From Android NDK To AOSP

FROM ANDROID NDKTO AOSP

Bekket McClane @SITCON2015

WHO AM I ?

WHO AM I ?

⺠民2

WHO AM I ?

BEKKET MCCLANE

WHO AM I ?

MSHOCKWAVE

DEPARTMENT OF COMPUTER SCIENCE

Freshman

VLC FOR ANDROID

TODAY’S TOPIC

• GRAPHIC RENDERING• GAME• SECURITY

TODAY’S TOPIC


TODAY’S TOPIC


TODAY’S TOPIC


TODAY’S TOPIC


LEARNING

• Android NDK Introduction

• AOSP Overview

• From NDK To AOSP

• Example

SYLLABUS

ANDROID NDK INTRODUCTION

APP

JNI

Native Library ( .so )

No More Interpreting!!

• Graphic Rendering (Ex. OpenGL)

• Multi Media (Ex. OpenMAX)

• Game

JNI PROGRAMMING

JNI PROGRAMMING

OFFICIAL REFERENCE

http://docs.oracle.com/javase/7/docs/technotes/guides/jni/spec/functions.html

http://docs.oracle.com/javase/7/docs/technotes/guides/jni/spec/functions.html

Android.mk

1 LOCAL_PATH := $(call my-dir)

2 include $(CLEAR_VARS)

3 LOCAL_MODULE := foo

4 LOCAL_SRC_FILES := bar.c

5 #LOCAL_CFLAGS += -DDUMMY_FLAG

6 #LOCAL_LDLIBS += -llog

7 include $(BUILD_SHARED_LIBRARY)















Another makefile








Another makefile








Another makefile

Compiler Options








Another makefile

Compiler Options








Another makefile

Compiler Options

The real “builder” makefile








libfoo.so (in this case)

Another makefile

Compiler Options

The real “builder” makefile

$ ndk-build

$ ndk-build -B

$ ndk-build

($ ndk-build NDK_DEBUG=1)

$ ndk-build -B

AOSP OVERVIEW

AOSP

= Android Open Source Project

(vendors’ property libraries)

AOSP

= Android Open Source Project

NOT INCLUDED

(vendors’ property libraries)

Zygote

Zygote( Java World )

Zygote

Requestvia Local Socket

( Java World )

Zygotefork

app_01

app_02 app_03


( Java World )

Zygotefork

app_01

app_02 app_03

Shared address space


( Java World )

Pros: Preload Java Classes

$ adb shell ps \

| grep -e "u0_" -e "zygote" \

| awk '{print $1,"\t",$2,"\t",$3,"\t",$9}'

root 328 1 zygote

u0_a24 1051 328 com.android.systemui

u0_a8 1151 328 com.asus.launcher

u0_a20 1351 328 com.google.process.gapps

User PID PPID Process Name

.

.

.

root 328 1 zygote

u0_a24 1051 328 com.android.systemui

u0_a8 1151 328 com.asus.launcher

u0_a20 1351 328 com.google.process.gapps

User PID PPID Process Name

.

.

.

And their friends

System Services

Service Manager

Java Services

Native Services

App

Service Manager

Java Services

Native Services

App

addService

Service Manager

Java Services

Native Services

App

QueryaddService

Service Manager

Java Services

Native Services

App

QueryaddService

Communicatevia IPC

system 979 328 system_server

root 328 1 zygote

media 331 1 /system/bin/mediaserver

system 316 1 /system/bin/servicemanager


root 328 1 zygote



Most of the Java services live in here


root 328 1 zygote



Most of the Java services live in here

One of native services

Binder IPC

HIGHLIGHT

send() / recv()-like APIs

HIGHLIGHT

send() / recv()-like APIs

• Still need kernel’s help

• Heavily object oriented

• Put “transmission part” and “logic part” together



• Put “transmission part” and “logic part” together

(Interface, Inheritance…etc)



• Put “transmission part” and “logic part” together(Inheritance)

(Interface, Inheritance…etc)

EX: AIDL PROGRAMMING

IMyLight led;

led = IMyLight.Stub.asInterface(binder);

led.turnOn();


IMyLight led;


led.turnOn();The real “messenger”


IMyLight led;


led.turnOn();The real “messenger”


IMyLight led;


led.turnOn();Interface The real “messenger”

From NDK To AOSP

FACT:

b6beb000 156K r-xp /system/lib/libbinder.so

b6b22000 4K r-xp /system/lib/libhardware.so

PMAP RESULT

– NOT Barack Obama

“If there is a way, there’s a will”

“If there is a way, there’s a will”

“If there is a LIBRARY in the address space, there are SYMBOLS (we can use)”

Normal App

Normal App

Place we utilize

clang -c demo.c

clang -o demoExe demo.o \

-I./include -L./lib —lmyLib

COMPILE A PROGRAM

clang -c demo.c



COMPILE A PROGRAM

clang -c demo.c



COMPILE A PROGRAM

clang -c demo.c



COMPILE A PROGRAM

Only used for looking up for symbols(shared library)

Example

Goal: Control vibrator using C/C++ Binder API

Available on Github: https://github.com/mshockwave/android-binder-demo-with-vibrator

https://github.com/mshockwave/android-binder-demo-with-vibrator

HEADER FILES

• frameworks/native/include (binder)

• system/core/include (cutils, utils)

• https://android.googlesource.com/platform/frameworks/native

• https://android.googlesource.com/platform/system/core

git clone

https://android.googlesource.com/platform/frameworks/native

https://android.googlesource.com/platform/system/core

LIBRARIES

1. adb pull /system/lib/libfoo.so

2. Build yourself

Options:

BUILD YOURSELF

1. make -jxx

2. mm / mma

BUILD YOURSELF

1. make -jxx

2. mm / mma

mm: Build current modules

mmm: Build supplied modules

mma: Current modules + dependencies

mmma: Supplied modules + dependencies

mm: Build current modules

mmm: Build supplied modules

mma: Current modules + dependencies

mmma: Supplied modules + dependencies

LOCAL_MODULE := myModuleName

$ cd ${AOSP_ROOT}/frameworks/native/libs/binder

$ mma

$ ls ${AOSP_ROOT}/out/target/product/${DEVICE} \

system/lib

> libbinder.so libutils.so libcutils.so . . . .


$ mma


system/lib


Binder module’s dir


$ mma


system/lib



Build binder module and its dependencies


$ mma


system/lib





$ mma


system/lib




Result libraries

PART OF ANDROID.MK

LOCAL_MODULE := myVibrator

LOCAL_C_INCLUDES += $(AOSP_INCLUDE)

LOCAL_LDLIBS += -L$(AOSP_LIB)

LOCAL_LDLIBS += -llog -lbinder -lutils -lcutils

PART OF ANDROID.MK





PART OF ANDROID.MK





PART OF ANDROID.MK





APP

Hardware Related Library

Hardware

system_server

APP


Hardware

Link

system_server

APP


Permission Denied

Hardware

Link

system_server

APP


Permission Denied

Hardware

Link

system_server

(Mostly control via sysfs)

APP


Permission Denied

Hardware

Link

system_server

Link


APP


Permission Denied

Hardware

Link

system_server

Link

Binder IPC


APP


Permission Denied

Hardware

Link

system_server

Link

Binder IPC

Actions


frameworks/base/core/java/android/os/IVibratorService.aidl

AIDL = Android Interface Definition Language

WE GONNA FAKE ONE !

class BpMyVibrator : public BpInterface<IMyVibrator> {

virtual bool hasVibrator(void) {…}

virtual void vibrate(int32_t, String16&, int64_t,

int32_t, sp<IBinder>&) {…}

virtual void cancelVibrate(sp<IBinder>& token) {…}

(vibratePattern Omitted)

}Same interface in IVibratorService.aidl

About detailed Binder part in this example…

http://mshockwave.blogspot.tw/2015/01/using-binder-to-vibrate-android-binder.html




IN THE PREVIOUS EXAMPLE…

PERMISSION DENIED ?!!!

KER KER

I’M ROOT

Native Services:

= HIGHER permission

= Able to use MORE libraries

Native Service

Libraries

Service Manager

App

Native Service

Link

Libraries

Service Manager

App

Native Service

Link

Libraries

Service Manager

App

Interact via Binder

Native Service

Link

Libraries

Service Manager

App

joinThreadPool()

Interact via Binder

• libstagefright.so

• libui.so

• libhardware.so (libhardware_legacy.so)

Native Service Example…

https://github.com/mshockwave/android-native-service-demo

https://github.com/mshockwave/android-native-service-demo

QUESTIONS?

E-mail / Google account: [email protected]

Github / Bitbucket account name: mshockwave

Facebook: www.facebook.com/bekket.mcclane

mailto:[email protected]

http://www.facebook.com/bekket.mcclane

Engineering

From Android NDK To AOSP