全部博文(478)
分类: Android平台
2016-09-01 15:03:20
mkbootfs的源代码在system/core/cpio中。
?
?
mkbootfs -f boot_filesystem_config.txt targetfiles/BOOT/RAMDISK | minigzip > ramdisk.img
mkbootimg的源代码在system/core/mkbootimg中。
mkbootimg --kernel kernel --ramdisk ramdisk.img --output /tmp/boot.img
minigzip的源代码在external/zlib中。
源码位于:build/tools/fs_config。
其中的fs_config.c包含了system/core/include/private/android_filesystem_config.h,真正权限配置和fs_config的实现都在这个头文件中。
static const struct fs_path_config android_dirs[] = { { 00770, AID_SYSTEM, AID_CACHE, 0, "cache" }, { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/app" }, { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/app-private" }, { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/dalvik-cache" }, { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data/data" }, { 00771, AID_SHELL, AID_SHELL, 0, "data/local/tmp" }, { 00771, AID_SHELL, AID_SHELL, 0, "data/local" }, { 01771, AID_SYSTEM, AID_MISC, 0, "data/misc" }, { 00770, AID_DHCP, AID_DHCP, 0, "data/misc/dhcp" }, { 00775, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media" }, { 00775, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media/Music" }, { 00771, AID_SYSTEM, AID_SYSTEM, 0, "data" }, { 00750, AID_ROOT, AID_SHELL, 0, "sbin" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/bin" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/vendor" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/xbin" }, { 00755, AID_ROOT, AID_ROOT, 0, "system/etc/ppp" }, { 00755, AID_ROOT, AID_SHELL, 0, "vendor" }, { 00777, AID_ROOT, AID_ROOT, 0, "sdcard" }, { 00755, AID_ROOT, AID_ROOT, 0, 0 }, }; |
static const struct fs_path_config android_files[] = { { 00440, AID_ROOT, AID_SHELL, 0, "system/etc/init.goldfish.rc" }, { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.goldfish.sh" }, { 00440, AID_ROOT, AID_SHELL, 0, "system/etc/init.trout.rc" }, { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.ril" }, { 00550, AID_ROOT, AID_SHELL, 0, "system/etc/init.testmenu" }, { 00550, AID_DHCP, AID_SHELL, 0, "system/etc/dhcpcd/dhcpcd-run-hooks" }, { 00444, AID_RADIO, AID_AUDIO, 0, "system/etc/AudioPara4.csv" }, { 00555, AID_ROOT, AID_ROOT, 0, "system/etc/ppp/*" }, { 00555, AID_ROOT, AID_ROOT, 0, "system/etc/rc.*" }, { 00644, AID_SYSTEM, AID_SYSTEM, 0, "data/app/*" }, { 00644, AID_MEDIA_RW, AID_MEDIA_RW, 0, "data/media/*" }, { 00644, AID_SYSTEM, AID_SYSTEM, 0, "data/app-private/*" }, { 00644, AID_APP, AID_APP, 0, "data/data/*" }, { 00755, AID_ROOT, AID_ROOT, 0, "system/bin/ping" }, |
/* the following file is INTENTIONALLY set-gid and not set-uid. * Do not change. */ { 02750, AID_ROOT, AID_INET, 0, "system/bin/netcfg" },
/* the following five files are INTENTIONALLY set-uid, but they * are NOT included on user builds. */ { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/su" }, { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/librank" }, { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procrank" }, { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/procmem" }, { 06755, AID_ROOT, AID_ROOT, 0, "system/xbin/tcpdump" }, { 04770, AID_ROOT, AID_RADIO, 0, "system/bin/pppd-ril" }, |
/* the following files have enhanced capabilities and ARE included in user builds. */ { 00750, AID_ROOT, AID_SHELL, (1 << CAP_SETUID) | (1 << CAP_SETGID), "system/bin/run-as" },
{ 00755, AID_ROOT, AID_SHELL, 0, "system/bin/*" }, { 00755, AID_ROOT, AID_ROOT, 0, "system/lib/valgrind/*" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/xbin/*" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/xbin/*" }, { 00755, AID_ROOT, AID_SHELL, 0, "system/vendor/bin/*" }, { 00755, AID_ROOT, AID_SHELL, 0, "vendor/bin/*" }, { 00750, AID_ROOT, AID_SHELL, 0, "sbin/*" }, { 00755, AID_ROOT, AID_ROOT, 0, "bin/*" }, { 00750, AID_ROOT, AID_SHELL, 0, "init*" }, { 00750, AID_ROOT, AID_SHELL, 0, "charger*" }, { 00750, AID_ROOT, AID_SHELL, 0, "sbin/fs_mgr" }, { 00640, AID_ROOT, AID_SHELL, 0, "fstab.*" }, { 00644, AID_ROOT, AID_ROOT, 0, 0 }, }; |
工具imgdiff的源码位于:recovery/applypatch。对应的应用补丁的工具为imgpatch。imgdiff用来处理*.gz,*.zip,*.apk,*.jar,*.img。
imgpatch以及下面的bspatch都存在于applypatch工具中。与官方的bspatch在输入输出以及错误处理上有一些不同。根据diff文件的开头几个字节可以判断应该使用哪个补丁工具。开头为“BSDIFF40”的用bspatch处理,开头为“IMGDIFF2”用imgpatch处理。
工具bsdiff的源码位于:external/bsdiff。对应的应用补丁的工具为bspatch。bsdiff能够更高效地处理可执行文件。
signapk的源码位于:build/tools/signapk。
使用方法:
signapk.jar -w <公钥> <私钥> <输入文件> <输出文件>
其中:-w表示对整个文件进行签名。
签名算法:
1. 程序遍历update.apk包中的所有文件(entry),对非文件夹非签名文件的文件,逐个生成SHA1的数字签名信息,再用Base64进行编码。
2. 如果-w整包签,则将 证书.x509.pem 复制到 META-INF/com//otacert;
并在manifest对象中增加META-INF/com/android/otacert的SHA1摘要
3. 之后将生成的签名写入MANIFEST.MF文件。
4. 对前一步生成的Manifest,使用SHA1-RSA算法,用私钥进行签名。
5. 在CERT.RSA文件中保存公钥、所采用的加密算法等信息。
签名后,apk(zip)文件中多了下列文件
META-INF/MANIFEST.MF
META-INF/CERT.SF
META-INF/CERT.RSA