安卓Context
图片来源于简书作者“尹star”
Android Studio隐藏API编译
allprojects {
repositories {
google()
jcenter()
}
gradle.projectsEvaluated {
tasks.withType(JavaCompile) {
def bootclasspath = "-Xbootclasspath/p:"
fileTree(dir: "app/libs-sys", include: ['*.jar']).visit {
element -> bootclasspath = bootclasspath + "app/libs-sys/" + element.relativePath + File.pathSeparator
}
println "bootclasspath=" + bootclasspath
options.compilerArgs.add(bootclasspath)
}
}
}
交换app.iml
文件中SDK
和导入frameworks
的顺序,app/libs-sys
为依赖包的路径,support
兼容包可能会导致dex merge
失败
在源码中导入@hide的类
在Android.mk
中注释掉
#LOCAL_SDK_VERSION := current //会采用SDK的jar包,不包含隐藏API
源码编译报错
ubuntu 18.04
和 android 8.1
flex-2.5.39: loadlocale.c:130: _nl_intern_locale_data: Assertioncnt < (sizeof (_nl_value_type_LC_TIME) / sizeof (_nl_value_type_LC_TIME[0]))' failed.
Aborted (core dumped)
解决
export LC_ALL=C
LC_ALL=C
去除所有本地化的设置,或者LC_ALL=en_US.utf-8
添加系统服务
1.IXXXService.aidl
package android.os;
import android.os.IXXXListener;
/** @hide */
interface IXXXService {
void setXXXState(int state);
int getXXXState();
void setHallSupport(boolean hallSupport);
boolean getHallSupport();
void addXXXListener(IXXXListener listener);
void removeXXXListener(IXXXListener listener);
void performXXXListeners();
}
2.在Android.mk
中添加IXXXService.aidl
,通过aidl
工具生成java
文件,遇到找不到import
加上--preprocess
参数
aidl --preprocess Mid IControllerCallback.aidl
aidl -I./ -p./Mid IControllerService.aidl //依赖IControllerCallback.aidl
LOCAL_SRC_FILES += \
core/java/android/os/IXXXService.aidl
3.frameworks/base/core/java/android/content/Context.java
/**
* Use with {@link #getSystemService} to retrieve a
* {@link android.os.XXXManager} for XXX service.
* @hide
*/
public static final String LID_SERVICE = "lid";// 注意,如果不加@hide注释,需要更新API
新增的package
也需要隐藏,在package
下面添加package.html
<body>
{@hide}
</body>
更新API
make update-api
4.frameworks/base/core/java/android/app/SystemServiceRegistry.java
registerService(Context.XXX_SERVICE, XXXdManager.class,
new CachedServiceFetcher<XXXManager>() {
@Override
public XXXManager createService(ContextImpl ctx) {
// added at systemserver
IBinder binder = ServiceManager.getService(Context.XXX_SERVICE);
IXXXService service = IXXXService.Stub.asInterface(binder);
return service == null ? null : new XXXManager(service);
}});
5.frameworks/base/services/java/com/android/server/SystemServer.java
traceBeginAndSlog("StartXXXService");
ServiceManager.addService(Context.XXX_SERVICE,
XXXService.getInstance());
traceEnd();
addService
需要注意SELinux
,avc
报错,更多SELinux
参考AOSP
官网
system/sepolicy/prebuilts/api/26.0/private/service_contexts
window u:object_r:window_service:s0
* u:object_r:default_android_service:s0
xxx u:object_r:xxx_service:s0 //add
xxx
需要在*
下面,影响CTS
system/sepolicy/prebuilts/api/26.0/public/service.te
type window_service, system_api_service, system_server_service, service_manager_type;
type xxx_service, system_api_service, system_server_service, service_manager_type; //add
还有做同样的修改
system/sepolicy/private/service_contexts
system/sepolicy/public/service.te
InputManagerService处理驱动事件
frameworks/base/services/core/java/com/android/server/input/InputManagerService.java
private void notifySwitch(long whenNanos, int switchValues, int switchMask)
最后会传到android.view.PhoneWindowGloable.java
驱动方法
input_report_switch(device,SW_XXX,state)
//再同步
SELinux AVC编写
1.定义type
和属性
type [type_name],[[attribute],];
type_name
会继承attribute
的访问权限
2.定义context
[file/service/resource...] u:object_r:[type_name]:s0
SELinux编译错误
SELinux: The following types were found added to the policy without an entry into the compatibility mapping file(s) found in private/compat/26.0/26.0[.ignore].cil/nlid_service
需要在prebuilts
目录下的sepolicy
中添加相同的内容
SELinux编译流程
# sepolicy is now divided into multiple portions:
# public - policy exported on which non-platform policy developers may write
# additional policy. types and attributes are versioned and included in
# delivered non-platform policy, which is to be combined with platform policy.
# private - platform-only policy required for platform functionality but which
# is not exported to vendor policy developers and as such may not be assumed
# to exist.
# vendor - vendor-only policy required for vendor functionality. This policy can
# reference the public policy but cannot reference the private policy. This
# policy is for components which are produced from the core/non-vendor tree and
# placed into a vendor partition.
# mapping - This contains policy statements which map the attributes
# exposed in the public policy of previous versions to the concrete types used
# in this policy to ensure that policy targeting attributes from public
# policy from an older platform version continues to work.
# build process for device:
# 1) convert policies to CIL:
# - private + public platform policy to CIL
# - mapping file to CIL (should already be in CIL form)
# - non-platform public policy to CIL
# - non-platform public + private policy to CIL
# 2) attributize policy
# - run script which takes non-platform public and non-platform combined
# private + public policy and produces attributized and versioned
# non-platform policy
# 3) combine policy files
# - combine mapping, platform and non-platform policy.
# - compile output binary policy file