diff options
| author | Josh Gao <jmgao@google.com> | 2020-06-25 22:45:47 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2020-06-25 22:45:47 +0000 |
| commit | f4facf26144de0efcdb3806e6fc852b5be9c9501 (patch) | |
| tree | fac27ce1689adcb4d9f32cf0734730cedc18cb36 | |
| parent | c8fbf80edd7b1728cf746a4c3dafbddd81200f37 (diff) | |
| parent | 9e933c54793f56a9c66cba353d997a38d5598d9c (diff) | |
| download | native-f4facf26144de0efcdb3806e6fc852b5be9c9501.tar.gz | |
Merge changes from topic "adbd_auth_dump" into rvc-dev
* changes:
adbd_auth: return auth id when requesting a prompt.
adbd_auth: improve logging.
| -rw-r--r-- | libs/adbd_auth/adbd_auth.cpp | 69 | ||||
| -rw-r--r-- | libs/adbd_auth/include/adbd_auth.h | 20 | ||||
| -rw-r--r-- | libs/adbd_auth/libadbd_auth.map.txt | 1 |
3 files changed, 57 insertions, 33 deletions
diff --git a/libs/adbd_auth/adbd_auth.cpp b/libs/adbd_auth/adbd_auth.cpp index 5a0d3f6168..0e5d474612 100644 --- a/libs/adbd_auth/adbd_auth.cpp +++ b/libs/adbd_auth/adbd_auth.cpp @@ -83,28 +83,28 @@ public: InitFrameworkHandlers(); epoll_fd_.reset(epoll_create1(EPOLL_CLOEXEC)); if (epoll_fd_ == -1) { - PLOG(FATAL) << "failed to create epoll fd"; + PLOG(FATAL) << "adbd_auth: failed to create epoll fd"; } event_fd_.reset(eventfd(0, EFD_CLOEXEC | EFD_NONBLOCK)); if (event_fd_ == -1) { - PLOG(FATAL) << "failed to create eventfd"; + PLOG(FATAL) << "adbd_auth: failed to create eventfd"; } sock_fd_.reset(android_get_control_socket("adbd")); if (sock_fd_ == -1) { - PLOG(ERROR) << "failed to get adbd authentication socket"; + PLOG(ERROR) << "adbd_auth: failed to get adbd authentication socket"; } else { if (fcntl(sock_fd_.get(), F_SETFD, FD_CLOEXEC) != 0) { - PLOG(FATAL) << "failed to make adbd authentication socket cloexec"; + PLOG(FATAL) << "adbd_auth: failed to make adbd authentication socket cloexec"; } if (fcntl(sock_fd_.get(), F_SETFL, O_NONBLOCK) != 0) { - PLOG(FATAL) << "failed to make adbd authentication socket nonblocking"; + PLOG(FATAL) << "adbd_auth: failed to make adbd authentication socket nonblocking"; } if (listen(sock_fd_.get(), 4) != 0) { - PLOG(FATAL) << "failed to listen on adbd authentication socket"; + PLOG(FATAL) << "adbd_auth: failed to listen on adbd authentication socket"; } } } @@ -146,7 +146,7 @@ public: struct epoll_event event; event.events = EPOLLIN; if (!output_queue_.empty()) { - LOG(INFO) << "marking framework writable"; + LOG(INFO) << "adbd_auth: marking framework writable"; event.events |= EPOLLOUT; } event.data.u64 = kEpollConstFramework; @@ -155,7 +155,7 @@ public: } void ReplaceFrameworkFd(unique_fd new_fd) REQUIRES(mutex_) { - LOG(INFO) << "received new framework fd " << new_fd.get() + LOG(INFO) << "adbd_auth: received new framework fd " << new_fd.get() << " (current = " << framework_fd_.get() << ")"; // If we already had a framework fd, clean up after ourselves. @@ -170,7 +170,7 @@ public: struct epoll_event event; event.events = EPOLLIN; if (!output_queue_.empty()) { - LOG(INFO) << "marking framework writable"; + LOG(INFO) << "adbd_auth: marking framework writable"; event.events |= EPOLLOUT; } event.data.u64 = kEpollConstFramework; @@ -180,10 +180,10 @@ public: } void HandlePacket(std::string_view packet) EXCLUDES(mutex_) { - LOG(INFO) << "received packet: " << packet; + LOG(INFO) << "adbd_auth: received packet: " << packet; if (packet.size() < 2) { - LOG(ERROR) << "received packet of invalid length"; + LOG(ERROR) << "adbd_auth: received packet of invalid length"; std::lock_guard<std::mutex> lock(mutex_); ReplaceFrameworkFd(unique_fd()); } @@ -197,7 +197,7 @@ public: } } if (!handled_packet) { - LOG(ERROR) << "unhandled packet: " << packet; + LOG(ERROR) << "adbd_auth: unhandled packet: " << packet; std::lock_guard<std::mutex> lock(mutex_); ReplaceFrameworkFd(unique_fd()); } @@ -273,14 +273,14 @@ public: iovs[2].iov_base = p->public_key.data(); iovs[2].iov_len = p->public_key.size(); } else { - LOG(FATAL) << "unhandled packet type?"; + LOG(FATAL) << "adbd_auth: unhandled packet type?"; } output_queue_.pop_front(); ssize_t rc = writev(framework_fd_.get(), iovs, iovcnt); if (rc == -1 && errno != EAGAIN && errno != EWOULDBLOCK) { - PLOG(ERROR) << "failed to write to framework fd"; + PLOG(ERROR) << "adbd_auth: failed to write to framework fd"; ReplaceFrameworkFd(unique_fd()); return false; } @@ -290,7 +290,7 @@ public: void Run() { if (sock_fd_ == -1) { - LOG(ERROR) << "adbd authentication socket unavailable, disabling user prompts"; + LOG(ERROR) << "adbd_auth: socket unavailable, disabling user prompts"; } else { struct epoll_event event; event.events = EPOLLIN; @@ -309,9 +309,9 @@ public: struct epoll_event events[3]; int rc = TEMP_FAILURE_RETRY(epoll_wait(epoll_fd_.get(), events, 3, -1)); if (rc == -1) { - PLOG(FATAL) << "epoll_wait failed"; + PLOG(FATAL) << "adbd_auth: epoll_wait failed"; } else if (rc == 0) { - LOG(FATAL) << "epoll_wait returned 0"; + LOG(FATAL) << "adbd_auth: epoll_wait returned 0"; } bool restart = false; @@ -326,7 +326,7 @@ public: unique_fd new_framework_fd(accept4(sock_fd_.get(), nullptr, nullptr, SOCK_CLOEXEC | SOCK_NONBLOCK)); if (new_framework_fd == -1) { - PLOG(FATAL) << "failed to accept framework fd"; + PLOG(FATAL) << "adbd_auth: failed to accept framework fd"; } LOG(INFO) << "adbd_auth: received a new framework connection"; @@ -344,7 +344,8 @@ public: uint64_t dummy; int rc = TEMP_FAILURE_RETRY(read(event_fd_.get(), &dummy, sizeof(dummy))); if (rc != 8) { - PLOG(FATAL) << "failed to read from eventfd (rc = " << rc << ")"; + PLOG(FATAL) + << "adbd_auth: failed to read from eventfd (rc = " << rc << ")"; } std::lock_guard<std::mutex> lock(mutex_); @@ -357,9 +358,9 @@ public: if (event.events & EPOLLIN) { int rc = TEMP_FAILURE_RETRY(read(framework_fd_.get(), buf, sizeof(buf))); if (rc == -1) { - LOG(FATAL) << "failed to read from framework fd"; + LOG(FATAL) << "adbd_auth: failed to read from framework fd"; } else if (rc == 0) { - LOG(INFO) << "hit EOF on framework fd"; + LOG(INFO) << "adbd_auth: hit EOF on framework fd"; std::lock_guard<std::mutex> lock(mutex_); ReplaceFrameworkFd(unique_fd()); } else { @@ -386,10 +387,10 @@ public: void IteratePublicKeys(bool (*callback)(void*, const char*, size_t), void* opaque) { for (const auto& path : key_paths) { if (access(path, R_OK) == 0) { - LOG(INFO) << "Loading keys from " << path; + LOG(INFO) << "adbd_auth: loading keys from " << path; std::string content; if (!android::base::ReadFileToString(path, &content)) { - PLOG(ERROR) << "Couldn't read " << path; + PLOG(ERROR) << "adbd_auth: couldn't read " << path; continue; } for (const auto& line : android::base::Split(content, "\n")) { @@ -405,6 +406,7 @@ public: uint64_t id = NextId(); std::lock_guard<std::mutex> lock(mutex_); + LOG(INFO) << "adbd_auth: sending prompt with id " << id; pending_prompts_.emplace_back(id, public_key, arg); DispatchPendingPrompt(); return id; @@ -423,7 +425,7 @@ public: std::lock_guard<std::mutex> lock(mutex_); auto it = keys_.find(id); if (it == keys_.end()) { - LOG(DEBUG) << "couldn't find public key to notify disconnection, skipping"; + LOG(DEBUG) << "adbd_auth: couldn't find public key to notify disconnection, skipping"; return; } output_queue_.emplace_back(AdbdAuthPacketDisconnected{.public_key = std::move(it->second)}); @@ -446,7 +448,8 @@ public: std::lock_guard<std::mutex> lock(mutex_); auto it = keys_.find(id); if (it == keys_.end()) { - LOG(DEBUG) << "couldn't find public key to notify disconnection of tls device, skipping"; + LOG(DEBUG) << "adbd_auth: couldn't find public key to notify disconnection of tls " + "device, skipping"; return; } output_queue_.emplace_back(AdbdPacketTlsDeviceDisconnected{ @@ -461,9 +464,9 @@ public: uint64_t value = 1; ssize_t rc = write(event_fd_.get(), &value, sizeof(value)); if (rc == -1) { - PLOG(FATAL) << "write to eventfd failed"; + PLOG(FATAL) << "adbd_auth: write to eventfd failed"; } else if (rc != sizeof(value)) { - LOG(FATAL) << "write to eventfd returned short (" << rc << ")"; + LOG(FATAL) << "adbd_auth: write to eventfd returned short (" << rc << ")"; } } @@ -516,8 +519,9 @@ AdbdAuthContext* adbd_auth_new(AdbdAuthCallbacks* callbacks) { if (callbacks->version == 1) { return new AdbdAuthContext(reinterpret_cast<AdbdAuthCallbacksV1*>(callbacks)); } else { - LOG(ERROR) << "received unknown AdbdAuthCallbacks version " << callbacks->version; - return nullptr; + LOG(ERROR) << "adbd_auth: received unknown AdbdAuthCallbacks version " + << callbacks->version; + return nullptr; } } @@ -545,7 +549,12 @@ void adbd_auth_notify_disconnect(AdbdAuthContext* ctx, uint64_t id) { void adbd_auth_prompt_user(AdbdAuthContext* ctx, const char* public_key, size_t len, void* opaque) { - ctx->PromptUser(std::string_view(public_key, len), opaque); + adbd_auth_prompt_user_with_id(ctx, public_key, len, opaque); +} + +uint64_t adbd_auth_prompt_user_with_id(AdbdAuthContext* ctx, const char* public_key, size_t len, + void* opaque) { + return ctx->PromptUser(std::string_view(public_key, len), opaque); } uint64_t adbd_auth_tls_device_connected(AdbdAuthContext* ctx, diff --git a/libs/adbd_auth/include/adbd_auth.h b/libs/adbd_auth/include/adbd_auth.h index 6ee3166e3a..8f834df62b 100644 --- a/libs/adbd_auth/include/adbd_auth.h +++ b/libs/adbd_auth/include/adbd_auth.h @@ -122,9 +122,23 @@ void adbd_auth_notify_disconnect(AdbdAuthContext* ctx, * @param len the length of the public_key argument * @param arg an opaque userdata argument */ -void adbd_auth_prompt_user(AdbdAuthContext* ctx, - const char* public_key, - size_t len, void* opaque) __INTRODUCED_IN(30); +void adbd_auth_prompt_user(AdbdAuthContext* ctx, const char* public_key, size_t len, void* opaque) + __INTRODUCED_IN(30); + +/** + * Prompt the user to authorize a public key. + * + * When this happens, a callback will be run on the auth thread with the result. + * + * @param ctx the AdbdAuthContext + * @param public_key the RSA public key to prompt user with + * @param len the length of the public_key argument + * @param arg an opaque userdata argument + * @return a unique id which will be returned via callback + */ +__attribute__((weak)) uint64_t adbd_auth_prompt_user_with_id(AdbdAuthContext* ctx, + const char* public_key, size_t len, + void* opaque) __INTRODUCED_IN(30); /** * Let system_server know that a TLS device has connected. diff --git a/libs/adbd_auth/libadbd_auth.map.txt b/libs/adbd_auth/libadbd_auth.map.txt index 5857ecb98e..7584ca3f53 100644 --- a/libs/adbd_auth/libadbd_auth.map.txt +++ b/libs/adbd_auth/libadbd_auth.map.txt @@ -7,6 +7,7 @@ LIBADBD_AUTH { adbd_auth_notify_auth; # apex introduced=30 adbd_auth_notify_disconnect; # apex introduced=30 adbd_auth_prompt_user; # apex introduced=30 + adbd_auth_prompt_user_with_id; # apex introduced=30 adbd_auth_tls_device_connected; # apex introduced=30 adbd_auth_tls_device_disconnected; # apex introduced=30 adbd_auth_get_max_version; # apex introduced=30 |