fd79a5d9c1b1bc9588c228bbc8ac6e289638b1ee |
|
08-Jan-2016 |
Jorge Lucangeli Obes <jorgelo@google.com> |
adbd: Remove check for set_supplementary_gids. With https://android-review.googlesource.com/#/c/195400, Minijail will check for this failure so there's no need to do it here, which allows to simplify the code. Bug: 26099611 Change-Id: I7c876fdcab874ed403f82bdd5a4048c0f1e5db58
/system/core/adb/daemon/main.cpp
|
683dc4817f1e3cb3a043a7ce6496c00d19fa27f5 |
|
14-Dec-2015 |
Jorge Lucangeli Obes <jorgelo@google.com> |
adb: Use Minijail for privilege dropping. By using Minijail we avoid writing the same priv-dropping code over and over again. This also enables future hardening opportunities. We're already using Minijail for priv-dropping on Brillo. Minijail is unit- and integration-tested on the Chrome OS CI infrastructure (pulling from the same repo, see https://wmatrix.googleplex.com/security?tests=security_Minijail0). Once CI comes to Android, it will be continuously tested there as well. Both 'adb root' and 'adb unroot' still work. Bug: 26099611 Change-Id: I52c456ea272d27bd6fbc71200f4fdd928a592158
/system/core/adb/daemon/main.cpp
|
38cd57a1450874d4c045ab3612f2dd11d04fca13 |
|
11-Dec-2015 |
Tom Cherry <tomcherry@google.com> |
Use selinux_android_setcon() instead of setcon() Bug 26114086 Change-Id: I02d20ee7a5f487fc73d7a33d50b0b8f1cd9ad3a4
/system/core/adb/daemon/main.cpp
|
9e7893bf86a18b8a3f709d32811f56ccc2df3449 |
|
16-Dec-2015 |
Elliott Hughes <enh@google.com> |
More idiomatic cleanup of 9f75a035713d216469f1cabfe4a65f7864e2145a. Change-Id: Id936946375d2be56ba10bf3aa5804f52cdbecc2d
/system/core/adb/daemon/main.cpp
|
9f75a035713d216469f1cabfe4a65f7864e2145a |
|
16-Dec-2015 |
Nick Kralevich <nnk@google.com> |
adbd: make a PR_CAPBSET_DROP error fatal. Back in 080427e4e2b1b72718b660e16b6cf38b3a3c4e3f, we said: If the kernel doesn't support file capabilities, we ignore a prctl(PR_CAPBSET_DROP) failure. In a future CL, this could become a fatal error. Make it a fatal error. With SELinux support, all devices are required to support file capabilities. Change-Id: I0ce0c4cb9387c42e325cbf1a63c5d82e6aab530c
/system/core/adb/daemon/main.cpp
|
6945e360601a37301a6a678389d7bc9e974b1e23 |
|
11-Dec-2015 |
Mike Frysinger <vapier@google.com> |
Merge "adbd: refactor priv dropping logic"
|
aae38d9704a6c5a2a7dfd9b628bd89822f1cbb60 |
|
10-Dec-2015 |
Josh Gao <jmgao@google.com> |
Merge "adb: shell: add -n flag to not read from stdin."
|
7d586073609723cb2f6ed37de0ad1a7996e621ae |
|
21-Nov-2015 |
Josh Gao <jmgao@google.com> |
adb: shell: add -n flag to not read from stdin. Shell scripts of the following form do not work properly with adb: echo "foo\nbar\nbaz" | { read FOO while [ "$FOO" != "" ]; do adb shell echo $FOO read FOO done } The first run of adb shell will consume all of the contents of stdin, causing the loop to immediately end. ssh solves this by providing a -n flag that causes it to not read from stdin. This commit adds the same. Bug: http://b/25817224 Change-Id: Id74ca62ef520bcf03678b50f4bf203916fd81038
/system/core/adb/daemon/main.cpp
|
4120ebc635b41b17a7283b5c2d0ef1e4425a169f |
|
09-Dec-2015 |
Mike Frysinger <vapier@google.com> |
adbd: refactor priv dropping logic Makes the code a little cleaner. Change-Id: I961b6fc8730c45d8fd4f9fd2981a6d6ab8f51fb6
/system/core/adb/daemon/main.cpp
|
4f71319df011d796a60a43fc1bc68e16fbf7d321 |
|
05-Dec-2015 |
Elliott Hughes <enh@google.com> |
Track rename of base/ to android-base/. Change-Id: Idf9444fece4aa89c93e15640de59a91f6e758ccf
/system/core/adb/daemon/main.cpp
|
f39c56456d1f9bb910a9bc1187027a75942c8658 |
|
11-Nov-2015 |
Jorge Lucangeli Obes <jorgelo@google.com> |
Fix typo, caps in error messages. Bug: None Change-Id: I673189f84812637c240321b72cf77b26b170b6ad
/system/core/adb/daemon/main.cpp
|
c39ba5ae32afb6329d42e61d2941d87ff66d92e3 |
|
08-Nov-2015 |
Nick Kralevich <nnk@google.com> |
Enable hidepid=2 on /proc Add the following mount options to the /proc filesystem: hidepid=2,gid=3009 This change blocks /proc access unless you're in group 3009 (aka AID_READPROC). Please see https://github.com/torvalds/linux/blob/master/Documentation/filesystems/proc.txt for documentation on the hidepid option. hidepid=2 is preferred over hidepid=1 since it leaks less information and doesn't generate SELinux ptrace denials when trying to access /proc without being in the proper group. Add AID_READPROC to processes which need to access /proc entries for other UIDs. Bug: 23310674 Change-Id: I22bb55ff7b80ff722945e224845215196f09dafa
/system/core/adb/daemon/main.cpp
|
aed3c61c4437ebb05eadfb3bf85d6962c30b9935 |
|
23-Sep-2015 |
Yabin Cui <yabinc@google.com> |
Adb: use VLOG() to replace D() for verbose logging. As there are too many D(), we can keep both VLOG() and D() now, and get rid of D() gradually. Change-Id: I2f1cb70bcab3e82c99fed939341d03f6b2216076
/system/core/adb/daemon/main.cpp
|
7a3f8d6691b3fbd8014a98de8455dbcfcc9629e4 |
|
03-Sep-2015 |
Yabin Cui <yabinc@google.com> |
adb: clean up debug tracing a little. Always use LOG() for debug tracing. Remove useless D_lock. I believe it is useless to lock just before and after fprintf. I verified the log output both on host and on device. The output looks fine to me. Change-Id: I96ccfe408ff56864361551afe9ad464d197ae104
/system/core/adb/daemon/main.cpp
|
bd4b1fa4a914552e450eb5a2bf398ba525c8adec |
|
28-Aug-2015 |
Elliott Hughes <enh@google.com> |
Improve adb tracing. The existing format was unreadable; putting the pid and tid first helps somewhat. Also remove the unused qemu tracing which wasn't called anywhere. Change-Id: I37ef3c556fe17b237ba1d8ca3216e2155ce5d0de
/system/core/adb/daemon/main.cpp
|
0e2c19465964d27f6da0e5d23c329b7892d41204 |
|
31-Jul-2015 |
Yabin Cui <yabinc@google.com> |
adb: poll for emulator connection. Bug: 19974213 Change-Id: I336f3ad6f428277c54479e5b8c45d5343c64f472
/system/core/adb/daemon/main.cpp
|
5200c6670f041550c23821fec8e8e49b30ef6d29 |
|
31-Jul-2015 |
Spencer Low <CompareAndSwap@gmail.com> |
adb: win32: initial IPv6 support and improved Winsock error reporting Call getaddrinfo() for connecting to IPv6 destinations. Winsock APIs do not set errno. WSAGetLastError() returns Winsock errors that are more numerous than BSD sockets, so it really doesn't make sense to map those to BSD socket errors. Plus, even if we did that, the Windows C Runtime (that mingw binaries use) has a strerror() that does not recognize BSD socket error codes. The solution is to wrap the various libcutils socket_* APIs with sysdeps.h network_* APIs. For POSIX, the network_* APIs just call strerror(). For Windows, they call SystemErrorCodeToString() (adapted from Chromium). Also in this change: - Various other code was modified to return errors in a std::string* argument, to be able to surface the error string to the end-user. - Improved error checking and use of D() to log Winsock errors for improved debuggability. - For sysdeps_win32.cpp, added unique_fh class that works like std::unique_ptr, for calling _fh_close(). - Fix win32 adb_socketpair() setting of errno in error case. - Improve _socket_set_errno() D() logging to reduce confusion. Map a few extra error codes. - Move adb_shutdown() lower in sysdeps_win32.cpp so it can call _socket_set_errno(). - Move network_connect() from adb_utils.cpp to sysdeps.h. - Merge socket_loopback_server() and socket_inaddr_any_server() into _network_server() since most of the code was identical. Change-Id: I945f36870f320578b3a11ba093852ba6f7b93400 Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
/system/core/adb/daemon/main.cpp
|
5cba504215ea91187cc36ec7aec5dce1b0f4b0fe |
|
18-Jun-2015 |
Elliott Hughes <enh@google.com> |
Ignore ro.adb.secure in user builds. Require authorization by default, and remove the ability to override that in user builds. (userdebug and eng are still free to do whatever they want.) Bug: http://b/21862859 Change-Id: Ibf8af375be5bf1141c1ad481eee7a59fb10a7adb
/system/core/adb/daemon/main.cpp
|
4d87095ebfefdb9e641492462f0a0e21d5b96ecf |
|
13-Jun-2015 |
Nick Kralevich <nnk@google.com> |
Remove calls to is_selinux_enabled() d34e407aeb5898f19d4f042b7558420bbb3a1817 removed support for running with SELinux completely disabled. SELinux must either be in permissive or enforcing mode now. Remove unnecessary calls to is_selinux_enabled(). It always returns true now. Change-Id: Ife3156b74b13b2e590afe4accf716fc7776567e5
/system/core/adb/daemon/main.cpp
|
6ac5d7dc56a016718d2a26803435505e983e5d80 |
|
23-May-2015 |
Spencer Low <CompareAndSwap@gmail.com> |
adb: fix adb_close() vs. unix_close() usage Document the differences between adb_*() and unix_*() in the function prototypes in sysdeps.h. See the file for the details (CR/LF translation, well-known file descriptors, etc.). Fix adb_read(), adb_write(), and adb_close() calls that should really be unix_read(), unix_write(), and unix_close(). Note that this should have no impact on unix because on unix, unix_read/unix_write/unix_close are macros that map to adb_read/adb_write/adb_close. Improve sysdeps_win32.cpp file descriptor diagnostic logging to output the name of the function that was passed a bad file descriptor. Change-Id: I0a1d9c28772656c80bcc303ef8b61fccf4cd637c Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
/system/core/adb/daemon/main.cpp
|
9313c0df20d7cc8ea6a074a3d53022c4b3b5ea05 |
|
21-May-2015 |
Dan Albert <danalbert@google.com> |
Improve logging. Any output from the LOG family will now go to stderr and logcat on the device. stderr is usually redirected to a log file, but that is now inhibited for adbd if being run from a tty (useful when debugging with the serial console). This also fixes sending logs to the file on device for the trace mask of "all". The "all" tag was specifically handled to return early from the function, preventing the file initialization from happening. Change-Id: Id253577bfd1500fbce92dbfba0f9be23dbfd5ee4
/system/core/adb/daemon/main.cpp
|
c89e0ccd40624e8b2ce30d425e8bed0264fae548 |
|
09-May-2015 |
Dan Albert <danalbert@google.com> |
Revert "Revert "Split adb_main.cpp into client and daemon."" This reverts commit 218dbccefa3d874d988e4784bda5e45b7643cb5a. Change-Id: I74088db34983dc99e316a07c6ddc294340e0eb71
/system/core/adb/daemon/main.cpp
|
218dbccefa3d874d988e4784bda5e45b7643cb5a |
|
09-May-2015 |
Dan Albert <danalbert@google.com> |
Revert "Split adb_main.cpp into client and daemon." This reverts commit cf07494ac2a101c3afbe23a7d85121553f586cf7.
/system/core/adb/daemon/main.cpp
|
cf07494ac2a101c3afbe23a7d85121553f586cf7 |
|
06-May-2015 |
Dan Albert <danalbert@google.com> |
Split adb_main.cpp into client and daemon. The name "client" is somewhat misleading as it also contains the host side adb server, but it's a part of the client binary. Change-Id: I128b7bab213e330eb21b5010cd1fec5f7a62c8af
/system/core/adb/daemon/main.cpp
|