Android 2.6.29
を通過しました。LKM module
Androidアプリケーションのシステムコールを追跡しています。しかし、面白いのは、システムコールリストを取得するたびに異なる結果が返されることです。
コードセクションでは太字のテキストを使用できないため、違いが始まる場所を表示するために**を使用します。
例えば、
最初の実行:
our_sys_gettid ---> uid = 10028
our_sys_open ---> uid = 10028 with filename= /dev/cpuctl//tasks, flags= 131073, mode=0
our_sys_write ---> uid = 10028 with fd= 30, buf = 230 and count=3
our_sys_close ---> uid = 10028 with fd= 30
our_sys_setpriority ---> uid = 10028 with which= 0, who=230 and niceval=0
our_sys_futex ---> uid = 10028 with uadd=������, op=1, val=1, utime=<NULL>, uaddr2=������ and val3=
**our_sys_gettid ---> uid = 10028
our_sys_open ---> uid = 10028 with filename= /dev/cpuctl//tasks, flags= 131073, mode=0
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3196467192
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3196467192 **
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3196466496
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3196466496
our_sys_dup ---> uid = 10028 with fildes=32
our_sys_close ---> uid = 10028 with fd= 32
.....................
2回目の実行:
our_sys_gettid ---> uid = 10028
our_sys_open ---> uid = 10028 with filename= /dev/cpuctl//tasks, flags= 131073, mode=0
our_sys_write ---> uid = 10028 with fd= 30, buf = 228 and count=3
our_sys_close ---> uid = 10028 with fd= 30
our_sys_setpriority ---> uid = 10028 with which= 0, who=228 and niceval=0
our_sys_futex ---> uid = 10028 with uadd=������, op=1, val=1, utime=<NULL>, uaddr2=������ and val3=
**our_sys_gettid ---> uid = 10028
our_sys_open ---> uid = 10028 with filename= /dev/cpuctl//tasks, flags= 131073, mode=0
our_sys_write ---> uid = 10028 with fd= 30, buf = 228 and count=3
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3198662648
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3198662648
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3198661952**
our_sys_close ---> uid = 10028 with fd= 30
our_sys_setpriority ---> uid = 10028 with which= 0, who=228 and niceval=0
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=1181359656
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3198661952
our_sys_dup ---> uid = 10028 with fildes=32
our_sys_close ---> uid = 10028 with fd= 32
....................
3回目の実行:
our_sys_gettid ---> uid = 10028
our_sys_open ---> uid = 10028 with filename= /dev/cpuctl//tasks, flags= 131073, mode=0
our_sys_write ---> uid = 10028 with fd= 31, buf = 228 and count=3
our_sys_close ---> uid = 10028 with fd= 31
our_sys_setpriority ---> uid = 10028 with which= 0, who=228 and niceval=0
our_sys_futex ---> uid = 10028 with uadd=������, op=1, val=1, utime=<NULL>, uaddr2=������ and val3=X{�D
**our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3198035960
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3198035960
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_clock_gettime ---> uid = 10028 with which_clock=<NULL>, tp =
our_sys_munmap ---> uid = 10028 with addr=1183178752 and len=770048
our_sys_close ---> uid = 10028 with fd= 32**
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3198035264
our_sys_ioctl ---> uid = 10028 with fd=21, cmd=3222823425 and arg=3198035264
our_sys_dup ---> uid = 10028 with fildes=31
our_sys_close ---> uid = 10028 with fd= 31
........................
なぜ毎回別の結果が出るのか分かりますか?
システムコールを追跡するためのより良いツールはありますか?などについて聞きましたが、strace/ptrace
Androidauditd
で動作しているかどうかはわかりません。
ベストアンサー1
エミュレータではなく実際のデバイスでアプリケーションを実行して追跡することをお勧めします。エミュレータには実際のデバイスの一部の機能が不足しているため、エミュレータを使用して特定のタスクを実行しようとすると、実際に誤った結果が生じる可能性があります。