uintptr_t) port);
460 } else if(!strncmp(name, "usb:", 4)) {
461 ret = create_service_thread(restart_usb_service, NULL);
462 } else if (!strncmp(name, "reverse:", 8)) {
463 char* cookie = strdup(name + 8);
464 if (cookie == NULL) {
465 ret = -1;
466 } else {
467 ret = create_service_thread(reverse_service, cookie);
468 if (ret < 0) {
469 free(cookie);
470 }
471 }
472 #endif
473 }
474 if (ret >= 0) {
475 close_on_exec(ret);
476 }
477 return ret;
478 }
479
480 #if ADB_HOST
481 struct state_info {
482 transport_type transport;
483 char* serial;
484 int state;
485 };
486
wait_for_state(int fd,void * cookie)487 static void wait_for_state(int fd, void* cookie)
488 {
489 struct state_info* sinfo = cookie;
490 char* err = "unknown error";
491
492 D("wait_for_state %d\n", sinfo->state);
493
494 atransport *t = acquire_one_transport(sinfo->state, sinfo->transport, sinfo->serial, &err);
495 if(t != 0) {
496 writex(fd, "OKAY", 4);
497 } else {
498 sendfailmsg(fd, err);
499 }
500
501 if (sinfo->serial)
502 free(sinfo->serial);
503 free(sinfo);
504 adb_close(fd);
505 D("wait_for_state is done\n");
506 }
507
connect_device(char * host,char * buffer,int buffer_size)508 static void connect_device(char* host, char* buffer, int buffer_size)
509 {
510 int port, fd;
511 char* portstr = strchr(host, ':');
512 char hostbuf[100];
513 char serial[100];
514 int ret;
515
516 strncpy(hostbuf, host, sizeof(hostbuf) - 1);
517 if (portstr) {
518 if (portstr - host >= (ptrdiff_t)sizeof(hostbuf)) {
519 snprintf(buffer, buffer_size, "bad host name %s", host);
520 return;
521 }
522 // zero terminate the host at the point we found the colon
523 hostbuf[portstr - host] = 0;
524 if (sscanf(portstr + 1, "%d", &port) == 0) {
525 snprintf(buffer, buffer_size, "bad port number %s", portstr);
526 return;
527 }
528 } else {
529 port = DEFAULT_ADB_LOCAL_TRANSPORT_PORT;
530 }
531
532 snprintf(serial, sizeof(serial), "%s:%d", hostbuf, port);
533
534 fd = socket_network_client_timeout(hostbuf, port, SOCK_STREAM, 10);
535 if (fd < 0) {
536 snprintf(buffer, buffer_size, "unable to connect to %s:%d", host, port);
537 return;
538 }
539
540 D("client: connected on remote on fd %d\n", fd);
541 close_on_exec(fd);
542 disable_tcp_nagle(fd);
543
544 ret = register_socket_transport(fd, serial, port, 0);
545 if (ret < 0) {
546 adb_close(fd);
547 snprintf(buffer, buffer_size, "already connected to %s", serial);
548 } else {
549 snprintf(buffer, buffer_size, "connected to %s", serial);
550 }
551 }
552
connect_emulator(char * port_spec,char * buffer,int buffer_size)553 void connect_emulator(char* port_spec, char* buffer, int buffer_size)
554 {
555 char* port_separator = strchr(port_spec, ',');
556 if (!port_separator) {
557 snprintf(buffer, buffer_size,
558 "unable to parse '%s' as <console port>,<adb port>",
559 port_spec);
560 return;
561 }
562
563 // Zero-terminate console port and make port_separator point to 2nd port.
564 *port_separator++ = 0;
565 int console_port = strtol(port_spec, NULL, 0);
566 int adb_port = strtol(port_separator, NULL, 0);
567 if (!(console_port > 0 && adb_port > 0)) {
568 *(port_separator - 1) = ',';
569 snprintf(buffer, buffer_size,
570 "Invalid port numbers: Expected positive numbers, got '%s'",
571 port_spec);
572 return;
573 }
574
575 /* Check if the emulator is already known.
576 * Note: There's a small but harmless race condition here: An emulator not
577 * present just yet could be registered by another invocation right
578 * after doing this check here. However, local_connect protects
579 * against double-registration too. From here, a better error message
580 * can be produced. In the case of the race condition, the very specific
581 * error message won't be shown, but the data doesn't get corrupted. */
582 atransport* known_emulator = find_emulator_transport_by_adb_port(adb_port);
583 if (known_emulator != NULL) {
584 snprintf(buffer, buffer_size,
585 "Emulator on port %d already registered.", adb_port);
586 return;
587 }
588
589 /* Check if more emulators can be registered. Similar unproblematic
590 * race condition as above. */
591 int candidate_slot = get_available_local_transport_index();
592 if (candidate_slot < 0) {
593 snprintf(buffer, buffer_size, "Cannot accept more emulators.");
594 return;
595 }
596
597 /* Preconditions met, try to connect to the emulator. */
598 if (!local_connect_arbitrary_ports(console_port, adb_port)) {
599 snprintf(buffer, buffer_size,
600 "Connected to emulator on ports %d,%d", console_port, adb_port);
601 } else {
602 snprintf(buffer, buffer_size,
603 "Could not connect to emulator on ports %d,%d",
604 console_port, adb_port);
605 }
606 }
607
connect_service(int fd,void * cookie)608 static void connect_service(int fd, void* cookie)
609 {
610 char buf[4096];
611 char resp[4096];
612 char *host = cookie;
613
614 if (!strncmp(host, "emu:", 4)) {
615 connect_emulator(host + 4, buf, sizeof(buf));
616 } else {
617 connect_device(host, buf, sizeof(buf));
618 }
619
620 // Send response for emulator and device
621 snprintf(resp, sizeof(resp), "%04x%s",(unsigned)strlen(buf), buf);
622 writex(fd, resp, strlen(resp));
623 adb_close(fd);
624 }
625 #endif
626
627 #if ADB_HOST
host_service_to_socket(const char * name,const char * serial)628 asocket* host_service_to_socket(const char* name, const char *serial)
629 {
630 if (!strcmp(name,"track-devices")) {
631 return create_device_tracker();
632 } else if (!strncmp(name, "wait-for-", strlen("wait-for-"))) {
633 struct state_info* sinfo = malloc(sizeof(struct state_info));
634
635 if (serial)
636 sinfo->serial = strdup(serial);
637 else
638 sinfo->serial = NULL;
639
640 name += strlen("wait-for-");
641
642 if (!strncmp(name, "local", strlen("local"))) {
643 sinfo->transport = kTransportLocal;
644 sinfo->state = CS_DEVICE;
645 } else if (!strncmp(name, "usb", strlen("usb"))) {
646 sinfo->transport = kTransportUsb;
647 sinfo->state = CS_DEVICE;
648 } else if (!strncmp(name, "any", strlen("any"))) {
649 sinfo->transport = kTransportAny;
650 sinfo->state = CS_DEVICE;
651 } else {
652 free(sinfo);
653 return NULL;
654 }
655
656 int fd = create_service_thread(wait_for_state, sinfo);
657 return create_local_socket(fd);
658 } else if (!strncmp(name, "connect:", 8)) {
659 const char *host = name + 8;
660 int fd = create_service_thread(connect_service, (void *)host);
661 return create_local_socket(fd);
662 }
663 return NULL;
664 }
665 #endif /* ADB_HOST */
666