android 的源码代码是android4.04
下载jdk6.编写jdk.sh脚本如下:
export JAVA_HOME=/home/hj/jdk6/jdk1.6.0_38
export JAVA_BIN=/home/hj/jdk6/jdk1.6.0_38/bin
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
setsebool allow_execstack=1
source ./jdk.sh
下载内核
git clone https://android.googlesource.com/kernel/goldfish.git
git branch -r
git chechout remotes/origin/android-goldfish-2.6.29
patch -p1 < yaffs_xattr.patch
编译内核,支持smack
$ export ARCH=arm
$ export SUBARCH=arm
$ export CROSS_COMPILE=arm-eabi-
make goldfish_armv7_defconfig (注意不是goldfish_defconfig)
make menuconfig
vim security/smack/Kconfig (可以看到smack的依赖关系)
Symbol: SECURITY_SMACK [=n] (第四个选) │
│ Prompt: Simplified Mandatory Access Control Kernel Support │
│ Defined at security/smack/Kconfig:1 │
│ Depends on: NETLABEL && SECURITY_NETWORK │
│ Location: │
│ -> Security options
Symbol: NETLABEL [=n] (第二个选) │
│ Prompt: NetLabel subsystem support │
│ Defined at net/netlabel/Kconfig:5 │
│ Depends on: NET && INET && SECURITY │
│ Location: │
│ -> Networking support (NET [=y]) │
│ -> Networking options │
│ -> TCP/IP networking (INET [=y])
Symbol: NET [=y] │
│ Prompt: Networking support │
│ Defined at net/Kconfig:5 │
│ Selected by: SCSI_NETLINK
Symbol: INET [=y] │
│ Prompt: TCP/IP networking │
│ Defined at net/Kconfig:35 │
│ Depends on: NET │
│ Location: │
│ -> Networking support (NET [=y]) │
│ -> Networking options
Symbol: SECURITY [=n] (第一个选) │
│ Prompt: Enable different security models │
│ Defined at security/Kconfig:42 │
│ Depends on: SYSFS │
│ Location: │
│ -> Security options
Symbol: SECURITY_NETWORK [=n] (第三个选) │
│ Prompt: Socket and Networking Security Hooks │
│ Defined at security/Kconfig:62 │
│ Depends on: SECURITY │
│ Location: │
│ -> Security options
yaffs2_xattr的属性加入
yaffs_xattr和yaffs_security_labels。这些配置比较简单,都一起,不用乱找。在miscellaneous filesystem中。
make -j2
制作启动模拟器脚本
export ANDROID_PRODUCT_OUT=/home/hj/code/yaomingyue_android404/android-4.0.4/out/target/product/generic
export PATH=$PATH:/home/hj/code/yaomingyue_android404/android-4.0.4/out/host/linux-x86/bin
emulator -shell-serial stdio -qemu -s -append security=smack -partition-size 256
adb shell 进入android模拟器执行脚本
mount -o remount,rw /
mkdir /smack
mount -t smackfs smackfs /smack
export PATH=/data/smack_utils:$PATH
这下可以打标签测试了:电话本位置 /data/data/com.android.providers.contacts/databases/contacts2.db
chsmack -a other contacts2.db 不能访问电话本了
chsmack -a _ contacts2.db 恢复访问电话本
echo ^ > /smack/ambient 不能上网
2819
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
