热门标签
热门文章
- 1人脸识别主要算法原理_某人脸识别系统中有 100 个人脸样本,识别时需要计算待识别人 脸图像与样本的相似
- 2git出现的若干问题以及解决方案_git config --global http.sslverify false
- 3spring中的spel表达式语言_springspe
- 4MySQL 的日志(undo log、redo log、binlog)_mysql每次修改操作都会写入binlog吗
- 5Android.bp快速入门_android.bp 层级
- 6jenkins与apisix整合,实现自动化部署与负载均衡、灰度发布(蓝绿发布)_apisix 灰度发布
- 7DevEco Studio创建新项目_如何在deveco studio中创建新项目?
- 8vue自定义组件实现v-model双向绑定数据_自定义的v-modal怎么双向传值
- 9最新2023阿里巴巴大佬整理Java面试八股文,大厂必备神器_阿里八股文指的是什么
- 10Arduino驱动MQ5模拟煤气气体传感器(气体传感器篇)_arduino与mq5
当前位置: article > 正文
Android4.4属性系统-属性设置_must use __system_property_read_callback() to read
作者:小丑西瓜9 | 2024-03-18 18:41:25
赞
踩
must use __system_property_read_callback() to read
Android4.4属性系统-属性设置
原创:https://www.jianshu.com/p/945ff5476cf8
DD_Dog关注
2019.07.30 16:36:31字数 844阅读 81
一、Android4.4属性系统系列文章
Android4.4属性系统-初始化
Android4.4属性系统-系统服务
Android4.4属性系统-内存空间共享
Android4.4属性系统-属性获取
Android4.4属性系统-属性设置
Android4.4-属性的使用总结
二、写在前面-如何阅读本系列文章
本系列文章大部分是对源码的解析和注释,所以读起来枯燥无味,并且杂乱,这是阅读系统源码无法避免的,如果你有条件,可以点击下载Android4.4源码,阅读源码可以使用eclise,AndroidStudio,vim等。
文章的章节安卓是按照代码模块区分的,例如init进程代码,libcutils代码是按章节来区分,但不同模块的代码之间是有关联的,阅读时需要经常跳转,通过搜索功能进行页内搜索即可
三、属性设置
Android 除了提供属性获取函数外,当然还可以进行属性的设置操作,在 Java 层可以通过调用 SystemProperties.set(String key, String val)方法进行属性设置。
3.1 frameworks接口
源码路径frameworks/base/core/java/android/os/Build.java
- /**
- * Set the value for the given key.
- * @throws IllegalArgumentException if the key exceeds 32 characters
- * @throws IllegalArgumentException if the value exceeds 92 characters
- */
- public static void set(String key, String val) {
- if (key.length() > PROP_NAME_MAX) {
- throw new IllegalArgumentException("key.length > " + PROP_NAME_MAX);
- }
- if (val != null && val.length() > PROP_VALUE_MAX) {
- throw new IllegalArgumentException("val.length > " +
- PROP_VALUE_MAX);
- }
- native_set(key, val);
- }
-
首先对需要设置的属性的名称以及值做长度检查,再调用 Native函数native_set。native_set对应的C++层函数为SystemProperties_set(/frameworks/base/core/jni/android_os_SystemProperties.cpp)
3.2 JNI接口
源码 路径frameworks/base/core/jni/android_os_SystemProperties.cpp
JNI代码中,有方法映射表,native_get映射为SystemProperties_getS方法
- #include "cutils/properties.h"
- //方法映射表
- static JNINativeMethod method_table[] = {
- { "native_get", "(Ljava/lang/String;)Ljava/lang/String;",
- (void*) SystemProperties_getS },
- { "native_get", "(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;",
- (void*) SystemProperties_getSS },
- { "native_get_int", "(Ljava/lang/String;I)I",
- (void*) SystemProperties_get_int },
- { "native_get_long", "(Ljava/lang/String;J)J",
- (void*) SystemProperties_get_long },
- { "native_get_boolean", "(Ljava/lang/String;Z)Z",
- (void*) SystemProperties_get_boolean },
- { "native_set", "(Ljava/lang/String;Ljava/lang/String;)V",
- (void*) SystemProperties_set },
- { "native_add_change_callback", "()V",
- (void*) SystemProperties_add_change_callback },
- };
-
- //native_set方法对应SystemProperties_set
- static void SystemProperties_set(JNIEnv *env, jobject clazz, jstring keyJ, jstring valJ)
- {
- LOGD("SystemProperties_set,keyJ=%s,valJ=%s", keyJ, valJ);
- int err;
- const char* key;
- const char* val;
-
- if (keyJ == NULL) {
- jniThrowNullPointerException(env, "key must not be null.");
- return ;
- }
- //将jstring类型变成一个char *类型
- key = env->GetStringUTFChars(keyJ, NULL);
-
- if (valJ == NULL) {
- val = ""; /* NULL pointer not allowed here */
- } else {
- val = env->GetStringUTFChars(valJ, NULL);
- }
- //关键代码:调用property_set,在properties.c中实现
- err = property_set(key, val);
- //调用ReleaseStringUTFChars函数通知JVM这块内存已经不使用
- env->ReleaseStringUTFChars(keyJ, key);
- //一些错误处理
- if (valJ != NULL) {
- env->ReleaseStringUTFChars(valJ, val);
- }
-
- if (err < 0) {
- jniThrowException(env, "java/lang/RuntimeException",
- "failed to set system property");
- }
- }
-
调用了 property_set 函数,该函数统一定义在/system/core/libcutils/properties.c 文件中
3.3 libc库层
3.3.1 内核c库层
源码路径system/core/libcutils/properties.c
- #include <cutils/properties.h>
-
- //set方法,参数<key,value>
- int property_set(const char *key, const char *value)
- {
- ALOGV("property_set, key=%s,value=%s", key, value);
- //关键调用,位于bionic/libc/bionic/system_properties.c
- return __system_property_set(key, value);
- }
调用了__system_property_set 函数,该函数位于/bionic/libc/bionic/system_properties.c 文件
3.3.2 bionic库层
源码路径bionic/libc/bionic/system_properties.c
该函数通过__system_property_find 函数在系统属性内存区域查询是否存在 name 参数指定的属性,如果查询到则会通过__system_property_read 读取属性信息。关于__system_property_find函数,前文已经分析过了。__system_property_read 通过获取的内存地址,从内存中读取属性信息。
- //set方法
- int __system_property_set(const char *key, const char *value)
- {
- printf("__system_property_set--bianjb,key=%s,value=%s", key, value);
- int err;
- //prop_msg为要发送给服务端的消息句柄
- prop_msg msg;
-
- if(key == 0) return -1;
- if(value == 0) value = "";
- //判断key,value长度是否合法
- if(strlen(key) >= PROP_NAME_MAX) return -1;
- if(strlen(value) >= PROP_VALUE_MAX) return -1;
-
- memset(&msg, 0, sizeof msg); //初始化内存
- //设置Prop操作类型
- msg.cmd = PROP_MSG_SETPROP;
- //设置消息name字段
- strlcpy(msg.name, key, sizeof msg.name);
- //设置消息value字段
- strlcpy(msg.value, value, sizeof msg.value);
- //send_prop_msg 函数向属性系统服务的 socket发送属性设置请求信息
- err = send_prop_msg(&msg);
- if(err < 0) {
- return err;
- }
- return 0;
- }
-
- //发送消息
- static int send_prop_msg(prop_msg *msg)
- {
- struct pollfd pollfds[1];
- struct sockaddr_un addr;
- socklen_t alen;
- size_t namelen;
- int s;
- int r;
- int result = -1;
-
- s = socket(AF_LOCAL, SOCK_STREAM, 0);
- if(s < 0) {
- return result;
- }
-
- memset(&addr, 0, sizeof(addr));
- // property_service_socket 值为”/dev/socket/property_service”
- //正是前文分析 Android 属性系统服务所监听的 socket
- namelen = strlen(property_service_socket);
- strlcpy(addr.sun_path, property_service_socket, sizeof addr.sun_path);
- addr.sun_family = AF_LOCAL;
- alen = namelen + offsetof(struct sockaddr_un, sun_path) + 1;
- //connect尝试连接这个服务端 socket
- if(TEMP_FAILURE_RETRY(connect(s, (struct sockaddr *) &addr, alen)) < 0) {
- close(s);
- return result;
- }
- //send向该 socket 发送消息
- r = TEMP_FAILURE_RETRY(send(s, msg, sizeof(prop_msg), 0));
-
- if(r == sizeof(prop_msg)) {
- //我们成功写入了属性服务器,但现在我们等待属性服务器完成其工作。它通过关闭套接字来确认它的完成,所以我们在这里
- //轮询(什么都没有),等待套接字关闭。如果你'adb shell setprop foo bar',你会在套接字关闭后看到POLLHUP。出于偏
- //执,我们将调查结果限制在250毫秒。
- pollfds[0].fd = s;
- pollfds[0].events = 0;
- r = TEMP_FAILURE_RETRY(poll(pollfds, 1, 250 /* ms */));
- if (r == 1 && (pollfds[0].revents & POLLHUP) != 0) {
- result = 0;
- } else {
- //忽略超时并将其视为成功。 init进程是单线程的,它的属性服务有时响应很慢(可能是关闭启动子进程或其他东西),因此
- //这时超时并且调用者认为它失败了,即使它仍然可以解决它。所以我们在这里伪造它,主要是为了ctl.*属性,但是我们尝
- //试等待250毫秒,因此大多数时候执行read-after-write的调用者可以可靠地看到他们写的内容。
- result = 0;
- }
- }
-
- close(s);
- return result;
- }
-
prop_msg消息结构体定义在bionic/libc/include/sys/_system_properties.h,源码如下:
- #define PROP_MSG_SETPROP 1
-
- struct prop_msg
- {
- unsigned cmd;
- char name[PROP_NAME_MAX];
- char value[PROP_VALUE_MAX];
- };
-
上面的分析完成了向socket服务器发送请求消息的过程,那么服务器端是如何接收并处理的呢。
3.3 socket服务端接收请求消息并处理
在 init.c 文件中 main 函数的无限 for 循环中有对上述 socket 事件的处理,关键代码如下
源码位置system/core/init/init.c
- int main(int argc, char **argv)
- {
- ....
- for(;;) {
- int nr, i, timeout = -1;
-
- execute_one_command();
- restart_processes();
-
- //设置需要监听的 socket 文件描述符以及 socket 请求的事件
- if (!property_set_fd_init && get_property_set_fd() > 0) {
- ufds[fd_count].fd = get_property_set_fd();
- ufds[fd_count].events = POLLIN;
- ufds[fd_count].revents = 0;
- fd_count++;
- property_set_fd_init = 1;
- }
- ....
- //调用 poll 检查是否有期望的 soket 事件发生
- nr = poll(ufds, fd_count, timeout);
- if (nr <= 0)
- continue;
-
- for (i = 0; i < fd_count; i++) {
- if (ufds[i].revents == POLLIN) { //两个if判断所发生的的 socket 事件是否是来自于属性服务的socket
- if (ufds[i].fd == get_property_set_fd())
- handle_property_set_fd(); //处理相应的 socket 请求,定义在property_service.c
- else if (ufds[i].fd == get_keychord_fd())
- handle_keychord();
- else if (ufds[i].fd == get_signal_fd())
- handle_signal();
- }
- }
- }
- //处理控制消息,handle_control_message 根据属性名称来启动、停止或者重启服务
- void handle_control_message(const char *msg, const char *arg)
- {
- if (!strcmp(msg,"start")) {
- msg_start(arg);
- } else if (!strcmp(msg,"stop")) {
- msg_stop(arg);
- } else if (!strcmp(msg,"restart")) {
- msg_restart(arg);
- } else {
- ERROR("unknown control msg '%s'\n", msg);
- }
- }
-
- //prop发生改变
- void property_changed(const char *name, const char *value)
- {
- if (property_triggers_enabled) //是否开启了prop触发器
- queue_property_triggers(name, value);
- }
-
- static int queue_property_triggers_action(int nargs, char **args)
- {
- queue_all_property_triggers(); //定义在init_parser.c
- /* enable property triggers */
- property_triggers_enabled = 1;
- return 0;
- }
-
源码路径system/core/init/init_parser.c
- void queue_all_property_triggers()
- {
- struct listnode *node;
- struct action *act;
- list_for_each(node, &action_list) {
- act = node_to_item(node, struct action, alist);
- if (!strncmp(act->name, "property:", strlen("property:"))) {
- /* parse property name and value
- syntax is property:<name>=<value> */
- const char* name = act->name + strlen("property:");
- const char* equals = strchr(name, '=');
- if (equals) {
- char prop_name[PROP_NAME_MAX + 1];
- char value[PROP_VALUE_MAX];
- int length = equals - name;
- if (length > PROP_NAME_MAX) {
- ERROR("property name too long in trigger %s", act->name);
- } else {
- memcpy(prop_name, name, length);
- prop_name[length] = 0;
-
- /* does the property exist, and match the trigger value? */
- property_get(prop_name, value);
- if (!strcmp(equals + 1, value) ||!strcmp(equals + 1, "*")) {
- action_add_queue_tail(act);
- }
- }
- }
- }
- }
- }
-
源码路径system/core/init/property_service.c
- //处理客户端的连接请求
- void handle_property_set_fd()
- {
- prop_msg msg;
- int s;
- int r;
- int res;
- struct ucred cr;
- struct sockaddr_un addr;
- socklen_t addr_size = sizeof(addr);
- socklen_t cr_size = sizeof(cr);
- char * source_ctx = NULL;
-
- //accept接受连接请求
- if ((s = accept(property_set_fd, (struct sockaddr *) &addr, &addr_size)) < 0) {
- return;
- }
-
- /* Check socket options here */
- if (getsockopt(s, SOL_SOCKET, SO_PEERCRED, &cr, &cr_size) < 0) {
- close(s);
- ERROR("Unable to receive socket options\n");
- return;
- }
- //recv从 socket 中获取数据,由于 send_prop_msg 发送的数据位 prop_msg,因此此处获得的数据便是一个 prop_msg 结构体
- r = TEMP_FAILURE_RETRY(recv(s, &msg, sizeof(msg), 0));
- if(r != sizeof(prop_msg)) {
- ERROR("sys_prop: mis-match msg size received: %d expected: %d errno: %d\n",
- r, sizeof(prop_msg), errno);
- close(s);
- return;
- }
- //根据 prop_msg 成员cmd 值做相应操作,对于属性设置请求来说,cmd 值为 PROP_MSG_SETPROP,而实际上
- //handle_property_set_fd 函数也只是处理属性设置请求
- switch(msg.cmd) {
- case PROP_MSG_SETPROP:
- msg.name[PROP_NAME_MAX-1] = 0;
- msg.value[PROP_VALUE_MAX-1] = 0;
-
- if (!is_legal_property_name(msg.name, strlen(msg.name))) {
- ERROR("sys_prop: illegal property name. Got: \"%s\"\n", msg.name);
- close(s);
- return;
- }
-
- getpeercon(s, &source_ctx);
-
- /*判断需要设置的属性名称是否以”ctl.”开头,
- *ctl.start 可以用来启动服务,
- *ctl.stop 用来停止服务,
- *ctl.restart 可以用来重启服务
- */
- if(memcmp(msg.name,"ctl.",4) == 0) {
- // Keep the old close-socket-early behavior when handling ctl.* properties.
- close(s);
- //检查控制权限,通过后就可以控制属性服务的启动和停止
- if (check_control_perms(msg.value, cr.uid, cr.gid, source_ctx)) {
- //处理控制消息
- handle_control_message((char*) msg.name + 4, (char*) msg.value);
- } else {
- ERROR("sys_prop: Unable to %s service ctl [%s] uid:%d gid:%d pid:%d\n",
- msg.name + 4, msg.value, cr.uid, cr.gid, cr.pid);
- }
- } else {
- //如果不是控制指令,检查权限
- if (check_perms(msg.name, cr.uid, cr.gid, source_ctx)) {
- property_set((char*) msg.name, (char*) msg.value);
- } else {
- ERROR("sys_prop: permission denied uid:%d name:%s\n",
- cr.uid, msg.name);
- }
-
- // Note: bionic's property client code assumes that the
- // property server will not close the socket until *AFTER*
- // the property is written to memory.
- close(s);
- }
- freecon(source_ctx);
- break;
-
- default:
- close(s);
- break;
- }
- }
-
- /* 白名单一
- * White list of UID that are allowed to start/stop services.
- * Currently there are no user apps that require.
- */
- struct {
- const char *service;
- unsigned int uid;
- unsigned int gid;
- } control_perms[] = {
- { "dumpstate",AID_SHELL, AID_LOG },
- { "ril-daemon",AID_RADIO, AID_RADIO },
- {NULL, 0, 0 }
- };
-
- /*
- * Checks permissions for starting/stoping system services.
- * AID_SYSTEM and AID_ROOT are always allowed.
- *
- * Returns 1 if uid allowed, 0 otherwise.
- *权限检查的基本思路是:若进程的 uid 属于 system 或者 root,则通过;若进程在 control_perms
- *白名单中,也可以通过检查,但是目前为止,没有用户应用程序存在于该白名单中。因此只
- *有具有 system 或者 root 权限才可以启动、停止以及重启服务。
- */
-
- static int check_control_perms(const char *name, unsigned int uid, unsigned int gid, char *sctx) {
-
- int i;
- if (uid == AID_SYSTEM || uid == AID_ROOT)
- return check_control_mac_perms(name, sctx);
-
- /* Search the ACL */
- for (i = 0; control_perms[i].service; i++) {
- if (strcmp(control_perms[i].service, name) == 0) {
- if ((uid && control_perms[i].uid == uid) ||
- (gid && control_perms[i].gid == gid)) {
- return check_control_mac_perms(name, sctx);
- }
- }
- }
- return 0;
- }
-
- //白名单二,AID定义在`system/core/include/private/android_filesystem_config.h`
- /* White list of permissions for setting property services. */
- struct {
- const char *prefix;
- unsigned int uid;
- unsigned int gid;
- } property_perms[] = {
- { "net.rmnet0.", AID_RADIO, 0 },
- { "net.gprs.", AID_RADIO, 0 },
- { "net.ppp", AID_RADIO, 0 },
- { "net.qmi", AID_RADIO, 0 },
- { "net.lte", AID_RADIO, 0 },
- { "net.cdma", AID_RADIO, 0 },
- { "ril.", AID_RADIO, 0 },
- { "gsm.", AID_RADIO, 0 },
- { "persist.radio", AID_RADIO, 0 },
- { "persist.radio", AID_SYSTEM, 0 },
- { "net.dns", AID_RADIO, 0 },
- { "sys.usb.config", AID_RADIO, 0 },
- { "net.", AID_SYSTEM, 0 },
- { "dev.", AID_SYSTEM, 0 },
- { "runtime.", AID_SYSTEM, 0 },
- { "hw.", AID_SYSTEM, 0 },
- { "sys.", AID_SYSTEM, 0 },
- { "sys.powerctl", AID_SHELL, 0 },
- { "service.", AID_SYSTEM, 0 },
- { "wlan.", AID_SYSTEM, 0 },
- { "bluetooth.", AID_BLUETOOTH, 0 },
- { "dhcp.", AID_SYSTEM, 0 },
- { "dhcp.", AID_DHCP, 0 },
- { "debug.", AID_SYSTEM, 0 },
- { "debug.", AID_SHELL, 0 },
- { "log.", AID_SHELL, 0 },
- { "service.adb.root", AID_SHELL, 0 },
- { "service.adb.tcp.port", AID_SHELL, 0 },
- { "persist.sys.", AID_SYSTEM, 0 },
- { "persist.msms.", AID_RADIO, 0 },//SPRD: add for dsds
- { "persist.msms.", AID_SYSTEM, 0 },
- { "persist.service.", AID_SYSTEM, 0 },
- { "persist.security.", AID_SYSTEM, 0 },
- { "media.", AID_MEDIA, 0 },
- { "persist.service.bdroid.", AID_BLUETOOTH, 0 },
- { "selinux." , AID_SYSTEM, 0 },
- { "persist.modem.", AID_RADIO, 0 },//SPRD: add for lte
- { NULL, 0, 0 }
- };
-
- /*
- * Checks permissions for setting system properties.
- * Returns 1 if uid allowed, 0 otherwise.
- */
- static int check_perms(const char *name, unsigned int uid, unsigned int gid, char *sctx)
- {
- int i;
- unsigned int app_id;
-
- if(!strncmp(name, "ro.", 3))
- name +=3;
- //断是否具有 root 权限,若有通过检查
- if (uid == 0)
- return check_mac_perms(name, sctx);
-
- app_id = multiuser_get_app_id(uid);
- if (app_id == AID_BLUETOOTH) {
- uid = app_id;
- }
- //与 check_control_perms 一样,property_perms 也是一个可以进行属性设置的白名单。若通过权限检查,则会调用
- //property_set来进行属性设置操作,该函数在前文已有分析,此处略去
- for (i = 0; property_perms[i].prefix; i++) {
- if (strncmp(property_perms[i].prefix, name,
- strlen(property_perms[i].prefix)) == 0) {
- if ((uid && property_perms[i].uid == uid) ||
- (gid && property_perms[i].gid == gid)) {
-
- return check_mac_perms(name, sctx);
- }
- }
- }
- }
-
- return 0;
- }
-
- //最终真正的设置属性的函数
- int property_set(const char *name, const char *value)
- {
- prop_info *pi;
- int ret;
-
- size_t namelen = strlen(name); //计算key长度值
- size_t valuelen = strlen(value); //计算value长度值
-
- if (!is_legal_property_name(name, namelen)) return -1; //判断prop name是否合法
- if (valuelen >= PROP_VALUE_MAX) return -1;
-
- pi = (prop_info*) __system_property_find(name); //获取系统中的prop
-
- if(pi != 0) { //如果已经存在该prop
- /* ro.* properties may NEVER be modified once set */
- if(!strncmp(name, "ro.", 3)) return -1; //ro.开头的不允许修改,read only
-
- __system_property_update(pi, value, valuelen); //更新prop
- } else { //如果不存在,则添加
- ret = __system_property_add(name, namelen, value, valuelen); //添加prop
- if (ret < 0) {
- ERROR("Failed to set '%s'='%s'\n", name, value);
- return ret;
- }
- }
- /* If name starts with "net." treat as a DNS property. */
- //如果key是以net.开关的,当作DNS属性处理
- if (strncmp("net.", name, strlen("net.")) == 0) {
- if (strcmp("net.change", name) == 0) { //如果是net.change属性,直接返回
- return 0;
- }
- /*
- * The 'net.change' property is a special property used track when any
- * 'net.*' property name is updated. It is _ONLY_ updated here. Its value
- * contains the last updated 'net.*' property.
- */
- //'net.change'属性是一个特殊属性,用于跟踪任何'net.*'属性名称的更新。它只能在这里被更新。
- //其值包含最后更新的'net.*'属性。
- property_set("net.change", name);
- } else if (persistent_properties_loaded &&strncmp("persist.", name, strlen("persist.")) == 0) {
- /*
- * Don't write properties to disk until after we have read all default properties
- * to prevent them from being overwritten by default values.
- */
- //如果持久化属性已经加载完毕并且属性以persist.开头
- write_persistent_property(name, value);
- } else if (strcmp("selinux.reload_policy", name) == 0 && strcmp("1", value) == 0) {
- //如果是selinux.reload_policy=1
- selinux_reload_policy();
- }
- property_changed(name, value); //prop改变,发出通知,定义在init.c中
- return 0;
- }
-
- //判断prop name是否含有非法字符
- static bool is_legal_property_name(const char* name, size_t namelen)
- {
- size_t i;
- bool previous_was_dot = false;
- if (namelen >= PROP_NAME_MAX) return false; //超过最大长度,非法
- if (namelen < 1) return false; //长度小于1非法
- if (name[0] == '.') return false; //以'.'开头,非法
- if (name[namelen - 1] == '.') return false; //以'.'结尾,非法
-
- /* Only allow alphanumeric, plus '.', '-', or '_' */
- /* Don't allow ".." to appear in a property name */
- //只允许字母和数字,以及'.' '-' '_',并且不允许”..“
- for (i = 0; i < namelen; i++) {
- if (name[i] == '.') {
- if (previous_was_dot == true) return false;
- previous_was_dot = true;
- continue;
- }
- previous_was_dot = false;
- if (name[i] == '_' || name[i] == '-') continue;
- if (name[i] >= 'a' && name[i] <= 'z') continue;
- if (name[i] >= 'A' && name[i] <= 'Z') continue;
- if (name[i] >= '0' && name[i] <= '9') continue;
- return false;
- }
-
- return true;
- }
-
- //写入持久化prop,persist类型的prop要生成对应的文件,路径为/data/property
- static void write_persistent_property(const char *name, const char *value)
- {
- char tempPath[PATH_MAX];
- char path[PATH_MAX];
- int fd;
-
- snprintf(tempPath, sizeof(tempPath), "%s/.temp.XXXXXX", PERSISTENT_PROPERTY_DIR);
- fd = mkstemp(tempPath); //建立 临时文件
- if (fd < 0) {
- ERROR("Unable to write persistent property to temp file %s errno: %d\n", tempPath, errno);
- return;
- }
- write(fd, value, strlen(value));
- close(fd);
-
- snprintf(path, sizeof(path), "%s/%s", PERSISTENT_PROPERTY_DIR, name);
- if (rename(tempPath, path)) {
- unlink(tempPath);
- ERROR("Unable to rename persistent property file %s to %s\n", tempPath, path);
- }
- }
-
可以看到property_set函数又调用了__system_property_update,__system_property_add等函数,它们定义在bionic/libc/bionic/system_properties.c
源码如下:
- //更新属性
- int __system_property_update(prop_info *pi, const char *value, unsigned int len)
- {
- prop_area *pa = __system_property_area__; //获取静态成员__system_property_area__,拿到共享内存区的地址
-
- if (len >= PROP_VALUE_MAX)
- return -1;
-
- //prop_info->serial,其高8位表示该prop_info中name的长度,而低24位表示该prop_info被更新的次数
- pi->serial = pi->serial | 1;
- ANDROID_MEMBAR_FULL();
- memcpy(pi->value, value, len + 1); //赋值value
- ANDROID_MEMBAR_FULL();
- pi->serial = (len << 24) | ((pi->serial + 1) & 0xffffff);
- __futex_wake(&pi->serial, INT32_MAX);
-
- pa->serial++; //访问次数加+,pa->serial表示该属性访问次数
- __futex_wake(&pa->serial, INT32_MAX);
-
- return 0;
- }
-
- //添加prop
- int __system_property_add(const char *name, unsigned int namelen,
- const char *value, unsigned int valuelen)
- {
- prop_area *pa = __system_property_area__;
- const prop_info *pi;
-
- if (namelen >= PROP_NAME_MAX) //检查name长度
- return -1;
- if (valuelen >= PROP_VALUE_MAX) //检查value长度
- return -1;
- if (namelen < 1)
- return -1;
- //查询prop应该存储的内存位置
- pi = find_property(root_node(), name, namelen, value, valuelen, true);
- if (!pi)
- return -1;
-
- pa->serial++; //访问次数加+,pa->serial表示该属性访问次数
- __futex_wake(&pa->serial, INT32_MAX);
- return 0;
- }
-
- //前面介绍过了,属性的存储结构为特里结构+二叉树结构,所以查找属性其实就是
- //特里结构+二叉树结构的遍历
- static const prop_info *find_property(prop_bt *trie, const char *name,
- uint8_t namelen, const char *value, uint8_t valuelen,
- bool alloc_if_needed)
- {
- const char *remaining_name = name;
-
- while (true) {
- char *sep = strchr(remaining_name, '.');
- bool want_subtree = (sep != NULL);
- uint8_t substr_size;
-
- prop_bt *root;
-
- if (want_subtree) {
- substr_size = sep - remaining_name;
- } else {
- substr_size = strlen(remaining_name);
- }
-
- if (!substr_size)
- return NULL;
-
- if (trie->children) {
- root = to_prop_obj(trie->children);
- } else if (alloc_if_needed) {
- root = new_prop_bt(remaining_name, substr_size, &trie->children);
- } else {
- root = NULL;
- }
-
- if (!root)
- return NULL;
-
- trie = find_prop_bt(root, remaining_name, substr_size, alloc_if_needed);
- if (!trie)
- return NULL;
-
- if (!want_subtree)
- break;
-
- remaining_name = sep + 1;
- }
- if (trie->prop) {
- return to_prop_obj(trie->prop);
- } else if (alloc_if_needed) {
- return new_prop_info(name, namelen, value, valuelen, &trie->prop);
- } else {
- return NULL;
- }
- }
-
AID用户定义system/core/include/private/android_filesystem_config.h
- /* This is the master Users and Groups config for the platform.
- * DO NOT EVER RENUMBER
- */
- #define AID_ROOT 0 /* traditional unix root user */
-
- #define AID_SYSTEM 1000 /* system server */
-
- #define AID_RADIO 1001 /* telephony subsystem, RIL */
- #define AID_BLUETOOTH 1002 /* bluetooth subsystem */
- #define AID_GRAPHICS 1003 /* graphics devices */
- #define AID_INPUT 1004 /* input devices */
- #define AID_AUDIO 1005 /* audio devices */
- #define AID_CAMERA 1006 /* camera devices */
- #define AID_LOG 1007 /* log devices */
- #define AID_COMPASS 1008 /* compass device */
- #define AID_MOUNT 1009 /* mountd socket */
- #define AID_WIFI 1010 /* wifi subsystem */
- #define AID_ADB 1011 /* android debug bridge (adbd) */
- #define AID_INSTALL 1012 /* group for installing packages */
- #define AID_MEDIA 1013 /* mediaserver process */
- #define AID_DHCP 1014 /* dhcp client */
- #define AID_SDCARD_RW 1015 /* external storage write access */
- #define AID_VPN 1016 /* vpn system */
- #define AID_KEYSTORE 1017 /* keystore subsystem */
- #define AID_USB 1018 /* USB devices */
- #define AID_DRM 1019 /* DRM server */
- #define AID_MDNSR 1020 /* MulticastDNSResponder (service discovery) */
- #define AID_GPS 1021 /* GPS daemon */
- #define AID_UNUSED1 1022 /* deprecated, DO NOT USE */
- #define AID_MEDIA_RW 1023 /* internal media storage write access */
- #define AID_MTP 1024 /* MTP USB driver access */
- #define AID_UNUSED2 1025 /* deprecated, DO NOT USE */
- #define AID_DRMRPC 1026 /* group for drm rpc */
- #define AID_NFC 1027 /* nfc subsystem */
- #define AID_SDCARD_R 1028 /* external storage read access */
- #define AID_CLAT 1029 /* clat part of nat464 */
- #define AID_LOOP_RADIO 1030 /* loop radio devices */
- #define AID_MEDIA_DRM 1031 /* MediaDrm plugins */
- #define AID_PACKAGE_INFO 1032 /* access to installed package details */
- #define AID_SDCARD_PICS 1033 /* external storage photos access */
- #define AID_SDCARD_AV 1034 /* external storage audio/video access */
- #define AID_SDCARD_ALL 1035 /* access all users external storage */
- /* SPRD: add for storage manager @{ */
- #define AID_INTERNAL_WR 1051 /* write permission for internal storage */
- #define AID_EXTERNAL_WR 1052 /* write permission for external storage */
- /* @} */
-
- #define AID_SHELL 2000 /* adb and debug shell user */
- #define AID_CACHE 2001 /* cache access */
- #define AID_DIAG 2002 /* access to diagnostic resources */
-
- /* The 3000 series are intended for use as supplemental group id's only.
- * They indicate special Android capabilities that the kernel is aware of. */
- #define AID_NET_BT_ADMIN 3001 /* bluetooth: create any socket */
- #define AID_NET_BT 3002 /* bluetooth: create sco, rfcomm or l2cap sockets */
- #define AID_INET 3003 /* can create AF_INET and AF_INET6 sockets */
- #define AID_NET_RAW 3004 /* can create raw INET sockets */
- #define AID_NET_ADMIN 3005 /* can configure interfaces and routing tables. */
- #define AID_NET_BW_STATS 3006 /* read bandwidth statistics */
- #define AID_NET_BW_ACCT 3007 /* change bandwidth statistics accounting */
- #define AID_NET_BT_STACK 3008 /* bluetooth: access config files */
- #define AID_THEME 9001 /* SPRD: add for theme setting */
- #define AID_MISC 9998 /* access to misc storage */
- #define AID_NOBODY 9999
- #define AID_APP 10000 /* first app user */
- #define AID_ISOLATED_START 99000 /* start of uids for fully isolated sandboxed processes */
- #define AID_ISOLATED_END 99999 /* end of uids for fully isolated sandboxed processes */
- #define AID_USER 100000 /* offset for uid ranges for each user */
- #define AID_SHARED_GID_START 50000 /* start of gids for apps in each user to share */
- #define AID_SHARED_GID_END 59999 /* start of gids for apps in each user to share */
需要重点关注的几个:
- #define AID_ROOT 0 /* traditional unix root user */
-
- #define AID_SYSTEM 1000 /* system server */
- #define AID_RADIO 1001 /* telephony subsystem, RIL */
- #define AID_USER 100000 /* offset for uid ranges for each user */
- #define AID_USER 100000 /* offset for uid ranges for each user */
通过上述分析可知,Android 属性设置最终需要通过 init 进程完成,同时还有严格的权限检查,一般用户进程无法对 Android 属性进行设置。
四、上图
属性设置.png
五、参考
Android属性系统
Linux 内存映射函数 mmap
trie-特里结构
Linux 内存映射函数 mmap()函数详解
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/小丑西瓜9/article/detail/265032
推荐阅读
相关标签
