Skip to content

Commit 03d9410

Browse files
author
Anh Nguyen
committed
Merge tag 'android-5.1.0_r1' into HEAD
Android 5.1.0 release 1 Conflicts: fs_mgr/fs_mgr.c healthd/healthd_mode_charger.cpp include/system/audio.h rootdir/init.environ.rc.in Change-Id: I7a11f9aaf2f73854a724392625b0c2719fb2a829
2 parents 3952611 + eb25570 commit 03d9410

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

68 files changed

+1382
-407
lines changed

adb/Android.mk

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -111,6 +111,7 @@ LOCAL_SRC_FILES := \
111111
jdwp_service.c \
112112
framebuffer_service.c \
113113
remount_service.c \
114+
disable_verity_service.c \
114115
usb_linux_client.c
115116

116117
ifeq ($(call is-vendor-board-platform,QCOM),true)
@@ -125,13 +126,25 @@ ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))
125126
LOCAL_CFLAGS += -DALLOW_ADBD_ROOT=1
126127
endif
127128

129+
ifneq (,$(filter userdebug,$(TARGET_BUILD_VARIANT)))
130+
LOCAL_CFLAGS += -DALLOW_ADBD_DISABLE_VERITY=1
131+
endif
132+
128133
LOCAL_MODULE := adbd
129134

130135
LOCAL_FORCE_STATIC_EXECUTABLE := true
131136
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT_SBIN)
132137
LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_SBIN_UNSTRIPPED)
138+
LOCAL_C_INCLUDES += system/extras/ext4_utils system/core/fs_mgr/include
139+
140+
LOCAL_STATIC_LIBRARIES := liblog \
141+
libfs_mgr \
142+
libcutils \
143+
libc \
144+
libmincrypt \
145+
libselinux \
146+
libext4_utils_static
133147

134-
LOCAL_STATIC_LIBRARIES := liblog libcutils libc libmincrypt libselinux
135148
include $(BUILD_EXECUTABLE)
136149

137150

adb/adb.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -329,6 +329,7 @@ int handle_forward_request(const char* service, transport_type ttype, char* seri
329329
#if !ADB_HOST
330330
void framebuffer_service(int fd, void *cookie);
331331
void remount_service(int fd, void *cookie);
332+
void disable_verity_service(int fd, void* cookie);
332333
#endif
333334

334335
/* packet allocator */

adb/adb_auth.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
#define __ADB_AUTH_H
1919

2020
void adb_auth_init(void);
21+
int adb_auth_keygen(const char* filename);
2122
void adb_auth_verified(atransport *t);
2223

2324
void send_auth_request(atransport *t);

adb/adb_auth_host.c

Lines changed: 28 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,9 +15,12 @@
1515
*/
1616

1717
#include <stdio.h>
18+
#include <stdlib.h>
1819

1920
#ifdef _WIN32
20-
# define WIN32_LEAN_AND_MEAN
21+
# ifndef WIN32_LEAN_AND_MEAN
22+
# define WIN32_LEAN_AND_MEAN
23+
# endif
2124
# include "windows.h"
2225
# include "shlobj.h"
2326
#else
@@ -110,18 +113,34 @@ static int RSA_to_RSAPublicKey(RSA *rsa, RSAPublicKey *pkey)
110113
static void get_user_info(char *buf, size_t len)
111114
{
112115
char hostname[1024], username[1024];
113-
int ret;
116+
int ret = -1;
117+
118+
if (getenv("HOSTNAME") != NULL) {
119+
strncpy(hostname, getenv("HOSTNAME"), sizeof(hostname));
120+
hostname[sizeof(hostname)-1] = '\0';
121+
ret = 0;
122+
}
114123

115124
#ifndef _WIN32
116-
ret = gethostname(hostname, sizeof(hostname));
117125
if (ret < 0)
126+
ret = gethostname(hostname, sizeof(hostname));
118127
#endif
128+
if (ret < 0)
119129
strcpy(hostname, "unknown");
120130

131+
ret = -1;
132+
133+
if (getenv("LOGNAME") != NULL) {
134+
strncpy(username, getenv("LOGNAME"), sizeof(username));
135+
username[sizeof(username)-1] = '\0';
136+
ret = 0;
137+
}
138+
121139
#if !defined _WIN32 && !defined ADB_HOST_ON_TARGET
122-
ret = getlogin_r(username, sizeof(username));
123140
if (ret < 0)
141+
ret = getlogin_r(username, sizeof(username));
124142
#endif
143+
if (ret < 0)
125144
strcpy(username, "unknown");
126145

127146
ret = snprintf(buf, len, " %s@%s", username, hostname);
@@ -408,6 +427,11 @@ int adb_auth_get_userkey(unsigned char *data, size_t len)
408427
return ret + 1;
409428
}
410429

430+
int adb_auth_keygen(const char* filename) {
431+
adb_trace_mask |= (1 << TRACE_AUTH);
432+
return (generate_key(filename) == 0);
433+
}
434+
411435
void adb_auth_init(void)
412436
{
413437
int ret;

adb/commandline.c

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@
3636
#define TRACE_TAG TRACE_ADB
3737
#include "adb.h"
3838
#include "adb_client.h"
39+
#include "adb_auth.h"
3940
#include "file_sync_service.h"
4041

4142
static int do_cmd(transport_type ttype, char* serial, char *cmd, ...);
@@ -189,6 +190,10 @@ void help()
189190
"\n"
190191
" adb restore <file> - restore device contents from the <file> backup archive\n"
191192
"\n"
193+
" adb disable-verity - disable dm-verity checking on USERDEBUG builds\n"
194+
" adb keygen <file> - generate adb public/private key. The private key is stored in <file>,\n"
195+
" and the public key is stored in <file>.pub. Any existing files\n"
196+
" are overwritten.\n"
192197
" adb help - show this help message\n"
193198
" adb version - show version num\n"
194199
"\n"
@@ -205,8 +210,7 @@ void help()
205210
" adb reboot-bootloader - reboots the device into the bootloader\n"
206211
" adb root - restarts the adbd daemon with root permissions\n"
207212
" adb usb - restarts the adbd daemon listening on USB\n"
208-
" adb tcpip <port> - restarts the adbd daemon listening on TCP on the specified port"
209-
"\n"
213+
" adb tcpip <port> - restarts the adbd daemon listening on TCP on the specified port\n"
210214
"networking:\n"
211215
" adb ppp <tty> [parameters] - Run PPP over USB.\n"
212216
" Note: you should not automatically start a PPP connection.\n"
@@ -1437,7 +1441,7 @@ int adb_commandline(int argc, char **argv)
14371441
if(!strcmp(argv[0], "remount") || !strcmp(argv[0], "reboot")
14381442
|| !strcmp(argv[0], "reboot-bootloader")
14391443
|| !strcmp(argv[0], "tcpip") || !strcmp(argv[0], "usb")
1440-
|| !strcmp(argv[0], "root")) {
1444+
|| !strcmp(argv[0], "root") || !strcmp(argv[0], "disable-verity")) {
14411445
char command[100];
14421446
if (!strcmp(argv[0], "reboot-bootloader"))
14431447
snprintf(command, sizeof(command), "reboot:bootloader");
@@ -1720,6 +1724,11 @@ int adb_commandline(int argc, char **argv)
17201724
return restore(argc, argv);
17211725
}
17221726

1727+
if (!strcmp(argv[0], "keygen")) {
1728+
if (argc < 2) return usage();
1729+
return adb_auth_keygen(argv[1]);
1730+
}
1731+
17231732
if (!strcmp(argv[0], "jdwp")) {
17241733
int fd = adb_connect("jdwp");
17251734
if (fd >= 0) {

adb/disable_verity_service.c

Lines changed: 199 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,199 @@
1+
/*
2+
* Copyright (C) 2014 The Android Open Source Project
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
#include "sysdeps.h"
18+
19+
#define TRACE_TAG TRACE_ADB
20+
#include "adb.h"
21+
22+
#include <stdio.h>
23+
#include <stdarg.h>
24+
#include <sys/stat.h>
25+
#include <fcntl.h>
26+
#include <inttypes.h>
27+
28+
#include "cutils/properties.h"
29+
#include "ext4_sb.h"
30+
#include <fs_mgr.h>
31+
32+
#define FSTAB_PREFIX "/fstab."
33+
struct fstab *fstab;
34+
35+
__attribute__((__format__(printf, 2, 3))) __nonnull((2))
36+
static void write_console(int fd, const char* format, ...)
37+
{
38+
char buffer[256];
39+
va_list args;
40+
va_start (args, format);
41+
vsnprintf (buffer, sizeof(buffer), format, args);
42+
va_end (args);
43+
44+
adb_write(fd, buffer, strnlen(buffer, sizeof(buffer)));
45+
}
46+
47+
static int get_target_device_size(int fd, const char *blk_device,
48+
uint64_t *device_size)
49+
{
50+
int data_device;
51+
struct ext4_super_block sb;
52+
struct fs_info info;
53+
54+
info.len = 0; /* Only len is set to 0 to ask the device for real size. */
55+
56+
data_device = adb_open(blk_device, O_RDONLY | O_CLOEXEC);
57+
if (data_device < 0) {
58+
write_console(fd, "Error opening block device (%s)\n", strerror(errno));
59+
return -1;
60+
}
61+
62+
if (lseek64(data_device, 1024, SEEK_SET) < 0) {
63+
write_console(fd, "Error seeking to superblock\n");
64+
adb_close(data_device);
65+
return -1;
66+
}
67+
68+
if (adb_read(data_device, &sb, sizeof(sb)) != sizeof(sb)) {
69+
write_console(fd, "Error reading superblock\n");
70+
adb_close(data_device);
71+
return -1;
72+
}
73+
74+
ext4_parse_sb(&sb, &info);
75+
*device_size = info.len;
76+
77+
adb_close(data_device);
78+
return 0;
79+
}
80+
81+
static int disable_verity(int fd, const char *block_device,
82+
const char* mount_point)
83+
{
84+
uint32_t magic_number;
85+
const uint32_t voff = VERITY_METADATA_MAGIC_DISABLE;
86+
uint64_t device_length;
87+
int device;
88+
int retval = -1;
89+
90+
device = adb_open(block_device, O_RDWR | O_CLOEXEC);
91+
if (device == -1) {
92+
write_console(fd, "Could not open block device %s (%s).\n",
93+
block_device, strerror(errno));
94+
write_console(fd, "Maybe run adb remount?\n");
95+
goto errout;
96+
}
97+
98+
// find the start of the verity metadata
99+
if (get_target_device_size(fd, (char*)block_device, &device_length) < 0) {
100+
write_console(fd, "Could not get target device size.\n");
101+
goto errout;
102+
}
103+
104+
if (lseek64(device, device_length, SEEK_SET) < 0) {
105+
write_console(fd,
106+
"Could not seek to start of verity metadata block.\n");
107+
goto errout;
108+
}
109+
110+
// check the magic number
111+
if (adb_read(device, &magic_number, sizeof(magic_number))
112+
!= sizeof(magic_number)) {
113+
write_console(fd, "Couldn't read magic number!\n");
114+
goto errout;
115+
}
116+
117+
if (magic_number == VERITY_METADATA_MAGIC_DISABLE) {
118+
write_console(fd, "Verity already disabled on %s\n", mount_point);
119+
goto errout;
120+
}
121+
122+
if (magic_number != VERITY_METADATA_MAGIC_NUMBER) {
123+
write_console(fd,
124+
"Couldn't find verity metadata at offset %"PRIu64"!\n",
125+
device_length);
126+
goto errout;
127+
}
128+
129+
if (lseek64(device, device_length, SEEK_SET) < 0) {
130+
write_console(fd,
131+
"Could not seek to start of verity metadata block.\n");
132+
goto errout;
133+
}
134+
135+
if (adb_write(device, &voff, sizeof(voff)) != sizeof(voff)) {
136+
write_console(fd, "Could not set verity disabled flag on device %s\n",
137+
block_device);
138+
goto errout;
139+
}
140+
141+
write_console(fd, "Verity disabled on %s\n", mount_point);
142+
retval = 0;
143+
errout:
144+
if (device != -1)
145+
adb_close(device);
146+
return retval;
147+
}
148+
149+
void disable_verity_service(int fd, void* cookie)
150+
{
151+
#ifdef ALLOW_ADBD_DISABLE_VERITY
152+
char fstab_filename[PROPERTY_VALUE_MAX + sizeof(FSTAB_PREFIX)];
153+
char propbuf[PROPERTY_VALUE_MAX];
154+
int i;
155+
bool any_disabled = false;
156+
157+
property_get("ro.secure", propbuf, "0");
158+
if (strcmp(propbuf, "1")) {
159+
write_console(fd, "verity not enabled - ENG build\n");
160+
goto errout;
161+
}
162+
163+
property_get("ro.debuggable", propbuf, "0");
164+
if (strcmp(propbuf, "1")) {
165+
write_console(fd, "verity cannot be disabled - USER build\n");
166+
goto errout;
167+
}
168+
169+
property_get("ro.hardware", propbuf, "");
170+
snprintf(fstab_filename, sizeof(fstab_filename), FSTAB_PREFIX"%s", propbuf);
171+
172+
fstab = fs_mgr_read_fstab(fstab_filename);
173+
if (!fstab) {
174+
write_console(fd, "Failed to open %s\nMaybe run adb root?\n",
175+
fstab_filename);
176+
goto errout;
177+
}
178+
179+
/* Loop through entries looking for ones that vold manages */
180+
for (i = 0; i < fstab->num_entries; i++) {
181+
if(fs_mgr_is_verified(&fstab->recs[i])) {
182+
if (!disable_verity(fd, fstab->recs[i].blk_device,
183+
fstab->recs[i].mount_point)) {
184+
any_disabled = true;
185+
}
186+
}
187+
}
188+
189+
if (any_disabled) {
190+
write_console(fd,
191+
"Now reboot your device for settings to take effect\n");
192+
}
193+
#else
194+
write_console(fd, "disable-verity only works for userdebug builds\n");
195+
#endif
196+
197+
errout:
198+
adb_close(fd);
199+
}

adb/get_my_path_darwin.c

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -19,12 +19,12 @@
1919

2020
void get_my_path(char *s, size_t maxLen)
2121
{
22-
ProcessSerialNumber psn;
23-
GetCurrentProcess(&psn);
24-
CFDictionaryRef dict;
25-
dict = ProcessInformationCopyDictionary(&psn, 0xffffffff);
26-
CFStringRef value = (CFStringRef)CFDictionaryGetValue(dict,
27-
CFSTR("CFBundleExecutable"));
28-
CFStringGetCString(value, s, maxLen, kCFStringEncodingUTF8);
22+
CFBundleRef mainBundle = CFBundleGetMainBundle();
23+
CFURLRef executableURL = CFBundleCopyExecutableURL(mainBundle);
24+
CFStringRef executablePathString = CFURLCopyFileSystemPath(executableURL, kCFURLPOSIXPathStyle);
25+
CFRelease(executableURL);
26+
27+
CFStringGetFileSystemRepresentation(executablePathString, s, maxLen);
28+
CFRelease(executablePathString);
2929
}
3030

0 commit comments

Comments
 (0)