The Xposed Framework
From the website of Cydia substrate. Is this similar to Xposed on Android?
http://www.cydiasubstrate.com/id/34058d37-3198-414f-a696-73e97e0a80db/
Some developers may have noticed thatSubstrate bears many similarities to a framework called Xposed that wasreleased at the end of March 2012. In the last year, the developer of thislibrary has put a lot of good work into it, attempting to foster促进 a community of developers who arebeginning to use it to accomplish完成 someinteresting packages.
Now, to be clear, as I'm certain this isthe first place where peoples' minds go when they see me suddenly release asimilar library: I did not know that this framework existed until January of2013, and had thereby been working on Substrate for Android for literally yearsbefore having discovered it. Please understand that Substrate is not a"rip-off偷窃";P.
That said, at some level the libraries arefairly similar: the core mechanism核心机制 by which a method is hooked in Xposed(swapping it out交换出来for a JNI implementation安装启用) is actually the same one that I described in the talk Igave on Substrate at a conference called Android Open in 2011. The result isthat there are some similarities in the functionality offered by the twoframeworks.
Thankfully, Substrate's injection mechanism注入机制 doesnot conflict with the one used by Xposed: therefore, if users or developerswould like to have both frameworks installed, that is actually possible. Thereare some places where the two libraries "disagree" (such as Xposed totally removing the Java securitymodel that Substrate preserves), butthe resulting behavior is harmless.
I thereby因此 hope that everyone involved, from thedeveloper of Xposed to the people who may currently be developing extensionsfor it, are able to look at Substrate not as an evil incursion入侵, but asa powerful option. I really wasn't attempting to ruffle扰乱 anyfeathers种类here: I've just been working—for much longer than I would have liked ;P—tobring the functionality we have on iOS to Android.
The goal of this article is thereby todocument证明the differences between these frameworks so that people can understand why Istill chose to release发布 Substrate. There are a few ways in which I hope developerswill find the work I've put into Android Substrate over the last few years tobe valuable enough to at least consider using Substrate instead of Xposed.
Security
One of the first questions on the minds ofpeople [ opening their devices up to rampant猖獗的蔓延的 code modifications ] is in what ways thelibrary can ensure that applications are not secretly installing extensions [ thatcan then modify other software without the knowledge of the user ]... putdifferently, what keeps you from installing a game today and having your bankpassword stolen tomorrow.
Xposed does not offer any kind of securitysystem for this: any application can register itself as a provider of Xposedmodules. In comparison, Substrate integrates with结合了 the Android permission system, requiringapplications that wish to modify the code of other applications to clearly andexplicitly明白准确地request that functionality as they are installed.
Safety
Having worked with Substrate on iOS now inan ecosystem生态系统with numerous unrelated developers for over four years, there are varioussituations and corner cases that I have learned to watch out for当心/警惕. One ofthese is that sometimes, an extension is just going to fail. Substrate onAndroid thereby launched with the same "hold volume-up to disable"functionality that is provided with iOS Substrate as a solution (this wasfinally added by Xposed, but only almost a year after Substrate launched andmade a point of how important this feature was).
However, there are also some additionalthings of interest: in particular特别是, due to how these devices handle thingslike upgrades升级(patch补丁files with signatures签名), it is both easier and safer if you can arrange tonever modify or replace even a single file on the device. Substrate manages toaccomplish this goal: a few files are added, but none are changed: even OTAupgrades are not affected by Substrate.
Substrate's implementation also manages toavoid having to re-implement any functionality from the underlying system,allowing it to work on "virtually any environment" withoutpreparation. In comparison, Xposed has to come with pre-compiled versions ofits app_process replacement for each of the various SDK levels that it supports(and may need special variants for custom ROMs).
Even so, when new versions of Android comeout, sometimes changes have to be made. I consider the maintenance of Substratemy primary job (even on Android, which is a secondary platform); so, whenAndroid 4.3 came out I dropped everything else and had a fully-working buildpushed to the Play Store within hours: this same process took Xposed almost twoweeks.
Performance
The mechanism used for keeping track ofhooks with Xposed involves multiple levels of indirect iteration. Functions areonly hooked once, and they all must then come through the same code inside ofXposed to figure out which method was called and what code should be calledinstead. The first level is a linear search through a linked list, and thesecond level involves iterating a TreeSet.
Substrate solves both of these problemsusing a more advanced technique involving runtime code generation: it never hasto do any lookups, and can thereby scale to arbitrarily large numbers ofmethods being hooked by arbitrarily large numbers of hooks; the onlyperformance overhead comes from Java/native transitions (which can be removedin the future) and the code inside the hooks themselves.
The only advantage Xposed gets from itsindirection is that hooks can specify a "priority"; however, takingadvantage of this feature requires global coordination, which in a communitywith thousands of developers (as Substrate has on iOS) is unrealistic, andwould require much more complex planning than just a simple priority: thatfeature simply does not scale to a distributed ecosystem.
(This "advantage", however, onlyapplies to the storage in the TreeSet; the asymptotic increase in timecomplexity in the number of hooked methods comes at no advantage, and in factcontributed to a long-standing bug in Xposed that methods with similarsignatures sometimes got mixed up: this was only finally fixed months afterdiscovery, and in a way that makes the iteration process even slower.)
Comprehensiveness
The Xposed framework is only able tooperate on Java code: if a program calls out using JNI to native code, you areno longer able to make modifications. As Substrate's heritage is as afully-featured engine for code instrumentation in a native environment (manycore libraries on iOS are written in C), Substrate provides the featuresrequired to hook C functions.
You also may find yourself needing to hookcode that exists in one of the various daemons that comes with Android, such asadbd. As Xposed hooks only into Zygote by way of the app_process binary, it isunable to load your code into these other processes. Substrate's more pervasivecode injection solution allows you to inject into every single process.
Substrate also offers the ability to gethooks loaded earlier: as it offers an API based entirely in JNI and nativelibraries, and can load early enough to simulate LD_PRELOAD support, you canuse Substrate to modify any aspect of the process including its initialization.Xposed only has a Java-based API that must be loaded out of applicationcontexts, which drastically delays its effects.
Simplicity
Substrate's API makes the kinds of changesthat most developers need to make fairly short: there is no indirectionrequired to modify arguments or call the original function. Substrate alsoencourages and enables a style where extensions can be written against nativeclasses, even when those classes are loaded multiple times by differentclassloaders.
Additionally, Substrate is well documented(much of the time I've spent on this project in the last year has actually beenon documentation) and has an SDK that is easy to obtain using the standardAndroid tools (such as the SDK Manager). Using the libraries also does notrequire messing around with your classpath: you can just include the jar.
Finally, as Substrate is distributed viathe Play Store, it is easy for users to find and install. While people candownload APKs and install them manually (and in some cases will need to, if thePlay Store is not available), requiring everyone who wants to use yourmodification to install a third-party APK manually is a massive barrier topeople using your extension.
Orthogonality
Due to some limitations of Xposed'simplementation (which lacks native code modification techniques), it requiresdevelopers to carefully time when their hooks are applied: if you want tomodify the code in a particular package, for example, you will need to waituntil after that package is loaded. You then can get the class loader for thepackage, and use it to find classes and hook their methods.
To make this easier, Xposed provides a setof helpers for common use cases: you can hook when the VM starts, when Zygotetakes control, when a particular package is loaded, or when a command lineapplication is executed. You need to know which of these to use, and it isstill unclear how you'd hook a class loaded via a dyamic runtime-created classloader (such as against downloaded code).
Substrate instead does away with all ofthis, thanks to MS.hookClassLoad,an API it provides that allows you to wait for particular classes to be loadedfrom any class loader at any time. This allows you to write hooks in a way thatis less brittle to changes, less prone to simple mistakes, and less limited byhow the developer of the target application decided to load their program'scode.
2411
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
