第6課第4節(jié)_Binder系統(tǒng)_驅(qū)動(dòng)情景分析_服務(wù)注冊過程_分析
Service_manager.c 8074 2017/6/30 首先從應(yīng)用程序分析(Android) binder_loop(bs, svcmgr_handler) { readbuf[0] = BC_ENTER_LOOPER; res = ioctl(bs->fd, BINDER_WRITE_READ, &bwr); /導(dǎo)致驅(qū)動(dòng)程序的ioctl調(diào)用-------》會(huì)創(chuàng)建一個(gè)binder_thread } Binder.c (linux-3.0.86\drivers\staging\android) 105029 2015/3/24 static long binder_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) { 兩個(gè)重要的結(jié)構(gòu)體: struct binder_proc *proc = filp->private_data; struct binder_thread *thread; 一個(gè)重要的函數(shù): thread = binder_get_thread(proc); switch (cmd) { case BINDER_WRITE_READ: { struct binder_write_read bwr; if (size != sizeof(struct binder_write_read)) { ret = -EINVAL; goto err; } if (copy_from_user(&bwr, ubuf, sizeof(bwr))) { ret = -EFAULT; goto err; } binder_debug(BINDER_DEBUG_READ_WRITE, "binder: %d:%d write %ld at %08lx, read %ld at %08lx\n", proc->pid, thread->pid, bwr.write_size, bwr.write_buffer, bwr.read_size, bwr.read_buffer); if (bwr.write_size > 0) { ret = binder_thread_write(proc, thread, (void __user *)bwr.write_buffer, bwr.write_size, &bwr.write_consumed); if (ret < 0) { bwr.read_consumed = 0; if (copy_to_user(ubuf, &bwr, sizeof(bwr))) ret = -EFAULT; goto err; } } }
在Linux內(nèi)核中 Binder.c (linux-3.0.86\drivers\staging\android) 105029 2015/3/24
調(diào)用對應(yīng)的
binder_ioctl
{
讀操作
ret = binder_thread_read(proc, thread, (void __user *)bwr.read_buffer, bwr.read_size, &bwr.read_consumed, filp->f_flags & O_NONBLOCK);
}
binder_thread_read{
BR_NOOP 對于所有的讀操作,數(shù)據(jù)頭都是BR_NOOP
讀出的數(shù)據(jù) binder_write_read.redbuf-------------->BR_NOOP , cmd | 數(shù)據(jù), cmd | 數(shù)據(jù)
}
進(jìn)入休眠,等待text_server(Android)
bio_init(&msg, iodata, sizeof(iodata), 4); bio_put_uint32(&msg, 0); // strict mode header bio_put_string16_x(&msg, SVC_MGR_NAME); bio_put_string16_x(&msg, name); bio_put_obj(&msg, ptr);
#define SVC_MGR_NAME "android.os.IServiceManager"
binder_thread_read : BR_TRANSACTION service_manager (1362, 1362), binder_thread_read , print data : 0000: 00 . 00 . 00 . 00 . 1a . 00 . 00 . 00 . 61 a 00 . 6e n 00 . 64 d 00 . 72 r 00 . 0016: 6f o 00 . 69 i 00 . 64 d 00 . 2e . 00 . 6f o 00 . 73 s 00 . 2e . 00 . 49 I 00 . 0032: 53 S 00 . 65 e 00 . 72 r 00 . 76 v 00 . 69 i 00 . 63 c 00 . 65 e 00 . 4d M 00 . 0048: 61 a 00 . 6e n 00 . 61 a 00 . 67 g 00 . 65 e 00 . 72 r 00 . 00 . 00 . 00 . 00 . 0064: 05 . 00 . 00 . 00 . 68 h 00 . 65 e 00 . 6c l 00 . 6c l 00 . 6f o 00 . 00 . 00 . 0080: 85 . 2a * 68 h 73 s 7f . 01 . 00 . 00 . 01 . 00 . 00 . 00 . 00 . 00 . 00 . 00 .
posted on 2018-02-25 18:32 竹林海寶 閱讀(189) 評(píng)論(0) 收藏 舉報(bào)
浙公網(wǎng)安備 33010602011771號(hào)