Android 安全攻防(一):SEAndroid的编译
转自:http://blog.csdn.net/yiyaaixuexi/article/details/8330645
SEAndroid概述
SEAndroid(Security-Enhanced Android),是将原本运用在Linux操作系统上的MAC强制存取控管套件SELinux,移植到Android平台上。可以用来强化Android操作系统对App的存取控管,建立类似沙箱的执行隔离效果,来确保每一个App之间的独立运作,也因此可以阻止恶意App对系统或其它应用程序的攻击。
SEAndroid的中心理念是,即使root权限被篡夺,只求阻止应用的恶意行为。
下载源码
1.把源码全部拉下来
git clone https://bitbucket.org/seandroid/manifests.git
mkdir seandroid
cd seandroid
repo init -u https://android.googlesource.com/platform/manifest
repo sync
cp ../manifests/local_manifest.xml .repo
repo sync
2.拉下来对应分支的代码
如果已有Android系统源码,可以直接使用
Base Version SE Branch
android-4.2.1_r1 seandroid-4.2
android-4.1.2_r1 seandroid-4.1.2
android-4.1.1_r6.1 seandroid-4.1.1
android-4.0.4_r2.1 seandroid-4.0.4
git clone -b seandroid-4.0.4 https://bitbucket.org/seandroid/manifests.git
mkdir Android_src
cd Android_src
cp ../manifests/local_manifest.xml .repo/
repo sync
编译
export PREFIX=/path/to/your/aospclone
cd $PREFIX/kernel/goldfish
make ARCH=arm goldfish_armv7_defconfig
make ARCH=arm CROSS_COMPILE=$PREFIX/prebuilt/linux-x86/toolchain/arm-eabi-4.4.3/bin/arm-eabi-
以下是编译Android 4.0.4的常见错误,这些错误的解决办法收录自互联网。
Google group有个专门的Android Building组,有兴趣的可以加入。
################# Fix 1 ##########################
Error:
frameworks/base/include/utils/KeyedVector.h:193:31: note: declarations in dependent base ‘android::KeyedVector<android::String8, android::sp<AaptDir> >’ are not found by unqualified lookup
make: *** [out/host/linux-x86/obj/EXECUTABLES/aapt_intermediates/AaptAssets.o] Error 1
Fix:
vi frameworks/base/tools/aapt/Android.mk
Add '-fpermissive' to line 31:
LOCAL_CFLAGS += -Wno-format-y2k -fpermissive
################## Fix 2 ##########################
Error:
frameworks/base/include/utils/KeyedVector.h:193:31: note: declarations in dependent base ‘android::KeyedVector<android::String8, android::wp<android::AssetManager::SharedZip> >’ are not found by unqualified lookup
make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libutils_intermediates/AssetManager.o] Error 1
Fix:
vi frameworks/base/libs/utils/Android.mk
Add '-fpermissive' to line 64:
LOCAL_CFLAGS += -DLIBUTILS_NATIVE=1 $(TOOL_CFLAGS) -fpermissive
################## Fix 3 ##########################
Error:
external/srec/tools/thirdparty/OpenFst/fst/lib/cache.h:136:11: note: use ‘this->SetState’ instead
make: *** [out/host/linux-x86/obj/EXECUTABLES/grxmlcompile_intermediates/grxmlcompile.o] Error 1
Fix:
cd external/srec
wget "https://github.com/CyanogenMod/android_external_srec/commit/4d7ae7b79eda47e489669fbbe1f91ec501d42fb2.diff"
patch -p1 < 4d7ae7b79eda47e489669fbbe1f91ec501d42fb2.diff
rm -f 4d7ae7b79eda47e489669fbbe1f91ec501d42fb2.diff
cd ../..
################## Fix 4 ##########################
Error:
development/tools/emulator/opengl/host/tools/emugen/main.cpp:79:9: error: ‘optind’ was not declared in this scope
development/tools/emulator/opengl/host/tools/emugen/main.cpp:92:45: error: ‘optind’ was not declared in this scope
make: *** [out/host/linux-x86/obj/EXECUTABLES/emugen_intermediates/main.o] Error 1
Fix:
vi development/tools/emulator/opengl/host/tools/emugen/main.cpp
Add '#include <getopt.h>' to list of includes:
#include <getopt.h>
################## Fix 5 ##########################
Error:
host C++: liboprofile_pp <= external/oprofile/libpp/arrange_profiles.cpp
In file included from external/oprofile/libpp/arrange_profiles.cpp:24:0:
external/oprofile/libpp/format_output.h:94:22: error: reference ‘counts’ cannot be declared ‘mutable’ [-fpermissive]
make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/liboprofile_pp_intermediates/arrange_profiles.o] Error 1
Fix:
vi external/oprofile/libpp/format_output.h
Remove 'mutable' from 'mutable counts_t & counts;' on line 94:
counts_t & counts;
################## Fix 6 ##########################
Error:
development/tools/emulator/opengl/shared/OpenglCodecCommon/GLSharedGroup.cpp:345:65: required from here
frameworks/base/include/utils/KeyedVector.h:193:31: note: declarations in dependent base ‘android::KeyedVector<unsigned int, ShaderData*>’ are not found by unqualified lookup
make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libOpenglCodecCommon_intermediates/GLSharedGroup.o] Error 1
Fix:
vi development/tools/emulator/opengl/Android.mk
Add '-fpermissive' to line 25:
EMUGL_COMMON_CFLAGS := -DWITH_GLES2 -fpermissive
################## Fix 7 ##########################
Error:
/usr/bin/ld: note: 'XInitThreads' is defined in DSO /lib/libX11.so.6 so try adding it to the linker command line
/lib/libX11.so.6: could not read symbols: Invalid operation
collect2: error: ld returned 1 exit status
make: *** [out/host/linux-x86/obj/EXECUTABLES/emulator_renderer_intermediates/emulator_renderer] Error 1
Fix:
vi development/tools/emulator/opengl/host/renderer/Android.mk
Add new entry 'LOCAL_LDLIBS += -lX11' after line 6 as shown:
LOCAL_SRC_FILES := main.cpp
LOCAL_CFLAGS += -O0 -g
LOCAL_LDLIBS += -lX11
#ifeq ($(HOST_OS),windows)
#LOCAL_LDLIBS += -lws2_32
################## Fix 8 ##########################
Error:
external/llvm/include/llvm/ADT/PointerUnion.h:56:10: error: enumeral mismatch in conditional expression: ‘llvm::PointerLikeTypeTraits<llvm::PointerUnion<clang::Stmt*, const clang::Type*> >::<anonymous enum>’ vs ‘llvm::PointerLikeTypeTraits<clang::ObjCInterfaceDecl*>::<anonymous enum>’ [-Werror]
cc1plus: all warnings being treated as errors
make: *** [out/host/linux-x86/obj/EXECUTABLES/llvm-rs-cc_intermediates/slang_rs.o] Error 1
Fix:
vi frameworks/compile/slang/Android.mk
Remove '-Werror' from line 22:
local_cflags_for_slang := -Wno-sign-promo -Wall -Wno-unused-parameter
################## Fix 9 ##########################
Error:
frameworks/base/libs/rs/rsFont.cpp:224:76: required from here
frameworks/base/include/utils/KeyedVector.h:193:31: note: declarations in dependent base ‘android::KeyedVector<unsigned int, android::renderscript::Font::CachedGlyphInfo*>’ are not found by unqualified lookup
make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libRS_intermediates/rsFont.o] Error 1
Fix:
vi frameworks/base/libs/rs/Android.mk
Add '-fpermissive' to line 183
LOCAL_CFLAGS += -Werror -Wall -Wno-unused-parameter -Wno-unused-variable -fpermissive
################## Fix 10 #########################
Error:
external/mesa3d/src/glsl/linker.cpp:1394:49: error: expected primary-expression before ‘,’ token
......
external/mesa3d/src/glsl/linker.cpp:1734:59: error: ‘offsetof’ was not declared in this scope
make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libMesa_intermediates/src/glsl/linker.o] Error 1
Fix:
vi external/mesa3d/src/glsl/linker.cpp
Add '#include <stddef.h>' to list of includes as shown:
#include <climits>
#include <stddef.h>
#include <pixelflinger2/pixelflinger2_interface.h>
################## Fix 11 #########################
Error:
external/gtest/src/../include/gtest/gtest-param-test.h:287:58: note: ‘template<class Container> testing::internal::ParamGenerator<typename Container::value_type> testing::ValuesIn(const Container&)’ declared here, later in the translation unit
make: *** [out/host/linux-x86/obj/STATIC_LIBRARIES/libgtest_host_intermediates/gtest-all.o] Error 1
Two fixes required:
1)
vi external/gtest/src/Android.mk
Add '-fpermissive' to lines 52 and 70 (both lines contain same info)
LOCAL_CFLAGS += -O0 -fpermissive
2)
vi external/gtest/include/gtest/internal/gtest-param-util.h
Add '#include <stddef.h>' to list of includes as shown:
#include <vector>
#include <cstddef>
#include <gtest/internal/gtest-port.h>
host Executable: test-librsloader (out/host/linux-x86/obj/EXECUTABLES/test-librsloader_intermediates/test-librsloader)
out/host/linux-x86/obj/STATIC_LIBRARIES/libLLVMSupport_intermediates/libLLVMSupport.a(Signals.o):在函数‘PrintStackTrace’中:
/home/crow/works/Android_src/external/llvm/lib/Support/Unix/Signals.inc:219:对‘dladdr’未定义的引用
/home/crow/works/Android_src/external/llvm/lib/Support/Unix/Signals.inc:231:对‘dladdr’未定义的引用
out/host/linux-x86/obj/STATIC_LIBRARIES/libLLVMSupport_intermediates/libLLVMSupport.a(Threading.o):在函数‘llvm::llvm_execute_on_thread(void (*)(void*), void*, unsigned int)’中:
/home/crow/works/Android_src/external/llvm/lib/Support/Threading.cpp:96:对‘pthread_create’未定义的引用
/home/crow/works/Android_src/external/llvm/lib/Support/Threading.cpp:100:对‘pthread_join’未定义的引用
/home/crow/works/Android_src/external/llvm/lib/Support/Threading.cpp:91:对‘pthread_attr_setstacksize’未定义的引用
out/host/linux-x86/obj/STATIC_LIBRARIES/libLLVMSupport_intermediates/libLLVMSupport.a(Mutex.o):在函数‘llvm::sys::MutexImpl::MutexImpl(bool)’中:
/home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:69:对‘pthread_mutexattr_init’未定义的引用
/home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:75:对‘pthread_mutexattr_settype’未定义的引用
/home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:80:对‘pthread_mutexattr_setpshared’未定义的引用
/home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:89:对‘pthread_mutexattr_destroy’未定义的引用
out/host/linux-x86/obj/STATIC_LIBRARIES/libLLVMSupport_intermediates/libLLVMSupport.a(Mutex.o):在函数‘llvm::sys::MutexImpl::tryacquire()’中:
/home/crow/works/Android_src/external/llvm/lib/Support/Mutex.cpp:143:对‘pthread_mutex_trylock’未定义的引用
collect2: 错误: ld 返回 1
make: *** [out/host/linux-x86/obj/EXECUTABLES/test-librsloader_intermediates/test-librsloader] 错误 1
Fix:
$vi external/llvm/llvm-host-build.mk +
LOCAL_LDLIBS := -lpthread -ldl
运行测试
emulator -show-kernel -kernel kernel/goldfish/arch/arm/boot/zImage
Android 安全攻防(一):SEAndroid的编译的更多相关文章
- Android安全攻防战,反编译与混淆技术完全解析(下)
在上一篇文章当中,我们学习了Android程序反编译方面的知识,包括反编译代码.反编译资源.以及重新打包等内容.通过这些内容我们也能看出来,其实我们的程序并没有那么的安全.可能资源被反编译影响还不是很 ...
- Android安全攻防战,反编译与混淆技术全然解析(下)
转载请注明出处:http://blog.csdn.net/guolin_blog/article/details/50451259 在上一篇文章其中,我们学习了Android程序反编译方面的知识,包括 ...
- Android trap攻防思路整理
Android trap攻防 图/文 h_one 0x01 反 ...
- Android安全攻防战,反编译与混淆技术完全解析(上)
转载请注明出处:http://blog.csdn.net/guolin_blog/article/details/49738023 之前一直有犹豫过要不要写这篇文章,毕竟去反编译人家的程序并不是什么值 ...
- Atitit.反编译apk android源码以及防止反编译apk
Atitit.反编译apk android源码以及防止反编译apk 1.1. Tool apk逆向助手1 1.2. 二.使用dex2jar + jd-gui 得到apk的java源码1 1.3. 用 ...
- Android之源码之模块编译和调试
Android之源码之模块编译调试 (一) 进行源码模块修改进行编译的调试 1.首先是从git或者svn上拉一套完整的工程下来,然后全编一下,一般这个时间比较长,大概会得2,3个小时左右, 2,编译成 ...
- 转:Android开发实践:用脚本编译Android工程
转自: http://ticktick.blog.51cto.com/823160/1365947 一般情况下,我们都是使用Eclipse+ADT插件或者Android studio软件来编译Andr ...
- Ubuntu 14.04 LTS 下 android 2.3.5 源码编译过程
Ubuntu 14.04 LTS 下 android 2.3.5 源码编译过程 在新的Ubuntu 64位系统下去编译早期的安卓源码是会出现很多问题的,因为64位系统在安装完成后,很多32位的兼容 ...
- [cocos2d-x3.0]Android+NDK+Eclipse环境搭建及编译步骤~
1: 必要准备 1): jdk&jre 2): adt-bundle 3): android ndk r9 4): python2.7 5): cocos2d-x 3.0 alpha0 2: ...
- 【转】Android 源码下利用jni编译自己的项目(参考系统development/samples/SimpleJNI)
原文网址:http://blog.csdn.net/qiuxiaolong007/article/details/7860481 记于正文前:环境是ubuntu10.10,android 源码是2.0 ...
随机推荐
- Django之web框架原理
Web框架原理 我们可以这样理解:所有的Web应用本质上就是一个socket服务端,而用户的浏览器就是一个socket客户端. 这样我们就可以自己实现Web框架了. 先写一个 原始的web框架 imp ...
- goweb- 对请求的处理
对请求的处理 Go 语言的 net/http 包提供了一系列用于表示 HTTP 报文的结构,我们可以使用它 处理请求和发送相应,其中 Request 结构代表了客户端发送的请求报文,下面让我们看 一下 ...
- Java每日一面(Part1:计算机网络)[19/11/02]
作者:故事我忘了¢个人微信公众号:程序猿的月光宝盒 1.TCP的滑动窗口 1.1 RTT和RTO的区别 RTT:发送一个数据包到收到对应的ACK,所花费的时间 RTO:重传时间间隔,TCP在发 ...
- flush() 缓冲输出流的缓冲区问题
package seday06; import java.io.BufferedOutputStream;import java.io.FileOutputStream;import java.io. ...
- JS While
JS While 只要指定条件为 true,循环就可以一直执行代码. while 循环 While 循环会在指定条件为真时循环执行代码块. 语法 while (条件) { 需要执行的代码 } whil ...
- SQL Server查询数据库近期执行的SQL语句
SELECT TOP 1000 ST.text AS '执行的SQL语句', QS.execution_count AS '执行次数', QS.total_ela ...
- 转载:wepy框架入门
转载:https://www.jianshu.com/p/93d5a4b99777 安装 wepy 命令行工具. npm install wepy-cli -g 在开发目录生成开发DEMO. wepy ...
- 北京地区dns
为了提高网页的访问打开速度我们可以配置一些解析速度较快的dns,下面小编搜集了一些常用的DNS地址,可以根据自己所在地区可以选择不同的dns 首先可以在我们的客户端打开cmd命令行工具测试一些,去pi ...
- ARM-Linux中断系统【转】
转自:https://www.cnblogs.com/arnoldlu/p/7406441.html 1.前言 了解Linux中断子系统,同时也需要了解ARM体系结构中断处理流程:在熟悉整个软硬件架构 ...
- 【转】C++ - 结构体构造函数使用总结
声明 转载自:https://www.cnblogs.com/wlw-x/p/11566191.html 关于结构体构造函数使用总结 三种结构体初始化方法 1.利用结构体自带的默认构造函数 2.利用带 ...