本文ASOP源码版本8.1,下面是相关改动文件
Changes not staged for commit:
(use "git add/rm <file>..." to update what will be committed)
(use "git checkout -- <file>..." to discard changes in working directory)
modified: bionic/libc/Android.bp
modified: bionic/libc/SYSCALLS.TXT
deleted: bionic/libc/arch-arm/syscalls/__exit.S
deleted: bionic/libc/arch-arm/syscalls/_exit.S
deleted: bionic/libc/arch-arm64/syscalls/__exit.S
deleted: bionic/libc/arch-arm64/syscalls/_exit.S
modified: bionic/libc/include/stdlib.h
modified: bionic/libc/include/unistd.h
modified: bionic/libc/libc.map.txt
modified: bionic/libc/stdlib/exit.c
Untracked files:
(use "git add <file>..." to include in what will be committed)
bionic/libc/arch-arm/syscalls/__xsexit.S
bionic/libc/arch-arm/syscalls/_xsexit.S
bionic/libc/arch-arm64/syscalls/__xsexit.S
bionic/libc/arch-arm64/syscalls/_xsexit.S
bionic/libc/bionic/__exit.cpp
bionic/libc/bionic/_exit.cpp
bionic/libc/include/sys/exit.h
下面以_exit exit Exit 函数为例,这些函数本来直接是汇编代码,现在我们需要添加一个中间层,然后再调用原本的汇编代码
1. 添加中间层
新建bionic/libc/include/sys/exit.h
#ifndef _SYS_EXIT_H_
#define _SYS_EXIT_H_
#include <linux/unistd.h>
#include <sys/cdefs.h>
__BEGIN_DECLS
void _exit (int status);
void __exit (int status);
void _Exit (int status);
__END_DECLS
#endif /* _SYS_EXIT_H_ */
新建 bionic/libc/bionic/_exit.cpp
#include <unistd.h>
#include <async_safe/log.h>
#include <sys/exit.h>
extern "C" __noreturn void _xsexit(int);
void _exit(int status) {
async_safe_format_log(ANDROID_LOG_DEBUG, "_exit", "pid %d comm %s\n", getpid(), comm);
_xsexit(status);
}
void _Exit(int status) {
async_safe_format_log(ANDROID_LOG_DEBUG, "_Exit", "pid %d", getpid());
_xsexit(status);
}
新建 bionic/libc/bionic/__exit.cpp
#include <unistd.h>
#include <async_safe/log.h>
#include <sys/exit.h>
extern "C" __noreturn void __xsexit(int);
void __exit(int status) {
async_safe_format_log(ANDROID_LOG_DEBUG,"__exit", "pid %d", getpid());
__xsexit(status);
}
同时在stdlib.h 和 unistd.h 中引入新增的sys/exit.h,这一步是为了让系统调用走我们的函数,还不是直接去汇编
原本是汇编__exit在bionic/libc/arch-arm/syscalls/_exit.S中,在我们重命名成了__xsexit,然后做了一个C的__exit函数冒充,然后再调用重命名后的__xsexit
diff --git a/bionic/libc/include/unistd.h b/bionic/libc/include/unistd.h
index e024527ef2..a4685af4df 100644
--- a/bionic/libc/include/unistd.h
+++ b/bionic/libc/include/unistd.h
@@ -42,6 +42,8 @@
#include <bits/seek_constants.h>
#include <bits/sysconf.h>
+#include <sys/exit.h>
+
__BEGIN_DECLS
2. 修改汇编
主要是将bionic/libc/arch-arm/syscalls/_exit.S 和 bionic/libc/arch-arm/syscalls/__exit.S 改个名字
mv bionic/libc/arch-arm/syscalls/_exit.S bionic/libc/arch-arm/syscalls/_xsexit.S
mv bionic/libc/arch-arm/syscalls/__exit.S bionic/libc/arch-arm/syscalls/__xsexit.S
然后将两个汇编文件的ENTRY修改修改下, __exit改成文件名同样的__xsexit, 可以看到对应的调用编号是__NR_exit
// bionic/libc/arch-arm/syscalls/__xsexit.S
/* Generated by gensyscalls.py. Do not edit. */
#include <private/bionic_asm.h>
ENTRY(__xsexit)
mov ip, r7
.cfi_register r7, ip
ldr r7, =__NR_exit
swi #0
mov r7, ip
.cfi_restore r7
cmn r0, #(MAX_ERRNO + 1)
bxls lr
neg r0, r0
b __set_errno_internal
END(__xsexit)
修改libc.map.txt
diff --git a/bionic/libc/libc.map.txt b/bionic/libc/libc.map.txt
index c271a57e4f..83e4f4b28f 100644
--- a/bionic/libc/libc.map.txt
+++ b/bionic/libc/libc.map.txt
@@ -19,7 +19,7 @@ LIBC {
__dn_skipname;
__epoll_pwait; # arm x86 mips introduced=21
__errno;
- __exit; # arm x86 mips introduced=21
+ __xsexit; # arm x86 mips introduced=21
__fadvise64; # x86 mips introduced=21
__fbufsize; # introduced=23
__fcntl64; # arm x86 mips
@@ -205,7 +205,7 @@ LIBC {
__waitid; # arm x86 mips
_ctype_; # var
_Exit; # introduced=21
- _exit;
+ _xsexit;
_flush_cache; # mips
_flushlbf; # introduced=23
_getlong;
修改bionic/libc/SYSCALLS.TXT,这一部是把我们改后的汇编关联到内核的系统调用编号
diff --git a/bionic/libc/SYSCALLS.TXT b/bionic/libc/SYSCALLS.TXT
index d674630ac0..0f9e5269c5 100644
--- a/bionic/libc/SYSCALLS.TXT
+++ b/bionic/libc/SYSCALLS.TXT
@@ -309,8 +309,10 @@ int __epoll_pwait:epoll_pwait(int, struct epoll_event*, int, int, const sigset_t
int eventfd:eventfd2(unsigned int, int) all
-void _exit|_Exit:exit_group(int) all
-void __exit:exit(int) all
+#void _exit|_Exit:exit_group(int) all
+#void __exit:exit(int) all
+void _xsexit|_Exit:exit_group(int) all
+void __xsexit:exit(int) all
最后把你新增的文件添加到libc的Android.bp中
diff --git a/bionic/libc/Android.bp b/bionic/libc/Android.bp
index a0d1f237cc..b44c6598fd 100644
--- a/bionic/libc/Android.bp
+++ b/bionic/libc/Android.bp
@@ -809,7 +809,9 @@ cc_library_static {
"bionic/__strcpy_chk.cpp",
"bionic/strchr.cpp",
"bionic/strnlen.c",
- "bionic/strrchr.cpp",
+ "bionic/strrchr.cpp",
+ "bionic/_exit.cpp",
+ "bionic/__exit.cpp",
],
最终效果截图
