• Android 安全攻防(一):SEAndroid的编译


    转自:http://blog.csdn.net/yiyaaixuexi/article/details/8330645

    SEAndroid概述

     

    SEAndroid(Security-Enhanced Android),是将原本运用在Linux操作系统上的MAC强制存取控管套件SELinux,移植到Android平台上。可以用来强化Android操作系统对App的存取控管,建立类似沙箱的执行隔离效果,来确保每一个App之间的独立运作,也因此可以阻止恶意App对系统或其它应用程序的攻击。

    SEAndroid的中心理念是,即使root权限被篡夺,只求阻止应用的恶意行为。

     

     

    下载源码

     

     

    1.把源码全部拉下来

     
    git clone https://bitbucket.org/seandroid/manifests.git
    mkdir seandroid
    cd seandroid
    repo init -u https://android.googlesource.com/platform/manifest
    repo sync
    cp ../manifests/local_manifest.xml .repo
    repo sync

    2.拉下来对应分支的代码

     

    如果已有Android系统源码,可以直接使用

    
    
    Base Version       SE Branch
    android-4.2.1_r1 seandroid-4.2
    android-4.1.2_r1 seandroid-4.1.2
    android-4.1.1_r6.1 seandroid-4.1.1
    android-4.0.4_r2.1 seandroid-4.0.4
    git clone -b seandroid-4.0.4 https://bitbucket.org/seandroid/manifests.git
    mkdir Android_src
    cd Android_src
    cp ../manifests/local_manifest.xml .repo/
    repo sync

    编译

     
    先编个虚拟机版本,内核需要有SELinux支持,暂先使用默认的config:
     
    export PREFIX=/path/to/your/aospclone
    cd $PREFIX/kernel/goldfish
    make ARCH=arm goldfish_armv7_defconfig
    make ARCH=arm CROSS_COMPILE=$PREFIX/prebuilt/linux-x86/toolchain/arm-eabi-4.4.3/bin/arm-eabi-
     

    以下是编译Android 4.0.4的常见错误,这些错误的解决办法收录自互联网。

    Google group有个专门的Android Building组,有兴趣的可以加入。

    ################# Fix 1 ##########################

    Error:

    frameworks/base/include/utils/KeyedVector.h:193:31: note: declarations in dependent base ‘android::KeyedVector<android::String8, android::sp<AaptDir> >’ are not found by unqualified lookup

    frameworks/base/include/utils/KeyedVector.h:193:31: note: use ‘this->indexOfKey’ instead
    make: *** [out/host/linux-x86/obj/EXECUTABLES/aapt_intermediates/AaptAssets.o] Error 1

    Fix:
    vi frameworks/base/tools/aapt/Android.mk

    Add '-fpermissive' to line 31:
    LOCAL_CFLAGS += -Wno-format-y2k -fpermissive

    ################## Fix 2 ##########################

    Error:
    frameworks/base/include/utils/KeyedVector.h:193:31: error: ‘indexOfKey’ was not declared in this scope, and no declarations were found by argument-dependent lookup at the point of instantiation [-fpermissive]
    frameworks/base/include/utils/KeyedVector.h:193:31: note: declarations in dependent base ‘android::KeyedVector<android::String8, android::wp<android::AssetManager::SharedZip> >’ are not found by unqualified lookup

    frameworks/base/include/utils/KeyedVector.h:193:31: note: use ‘this->indexOfKey’ instead
    make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libutils_intermediates/AssetManager.o] Error 1

    Fix:
    vi frameworks/base/libs/utils/Android.mk

    Add '-fpermissive' to line 64:
    LOCAL_CFLAGS += -DLIBUTILS_NATIVE=1 $(TOOL_CFLAGS) -fpermissive

    ################## Fix 3 ##########################

    Error:
    external/srec/tools/thirdparty/OpenFst/fst/lib/cache.h:136:11: note: use ‘this->SetState’ instead
    make: *** [out/host/linux-x86/obj/EXECUTABLES/grxmlcompile_intermediates/grxmlcompile.o] Error 1

    Fix:
    cd external/srec
    wget "https://github.com/CyanogenMod/android_external_srec/commit/4d7ae7b79eda47e489669fbbe1f91ec501d42fb2.diff"
    patch -p1 < 4d7ae7b79eda47e489669fbbe1f91ec501d42fb2.diff
    rm -f 4d7ae7b79eda47e489669fbbe1f91ec501d42fb2.diff
    cd ../..

    ################## Fix 4 ##########################

    Error:
    development/tools/emulator/opengl/host/tools/emugen/main.cpp:79:9: error: ‘optind’ was not declared in this scope
    development/tools/emulator/opengl/host/tools/emugen/main.cpp:92:45: error: ‘optind’ was not declared in this scope
    make: *** [out/host/linux-x86/obj/EXECUTABLES/emugen_intermediates/main.o] Error 1

    Fix:
    vi development/tools/emulator/opengl/host/tools/emugen/main.cpp

    Add '#include <getopt.h>' to list of includes:
    #include <getopt.h>

    ################## Fix 5 ##########################

    Error:
    host C++: liboprofile_pp <= external/oprofile/libpp/arrange_profiles.cpp
    In file included from external/oprofile/libpp/arrange_profiles.cpp:24:0:
    external/oprofile/libpp/format_output.h:94:22: error: reference ‘counts’ cannot be declared ‘mutable’ [-fpermissive]
    make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/liboprofile_pp_intermediates/arrange_profiles.o] Error 1

    Fix:
    vi external/oprofile/libpp/format_output.h

    Remove 'mutable' from 'mutable counts_t & counts;' on line 94:
    counts_t & counts;

    ################## Fix 6 ##########################

    Error:
    development/tools/emulator/opengl/shared/OpenglCodecCommon/GLSharedGroup.cpp:345:65:   required from here

    frameworks/base/include/utils/KeyedVector.h:193:31: error: ‘indexOfKey’ was not declared in this scope, and no declarations were found by argument-dependent lookup at the point of instantiation [-fpermissive]
    frameworks/base/include/utils/KeyedVector.h:193:31: note: declarations in dependent base ‘android::KeyedVector<unsigned int, ShaderData*>’ are not found by unqualified lookup

    frameworks/base/include/utils/KeyedVector.h:193:31: note: use ‘this->indexOfKey’ instead
    make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libOpenglCodecCommon_intermediates/GLSharedGroup.o] Error 1

    Fix:
    vi development/tools/emulator/opengl/Android.mk

    Add '-fpermissive' to line 25:
    EMUGL_COMMON_CFLAGS := -DWITH_GLES2 -fpermissive

    ################## Fix 7 ##########################

    Error:
    /usr/bin/ld: note: 'XInitThreads' is defined in DSO /lib/libX11.so.6 so try adding it to the linker command line
    /lib/libX11.so.6: could not read symbols: Invalid operation
    collect2: error: ld returned 1 exit status
    make: *** [out/host/linux-x86/obj/EXECUTABLES/emulator_renderer_intermediates/emulator_renderer] Error 1

    Fix:
    vi development/tools/emulator/opengl/host/renderer/Android.mk

    Add new entry 'LOCAL_LDLIBS += -lX11' after line 6 as shown:
    LOCAL_SRC_FILES := main.cpp
    LOCAL_CFLAGS    += -O0 -g
    LOCAL_LDLIBS += -lX11

    #ifeq ($(HOST_OS),windows)
    #LOCAL_LDLIBS += -lws2_32 

    ################## Fix 8 ##########################

    Error:
    external/llvm/include/llvm/ADT/PointerUnion.h:56:10: error: enumeral mismatch in conditional expression: ‘llvm::PointerLikeTypeTraits<llvm::PointerUnion<clang::Stmt*, const clang::Type*> >::<anonymous enum>’ vs ‘llvm::PointerLikeTypeTraits<clang::ObjCInterfaceDecl*>::<anonymous enum>’ [-Werror]
    cc1plus: all warnings being treated as errors
    make: *** [out/host/linux-x86/obj/EXECUTABLES/llvm-rs-cc_intermediates/slang_rs.o] Error 1

    Fix:
    vi frameworks/compile/slang/Android.mk

    Remove '-Werror' from line 22:
    local_cflags_for_slang := -Wno-sign-promo -Wall -Wno-unused-parameter 

    ################## Fix 9 ##########################

    Error:
    frameworks/base/libs/rs/rsFont.cpp:224:76:   required from here

    frameworks/base/include/utils/KeyedVector.h:193:31: error: ‘indexOfKey’ was not declared in this scope, and no declarations were found by argument-dependent lookup at the point of instantiation [-fpermissive]
    frameworks/base/include/utils/KeyedVector.h:193:31: note: declarations in dependent base ‘android::KeyedVector<unsigned int, android::renderscript::Font::CachedGlyphInfo*>’ are not found by unqualified lookup

    frameworks/base/include/utils/KeyedVector.h:193:31: note: use ‘this->indexOfKey’ instead
    make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libRS_intermediates/rsFont.o] Error 1

    Fix:
    vi frameworks/base/libs/rs/Android.mk

    Add '-fpermissive' to line 183
    LOCAL_CFLAGS += -Werror -Wall -Wno-unused-parameter -Wno-unused-variable -fpermissive

    ################## Fix 10 #########################

    Error:
    external/mesa3d/src/glsl/linker.cpp:1394:49: error: expected primary-expression before ‘,’ token
    ......
    external/mesa3d/src/glsl/linker.cpp:1734:59: error: ‘offsetof’ was not declared in this scope
    make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libMesa_intermediates/src/glsl/linker.o] Error 1

    Fix:
    vi external/mesa3d/src/glsl/linker.cpp

    Add '#include <stddef.h>' to list of includes as shown: 
    #include <climits>
    #include <stddef.h>
    #include <pixelflinger2/pixelflinger2_interface.h>

    ################## Fix 11 #########################

    Error:
    external/gtest/src/../include/gtest/gtest-param-test.h:287:58: note: ‘template<class Container> testing::internal::ParamGenerator<typename Container::value_type> testing::ValuesIn(const Container&)’ declared here, later in the translation unit
    make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libgtest_host_intermediates/gtest-all.o] Error 1

    Two fixes required:
    1)
    vi external/gtest/src/Android.mk

    Add '-fpermissive' to lines 52 and 70 (both lines contain same info)
    LOCAL_CFLAGS += -O0 -fpermissive

    2)
    vi external/gtest/include/gtest/internal/gtest-param-util.h

    Add '#include <stddef.h>' to list of includes as shown:
    #include <vector>
    #include <cstddef>
    #include <gtest/internal/gtest-port.h>
     
    ################## Fix 12 #########################
    Error:

    host Executable: test-librsloader (out/host/linux-x86/obj/EXECUTABLES/test-librsloader_intermediates/test-librsloader)
    out/host/linux-x86/obj/STATIC_LIBRARIES/libLLVMSupport_intermediates/libLLVMSupport.a(Signals.o):在函数‘PrintStackTrace’中:
    /home/crow/works/Android_src/external/llvm/lib/Support/Unix/Signals.inc:219:对‘dladdr’未定义的引用
    /home/crow/works/Android_src/external/llvm/lib/Support/Unix/Signals.inc:231:对‘dladdr’未定义的引用
    out/host/linux-x86/obj/STATIC_LIBRARIES/libLLVMSupport_intermediates/libLLVMSupport.a(Threading.o):在函数‘llvm::llvm_execute_on_thread(void (*)(void*), void*, unsigned int)’中:
    /home/crow/works/Android_src/external/llvm/lib/Support/Threading.cpp:96:对‘pthread_create’未定义的引用
    /home/crow/works/Android_src/external/llvm/lib/Support/Threading.cpp:100:对‘pthread_join’未定义的引用
    /home/crow/works/Android_src/external/llvm/lib/Support/Threading.cpp:91:对‘pthread_attr_setstacksize’未定义的引用
    out/host/linux-x86/obj/STATIC_LIBRARIES/libLLVMSupport_intermediates/libLLVMSupport.a(Mutex.o):在函数‘llvm::sys::MutexImpl::MutexImpl(bool)’中:
    /home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:69:对‘pthread_mutexattr_init’未定义的引用
    /home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:75:对‘pthread_mutexattr_settype’未定义的引用
    /home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:80:对‘pthread_mutexattr_setpshared’未定义的引用
    /home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:89:对‘pthread_mutexattr_destroy’未定义的引用
    out/host/linux-x86/obj/STATIC_LIBRARIES/libLLVMSupport_intermediates/libLLVMSupport.a(Mutex.o):在函数‘llvm::sys::MutexImpl::tryacquire()’中:
    /home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:143:对‘pthread_mutex_trylock’未定义的引用
    collect2: 错误: ld 返回 1
    make: *** [out/host/linux-x86/obj/EXECUTABLES/test-librsloader_intermediates/test-librsloader] 错误 1

    Fix:

    $vi external/llvm/llvm-host-build.mk +
    LOCAL_LDLIBS := -lpthread -ldl

    运行测试

     
    用上一步编译出的内核来起动模拟器
     
    emulator -show-kernel -kernel kernel/goldfish/arch/arm/boot/zImage
     
     
  • 相关阅读:
    网络编程
    mysql
    python 基础
    vim 操作
    linux 基本命令
    基本库使用(urllib,requests)
    震撼功能:逐浪CMS全面支持PWA移动生成意指未来
    硬件能力与智能AI-Zoomla!逐浪CMS2 x3.9.2正式发布
    从送外卖到建站售主机还有共享自行车说起-2017年8月江西IDC排行榜与发展报告
    HTTP协议知多少-关于http1.x、http2、SPDY的相关知识
  • 原文地址:https://www.cnblogs.com/LCGIS/p/3341394.html
Copyright © 2020-2023  润新知