Intercepting Binder IPC calls
David Herges
I want to monitor inter-application communication and, therefore, intercept the ipc calls that go through binder. The question is where to place my hooks?
I figured out/am gueesing that the impl in ''frameworks/base/libs/binder'' is the user-space part of binder, i.e. the native libraries that applications are linked against. In ''frameworks/base/cmds/servicemanager/, is it the kernel-space part or is it the user-space servicemanager(*)? * confer here: http://ebixio.com/blog/2011/01/03/the-android-ipc-system/ If not, where is the kernel-space part of binder impl?
As last resort, I'd be fine to place my hooks in the user-space libraries, though...am pondering, still.
Cheers, David
Adrian Taylor
Back in the mists of time, I attempted some changes to strace to
understand some of the Binder calls.
This really was a very, very long time ago and I didn't get very far
anyway. But do have a look here:
http://www.macrobug.com/opensource/strace/mb-strace-4.5.15-patch-2513.diff
Cheers
Adrian
> --
> You received this message because you are subscribed to the Google
> Groups "android-platform" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/android-platform/-/5lMcbK9zg1UJ.
> To post to this group, send email to android-...@googlegroups.com.
> To unsubscribe from this group, send email to
> android-platfo...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/android-platform?hl=en.
David Herges
I guess that modifying the kernel itself is far more tricky stuff...let alone compiling and integrating it with the all the middleware. I think that I am fine to hook into the user-space libraries as part of my project; have to talk to some other people about that, though ;-)
Adrian Taylor
> I guess that modifying the kernel itself is far more tricky stuff...let alone compiling and integrating it with the all the middleware. I think that I am fine to hook into the user-space libraries as part of my project; have to talk to some other people about that, though ;-)
strace can intercept all calls which go between user-space and the kernel; that is its job. So, it could do any logging that could be done by the kernel.
However, actually interpreting that into useful human-readable messages is not simple without all the contextual information which is available when you're actually running as part of the program which is sending or receiving the messages in question. By the time they get as far as strace or the kernel, they're pretty much just a stream of bytes.
It's fun trying, though. Good luck!
Adrian
David Herges
Dianne Hackborn
Actually, I need more than just intercepting and logging. What I'd really need is to hook into Binder, intercept the data that is being exchanged between processes, analyse that bitstream, look into the messages and, based on some policy settings, modify the data "in transit". However, I don't want to modify the kernel actually. All I want is to modify 'frameworks/base' so that I can flash the modified platform system.img to various devices.At library level, it achieves the same effect, though it's not as tamper-proof as doing it in kernel-space.
--
You received this message because you are subscribed to the Google Groups "android-platform" group.
To view this discussion on the web visit https://groups.google.com/d/msg/android-platform/-/zGMwRH0SCHAJ.
To post to this group, send email to android-...@googlegroups.com.
To unsubscribe from this group, send email to android-platfo...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/android-platform?hl=en.
Dianne Hackborn
Android framework engineer
hac...@android.com
Note: please don't send private questions to me, as I don't have time to provide private support, and so won't reply to such e-mails. All such questions should be posted on public forums, where I and others can see and answer them.
Stephen Smalley
drivers/staging/android/binder.c in the Android kernel trees.
--
Stephen Smalley
National Security Agency