Android 启动过程

最新推荐文章于 2024-04-01 12:51:25 发布

liranke

最新推荐文章于 2024-04-01 12:51:25 发布

阅读量4.4k

点赞数

分类专栏： Android系统源码分析文章标签： android signal system server socket service

本文链接：https://blog.csdn.net/liranke/article/details/4694989

版权

Android系统源码分析专栏收录该内容

49 篇文章 41 订阅

订阅专栏

Android 初始化流程,从init.c开始

说明：我已经以word文档的格式将这部分内容上传到我我的资源列表中，感兴趣的朋友可以去下载：

下载地址：http://liranke.download.csdn.net/

Init.c

1.1 Main function

Init is the first process after kernel is started.

1.1.1 Process step:

1. Mount basic file system, and nitialize log system.

2. Parse /init.rc and /init.%hardware%.rc.

3. Execute early-init action in init.rc.

4. Device specific initialize.

5. Initialize property system, and load android image, then print” ANDROID”.

6. Execute init action in init.rc.

7. Start property service.

8. Execute early-boot and boot actions in init.rc.

9. Execute property action in init.rc.

10. Enter into an indefinite loop to wait for device/property set/child process exit events. For example, if an SD card is plugined, init will receive a device add event, so it can make node for the device. Most of the important process is forked in init, so if any of them crashed, init will receive a SIGCHLD then translate it into a child process exit event, so in the loop init can handle the process exit event and execute the commands defined in *.rc(it will run command onrestart).

1.1.2 Start services:

The .rc file is a script file defined by Android. The default is device/system/rootdir/init.rc. We can take a loot at the file format(device/system/init/readme.txt is a good overall introduction of the script). Basically the script file contains actions and services.

Init.rc will run the following services:

console: star a shell. The source is in device/system/bin/sh.

adbd: start adb daemon. The source is in device/tools/adbd. By default is disabled.

servicemanager: start binder system. The source is in device/commands/binder.

mountd: mount all fs defined in /system/etc/mountd.conf if started, receive commands through local socket to mount any fs. The source is in device/system/bin/mountd.

debuggerd: start debug system. The source is in device/system/bin/debuggerd.

rild: start radio interface layer daemon. The source is in device/commands/rild.

zygote: start Android Java Runtime and start system server. It’s the most important service. The source is in device/servers/app.

media: start AudioFlinger, MediaPlayerService and CameraService. The source is in device/commands/mediaserver.

bootsound: play the default boot sound /system/media/audio/ui/boot.mp3. The source is in device/commands/playmp3.

dbus: start dbus daemon, it’s only used by BlueZ. The source is in device/system/Bluetooth/dbus-daemon.

hcid: redirect hcid’s stdout and stderr to the Android logging system. The source is in device/system/bin/logwrapper. By default is disabled.

hfag: start Bluetooth handsfree audio gateway, it’s only used by BlueZ. The source is in device/system/Bluetooth/bluez-utils. By default is disabled.

hsag: start Bluetooth headset audio gateway, it’s only used by BlueZ. The source is in device/system/Bluetooth/bluez-utils. By default is disabled.

installd: start install package daemon. The source is in device/servers/installd.

flash_recovery: load /system/recovery.img. The source is in device/commands/recovery/mtdutils.

1.2 Flow chart：

1.2.1 Flow chart:

1.3 Analyse：

1.3.1 FD:

FD Include :

device _fd, property_set_fd, signal_recv_fd, signal_fd(global value)

ufds: struct pollfd ufds[4] ={ device _fd , property_set_fd , signal_recv_fd , keychord_fd }

1. device_fd

2. property_set_fd

(1)

(2) Property_set_fd C/S chart:

#define PROP_SERVICE_NAME "property_service"

3. signal_recv_fd

signal_recv_fd and signal_fd:

/* create a signalling mechanism for the sigchld handler */

if (socketpair(AF_UNIX, SOCK_STREAM, 0, s) == 0) {

signal_fd = s[0];

signal_recv_fd = s[1];

fcntl(s[0], F_SETFD, FD_CLOEXEC);

fcntl(s[0], F_SETFL, O_NONBLOCK);

fcntl(s[1], F_SETFD, FD_CLOEXEC);

fcntl(s[1], F_SETFL, O_NONBLOCK);

}

……

//read signal

read(signal_recv_fd, tmp, sizeof(tmp);

while (!wait_for_one_process(0)); //阻塞

4. signal_fd( see to signal_recv_fd)

1.4 Data structure

1.5 System status

1.5.1 Ｐrocess list

USER PID PPID VSIZE RSS WCHAN PC NAME

root 1 0 548 196 c00b8c14 0000d5cc S /init

root 2 0 0 0 c006bf70 00000000 S kthreadd

root 3 2 0 0 c005cc50 00000000 S ksoftirqd/0

root 4 2 0 0 c007e408 00000000 S watchdog/0

root 5 2 0 0 c0068eec 00000000 S events/0

root 6 2 0 0 c0068eec 00000000 S khelper

root 10 2 0 0 c0224f90 00000000 S suspend/0

root 81 2 0 0 c0068eec 00000000 S kblockd/0

root 89 2 0 0 c01f2f7c 00000000 S kseriod

root 111 2 0 0 c0068eec 00000000 S kmmcd

root 117 2 0 0 c0068eec 00000000 S btaddconn

root 118 2 0 0 c0068eec 00000000 S btdelconn

root 135 2 0 0 c00448e0 00000000 S bpmd

root 141 2 0 0 c008b5f4 00000000 S pdflush

root 142 2 0 0 c008b5f4 00000000 S pdflush

root 143 2 0 0 c008f948 00000000 S kswapd0

root 189 2 0 0 c0068eec 00000000 S aio/0

root 195 2 0 0 c01721f0 00000000 S mtdblockd

root 340 2 0 0 c01b4eb0 00000000 S accessory notif

root 349 2 0 0 c0068eec 00000000 S camera_task/0

root 376 2 0 0 c0061438 00000000 S w1_control

root 378 2 0 0 c0061438 00000000 S w1_bus_master1

root 386 2 0 0 c0068eec 00000000 S charge

root 428 2 0 0 c02ca26c 00000000 S krfcommd

root 430 2 0 0 c0068eec 00000000 S rpciod/0

root 724 2 0 0 c0216908 00000000 S mmcqd

root 726 1 772 180 c019dbc4 afe0c1dc S /system/bin/sh

system 727 1 840 188 c022d8a0 afe0c47c S /system/bin/servicemanager

root 729 1 1920 336 ffffffff afe0c1dc S /system/bin/mountd

root 730 1 704 176 c0257854 afe0ce0c S /system/bin/debuggerd

root 731 1 4132 628 c027e2f8 afe0ce0c S /opl/bin/tcmd

root 732 1 852 248 c00b92b0 afe0c5a4 S /opl/bin/adapter

radio 733 1 12796 648 ffffffff beaab18c S /system/bin/rild

root 734 1 72000 14172 c00b92b0 afe0c5a4 S zygote

root 735 1 33848 4512 ffffffff afe0c47c S /system/bin/mediaserver

root 736 1 1080 216 c00b8c14 bedc021c S /system/bin/dbus-daemon

root 737 1 832 208 c02b6e80 afe0c1dc S /system/bin/installd

root 740 1 856 260 c00b92b0 afe0c5a4 S /opl/bin/bpd

root 741 1 828 172 c00b8c14 afe0d27c S /opl/bin/battmond

root 768 1 720 272 c02265ec afe0c1dc S /system/bin/logcat

root 769 1 716 264 c02265ec afe0c1dc S /system/bin/logcat

root 816 2 0 0 c0068eec 00000000 S battery.0

system 825 734 574128 28360 ffffffff afe0c47c S system_server

radio 877 734 158260 20040 ffffffff afe0d404 S com.android.phone

app_5 879 734 100888 13616 ffffffff afe0d404 S android.process.acore

system 882 734 144664 24296 ffffffff afe0d404 S android.process.omsservice

app_45 884 734 92304 10932 ffffffff afe0d404 S com.motorola.motohome

app_22 890 734 117068 30228 ffffffff afe0d404 S oms.home

app_3 918 734 98760 12652 ffffffff afe0d404 S oms.widgetmanager

app_5 928 734 100888 13336 ffffffff afe0d404 S com.android.inputmethod.borqs

app_24 930 734 105176 19168 ffffffff afe0d404 S com.db4o.servo.search

app_18 960 734 104180 15208 ffffffff afe0d404 S com.android.mms

app_8 979 734 118860 14044 ffffffff afe0d404 S android.process.media

app_9 991 734 91980 12264 ffffffff afe0d404 S com.android.alarmclock

app_15 998 734 103144 12908 ffffffff afe0d404 S oms.dcd

system 1018 734 94732 13792 ffffffff afe0d404 S oms.dm

app_14 1025 734 95636 13036 ffffffff afe0d404 S com.android.calendar

app_42 1041 734 93292 11316 ffffffff afe0d404 S com.motorola.smsautoreg

app_40 1090 734 97152 15192 ffffffff afe0d404 S com.motorola.mtc

app_38 1102 734 93832 12868 ffffffff afe0d404 S com.streamezzo.browser.android

app_26 1115 734 96596 15084 ffffffff afe0d404 S oms.mediacenter

app_37 1126 734 98208 15212 ffffffff afe0d404 S com.hyfsoft.docviewer

app_20 1146 734 99260 15320 ffffffff afe0d404 S com.android.music

app_47 1157 734 100204 15964 ffffffff afe0d404 S com.motorola.camera

app_11 1183 734 122672 23576 ffffffff afe0d404 S com.android.browser

app_6 1199 734 117032 20388 ffffffff afe0d404 S oms.mobilemusic

system 1244 734 99292 15940 ffffffff afe0d404 S com.android.settings

app_23 1311 734 96932 16004 ffffffff afe0d404 S oms.bru

root 1334 2 0 0 c0216908 00000000 S mmcqd

app_8 1351 734 100308 15876 ffffffff afe0d404 S com.android.camera

app_1 1424 734 111904 17024 ffffffff afe0d404 S oms.messaging

app_4 1436 734 101172 15504 ffffffff afe0d404 S oms.mail

app_2 1484 734 100716 18128 ffffffff afe0d404 S com.ms

app_16 1663 734 101024 16748 ffffffff afe0d404 S oms.android.filemanager

root 1684 1 3364 176 ffffffff 0000e8f4 S /sbin/adbd

root 1692 1684 776 348 c0059cd4 afe0d0ac S /system/bin/sh

root 1724 1692 920 356 00000000 afe0c1dc R ps

从真正的应用层的角度来看，所有的应用程序（如settings,media……）的父进程都是zygote. 因为任何一个应用都是一个VM。

2 Adbd

Default is disable.

3 Servicemanager

3.1 Introcuce

3.2 Flow chart

3.3 Analyse

3.4 Data structure

3.5 Questions

1. 从进程的角度来看，在zygote_run_oneshot中创建的pid是servicemanager的子进程。

2. 在zygote_run_oneshot中，socket_local_client对ZYGOTE_SOCKET（"zygote"）进行了connect.

随后，又调用了pid = send_request(fd, 0, newargc, newargv);创建了一个pid,，而且，在这个函数中，进行了数据的发送与接收

3. 在run中，也进行了很多操作，主要是进行了pthread的创建。

4 Mountd

4.1 Introduce

4.2 Chart

1. flow:

Mountd.c：

ReadConfigFile（"/system/etc/mountd.conf"）；

StartAutoMounter（）; //在这里，调用了MountDevices和pthread_create.

return RunServer();

RunServer function:

Step1: get socket "mountd" à

Step2: listen

Step3: 阻塞, as below：

while (1)

{

Read

}

典型的server, 那么，client就是各个设备驱动.

4.3 Analyse

4.4 Other

5 Debuggerd

5.1 Introduce

5.2 Chart

这里，既有client,也有server。

5.3 Analyse

5.4 Other

6 Rild

6.1 Introduce

6.2 Chart

6.2.1 RIL Architecture:

6.2.2 RIL Flow:

6.3 Analyse

Refernce telephony.rar doc

7 Zygote

7.1 Introduce

It is the first Dalvik VM

7.2 Chart

7.3 Analyse

7.3.1 Introduce

1. from network

Zygote service does the following tasks step by step:

1. Create JAVA VM

2. Register android native function for JAVA VM.

3. Call the main function in the JAVA class named

com.android.internal.os.ZygoteInit whose source is device/java/android/com/android/internal/os/ZygoteInit.java.

a) Load ZygoteInit class

b) Register zygote socket

c) Load preload classes(the default file is device/java/android/preloaded-classes)

d) Load preload resources

e) Call Zygote::forkSystemServer (implemented in device/dalvik/vm/InternalNative.c) to fork a new process. In the new process, call the main function in the JAVA class named com.android.server.SystemServer, whose source is in device/java/services/com/android/server.

i. Load libandroid_servers.so

ii. Call JNI native init1 function implemented in device/libs/android_servers/com_android_server_SystemServers. It only calls system_init implemented in device/servers/system/library/system_init.cpp.

. If running on simulator, instantiate AudioFlinger, MediaPlayerService and CameraService here.

. Call init2 function in JAVA class named com.android.server.SystemServer, whose source is in device/java/services/com/android/server. This function is very critical for Android because it start all of Android JAVA services.

. If not running on simulator, call IPCThreadState::self()->joinThreadPool() to enter into service dispatcher.

2. from qcom

Zygote daemon(first Dalvik VM)

Starts rutime process

Starts service manager – lookup service for binder.

Sends command to Zyhgote to start system server.

System server.

System server starts up surface flinger, audio flinger, which registers with the service manager.

Starts up all core services, which also registers with the service manger via a java proxy(how to do?)

Activity manager sends a command to Zygote to start home process with its own dalvik VM.

Home task may start other applications, which run in their own VM.

3. SP(smart pointer)

用到了智能指针。

7.3.2 startSystemServer

1. 由于前面的servicemanager（runtime）已经初始化，所以，这里的zygoteinit可以是java代码。

2. registerZygoteSocket创建的socket名为“ANDROID_SOCKET_zygote”，从创建过程不难看出，这是一个server；

3. preloadClasses():正如注释中所说的一样，“Performs Zygote process initialization. Loads and initializes commonly used classes”；有log信息，通过调用Log.i(TAG, "Preloading classes..."); load count and used time: preloaded 1166 classes in 8951ms；另外，有哪些资源被load了，共有48+15个。