ADB服务管理

目前网络上有各种应用会通过adb通道对系统进行静默安装应用. 例如: App adb install.

Android系统针对adb有如下管理策略: * 在4.2.2版本后,针对所有连接设备的应用都需要使用者在设备上进行确认.而且是分设备与MAC进行权限管理 * 在Android 4.2等设备上有针对adb管理的开发者模式. 通过该模式对adb debug权限进行管理 * Opensource的版本,针对eng/userdebug/user进行管理与放开adb权限

如果需要从系统编译与编译环境控制的角度处理, 可以通过如下property进行管理. * build: * ro.debuggable * system/core/rootdir/init.usb.rc * sys.usb.config包含adb选项(也是通过上面的编译系统一步步管理到这个参数的)

如果需要在Opensource上管理并检查这些选项可以通过如下方法: * 查找与ro.debuggable相关在环境控制 * 例如变量: enable_target_debugging * 查找initrc中的相关权限改变 * 添加开发者模式进行管理 * 临时关闭adb看效果: 在root下运行命令: stop adbd

系统编译选项

下面的讨论基于标准Android 4.4代码.

user/userdebug/eng

Built Type	具体影响
eng	This is the default flavor. A plain "make" is the same as "make eng". droid is an alias for eng. Installs modules tagged with: eng, debug, user, and/or development. Installs non-APK modules that have no tags specified. Installs APKs according to the product definition files, in addition to tagged APKs. `ro.secure=0 ro.debuggable=1 ro.kernel.android.checkjni=1` adb is enabled by default.
user	"make user" This is the flavor intended to be the final release bits. Installs modules tagged with user. Installs non-APK modules that have no tags specified. Installs APKs according to the product definition files; tags are ignored for APK modules. `ro.secure=1 ro.debuggable=0` adb is disabled by default.
userdebug	"make userdebug" The same as user, except: Also installs modules tagged with debug. `ro.debuggable=1` adb is enabled by default.

Eng

编译时的默认选项

User

最后用于产品生成的发布版本

UserDebug

与User版本相同,　添加adb服务

关键property分析

`ro.secure`

源代码涉及的修改

   ./frameworks/base/services/java/com/android/server/wm/WindowManagerService.java:    private static final String SYSTEM_SECURE = "ro.secure";
./frameworks/base/core/java/android/net/http/AndroidHttpClient.java:                // Never print auth token -- we used to check ro.secure=0 to
./bionic/libc/bionic/system_properties.c: * binary tree.  For instance, "ro.secure"="1" could be stored as follows:
./bionic/libc/bionic/system_properties.c: *                     v        v            v     +-------->| ro.secure |
./build/core/main.mk:  ADDITIONAL_DEFAULT_PROPERTIES += ro.secure=1
./build/core/main.mk:  ADDITIONAL_DEFAULT_PROPERTIES += ro.secure=0
./build/core/build-system.html:        <li><code>ro.secure=0</code>
./build/core/build-system.html:        <li><code>ro.secure=1</code>
./system/core/adb/adb.c:   /* run adbd in secure mode if ro.secure is set and
./system/core/adb/adb.c:        property_get("ro.secure", value, "1");
./system/core/adb/adb.c:            // don't run as root if ro.secure is set...

具体作用总结

build/xxx: 环境设置
system/xxx/adb.c: 如果=1,adb root将无法成功. 还有其它的附加条件除外.
WindowManagerService: 用于管理viewserver(Hierarchy Viewer) http://blog.csdn.net/michaelpp/article/details/12611787
AndroidHttpClient: 在=1时,不会在log中dump auth token
bionic/xxx/system_properties.c: 介绍properties存储结构时用的例子

`ro.debuggable`

源代码涉及的修改

   ./bootable/recovery/adb_install.cpp:    int len = property_get("ro.debuggable", value, NULL);
./bootable/recovery/etc/init.rc:on property:ro.debuggable=1
./build/core/build-system.html:        <li><code>ro.debuggable=0</code>
./build/core/build-system.html:        <li><code>ro.debuggable=1</code>
./build/core/build-system.html:        <li><code>ro.debuggable=1</code>
./build/core/main.mk:  ADDITIONAL_DEFAULT_PROPERTIES += ro.debuggable=0
./build/core/main.mk:  ADDITIONAL_DEFAULT_PROPERTIES += ro.debuggable=1
./build/tools/post_process_props.py:  # If ro.debuggable is 1, then enable adb on USB by default
./build/tools/post_process_props.py:  if prop.get("ro.debuggable") == "1":
./dalvik/docs/debugger.html:for all applications when the system property <code>ro.debuggable</code>
./dalvik/docs/debugger.html:is set to </code>1</code> (use <code>adb shell getprop ro.debuggable</code>
./device/samsung/manta/init.manta.rc:on property:ro.debuggable=1
./external/libnfc-nxp/Linux_x86/phDal4Nfc.c:    property_get("ro.debuggable", value, "");
./external/openssh/servconf.c:  /* Allow root login if ro.debuggable is set */
./external/openssh/servconf.c:  property_get("ro.debuggable", value, "");
./frameworks/av/services/audioflinger/AudioFlinger.cpp:    (void) property_get("ro.debuggable", value, "0");
./frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java:        return "1".equals(SystemProperties.get("ro.debuggable")) &&
./frameworks/base/core/java/android/os/Build.java:            SystemProperties.getInt("ro.debuggable", 0) == 1;
./frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java:        if ("1".equals(SystemProperties.get("ro.debuggable"))) {
./frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java:     * If "ro.debuggable" is "1", all apps are debuggable. Otherwise,
./frameworks/base/policy/src/com/android/internal/policy/impl/PhoneWindowManager.java:        mEnableShiftMenuBugReports = "1".equals(SystemProperties.get("ro.debuggable"));
./frameworks/base/services/java/com/android/server/BootReceiver.java:        SystemProperties.getInt("ro.debuggable", 0) == 1 ? 98304 : 65536;
./frameworks/base/services/java/com/android/server/am/ActivityManagerService.java:    private static final String SYSTEM_DEBUGGABLE = "ro.debuggable";
./frameworks/base/services/java/com/android/server/wm/WindowManagerService.java:    private static final String SYSTEM_DEBUGGABLE = "ro.debuggable";
./frameworks/native/opengl/libs/EGL/egl.cpp:        property_get("ro.debuggable", value, "0");
./packages/services/Telephony/src/com/android/phone/AudioRouter.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/BluetoothManager.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/BluetoothPhoneService.java:            && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallCommandService.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallController.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallHandlerServiceProxy.java:            "ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallLogger.java:        (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallModeler.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallNotifier.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallStateMonitor.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallerInfoCache.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CallerInfoCacheUpdateReceiver.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/CdmaDisplayInfo.java:    private static final boolean DBG = (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/InCallScreenShowActivation.java:                    && (SystemProperties.getInt("ro.debuggable", 0) == 1)) {
./packages/services/Telephony/src/com/android/phone/InCallScreenShowActivation.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/NotificationMgr.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/OutgoingCallBroadcaster.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/PhoneGlobals.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/PhoneGlobals.java:     *   (PhoneApp.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1)
./packages/services/Telephony/src/com/android/phone/PhoneGlobals.java:     *   1 - normal debug logging if ro.debuggable is set (which is true in
./packages/services/Telephony/src/com/android/phone/RespondViaSmsManager.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/Ringer.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/SipCallOptionHandler.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./packages/services/Telephony/src/com/android/phone/WiredHeadsetManager.java:            (PhoneGlobals.DBG_LEVEL >= 1) && (SystemProperties.getInt("ro.debuggable", 0) == 1);
./sdk/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/launch/AndroidLaunchController.java:                        // because am -D does not check for ro.debuggable and the
./system/core/adb/adb.c:            property_get("ro.debuggable", value, "");
./system/core/adb/adb.c:    property_get("ro.debuggable", value, "");
./system/core/adb/services.c:        property_get("ro.debuggable", value, "");
./system/core/debuggerd/tombstone.c:    property_get("ro.debuggable", value, "0");
./system/core/include/cutils/trace.h: * level tracing is not allowed unless the ro.debuggable system property is
./system/core/init/property_service.c:    ret = property_get("ro.debuggable", debuggable);
./system/core/libcutils/trace.c:    property_get("ro.debuggable", value, "0");
./system/core/libcutils/trace.c:// application-level tracing is allowed when the ro.debuggable system property
./system/core/rootdir/init.rc:on property:ro.debuggable=1

具体作用总结

./bootable/recovery/adb_install.cpp: debuggable 开启时,才可以成功重启adb
./build/xxxx : debuggable 数据设置
./dalvik/xxx : 在dalvik中,如果debuggable为0, 仅AndroidManifest.xml中含有debuggable 才会支持jdwp调试
./external/libnfc-nxp/Linux_x86/phDal4Nfc.c : NFC调试支持开关
./external/openssh/servconf.c: openssh 允许root访问开关
./frameworks/av/services/audioflinger/AudioFlinger.cpp: Audio Debug 开关
./frameworks/base/core/java/android/net/SSLCertificateSocketFactory.java: SSL check 开关
./frameworks/base/core/java/android/os/Build.java: IS_DEBUGGABLE环境变量控制
./frameworks/base/core/java/com/android/internal/os/ZygoteConnection.java: App debuggable 开关, 如果=1, 所有应用都将进行debug支持
./frameworks/base/policy/src/com/android/internal/policy/impl/PhoneWindowManager.java: mEnableShiftMenuBugReports 支持
./frameworks/base/services/java/com/android/server/BootReceiver.java: logged event size 控制, =1 存储量大
./frameworks/base/services/java/com/android/server/am/ActivityManagerService.java: 系统DEBUG状态
- do Bug report
- OpenGLTrace
- App Profile
- App Heap Dump
./frameworks/base/services/java/com/android/server/wm/WindowManagerService.java: 系统DEBUG状态
- 与ro.secure 一起管理viewserver
./frameworks/native/opengl/libs/EGL/egl.cpp: EGL debug
LOGD 开关:
- ./packages/services/Telephony/src/com/android/phone/AudioRouter.java:
- ./packages/services/Telephony/src/com/android/phone/BluetoothManager.java:
- ./packages/services/Telephony/src/com/android/phone/BluetoothPhoneService.java
- ./packages/services/Telephony/src/com/android/phone/CallCommandService.java
- ./packages/services/Telephony/src/com/android/phone/CallController.java
- ./packages/services/Telephony/src/com/android/phone/CallHandlerServiceProxy.java
- ./packages/services/Telephony/src/com/android/phone/CallLogger.java
- ./packages/services/Telephony/src/com/android/phone/CallModeler.java
- ./packages/services/Telephony/src/com/android/phone/CallNotifier.java
- ./packages/services/Telephony/src/com/android/phone/CallStateMonitor.java
- ./packages/services/Telephony/src/com/android/phone/CallerInfoCache.java
- ./packages/services/Telephony/src/com/android/phone/CallerInfoCacheUpdateReceiver.java
- ./packages/services/Telephony/src/com/android/phone/CdmaDisplayInfo.java
- ./packages/services/Telephony/src/com/android/phone/InCallScreenShowActivation.java
- ./packages/services/Telephony/src/com/android/phone/InCallScreenShowActivation.java
- ./packages/services/Telephony/src/com/android/phone/NotificationMgr.java
- ./packages/services/Telephony/src/com/android/phone/OutgoingCallBroadcaster.java
- ./packages/services/Telephony/src/com/android/phone/PhoneGlobals.java
- ./packages/services/Telephony/src/com/android/phone/PhoneGlobals.java
- ./packages/services/Telephony/src/com/android/phone/PhoneGlobals.java
- ./packages/services/Telephony/src/com/android/phone/RespondViaSmsManager.java
- ./packages/services/Telephony/src/com/android/phone/Ringer.java
- ./packages/services/Telephony/src/com/android/phone/SipCallOptionHandler.java
- ./packages/services/Telephony/src/com/android/phone/WiredHeadsetManager.java
./sdk/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/launch/AndroidLaunchController.java: ADT app debug launcher 支持
./system/core/adb/adb.c: adb root permission
./system/core/adb/services.c: adb root permission
./system/core/debuggerd/tombstone.c: dump_crash want log if =1
./system/core/init/property_service.c: Allow local property overwrite ro.debuggerd value
./system/core/libcutils/trace.c : app trace on/off
./system/core/rootdir/init.rc: adbd服务开启控制

`ro.kernel.android.checkjni`

源代码涉及的修改

   ./frameworks/base/core/jni/AndroidRuntime.cpp:        property_get("ro.kernel.android.checkjni", propBuf, "");
./dalvik/docs/embedded-vm-control.html:first is <code>ro.kernel.android.checkjni</code>.  This is set by the
./dalvik/docs/embedded-vm-control.html:of this overrides the value from <code>ro.kernel.android.checkjni</code>.
./build/core/main.mk:  ADDITIONAL_BUILD_PROPERTIES += ro.kernel.android.checkjni=1
./build/core/build-system.html:        <li><code>ro.kernel.android.checkjni=1</code>

具体作用总结

./frameworks/base/core/jni/AndroidRuntime.cpp: checkJNI value load
dalvik/xxx: Java VM CheckJNI on/off
build/xxx: checkJNI 状态设置

总结

ro.secure : 系统安全相关的属性控制开关
- adb 的 ROOT 权限
- viewserver(Hierarchy Viewer) 的开关
- 系统各模块敏感信息dump的控制: http auth token
ro.debuggable : 系统debug状态控制
- 关键调试服务ADB的管理: 是否可root, 是否开机时运行
- viewserver(Hierarchy Viewer) 的开关
- 系统各模块debug信息开关:
  - 应用内部log控制dump
  - Audio Debug, SSL Check, NFC, OpenGL EGL 等level的dump, logged event size, atrace, mEnableShiftMenuBugReports
  - 系统级各 APP 级别状态: profile, jdwp-debug, heap dump, OpenGL Trace
ro.kernel.android.checkjni
- Java VM checkJNI on/off

文章目录

1 ADB服务管理
2 系统编译选项
- 2.1 user/userdebug/eng
- 2.2 关键property分析

创建@

2014-06-16

最后修改@

2014-06-16

Android系统编译User/Eng等状态 2018 程序啪啪啪

ADB服务管理

系统编译选项

user/userdebug/eng

Eng

User

UserDebug

关键property分析

`ro.secure`

源代码涉及的修改

具体作用总结

`ro.debuggable`

源代码涉及的修改

具体作用总结

`ro.kernel.android.checkjni`

源代码涉及的修改

具体作用总结

总结

文章目录

创建@

最后修改@

相同类目/Categories