Teach you how to analyze the Android system startup process step by step

[[424940]]

In the previous article, we talked about the boot process of the Linux system. This article explains the boot process of the Andorid system.

Teach you how to analyze the Linux boot process step by step

The Andorid system is a system widely used in the embedded industry. Mobile phones, tablets, robots, and car central control systems all use the Android system. The advantage in application is that the Android system comes with its own UI, while using Linux requires you to use QT to develop the interface yourself, and the interface is not that good-looking.

Android system architecture diagram:

From this figure, we can see that the Android system is based on the Linux kernel.

There is a HAL layer on top of Linux. The reason for this layer is that Linux is open source, and modifications based on it must also be open source, so Android adds a HAL layer here so that hardware manufacturers do not have to publish their own codes.

The Native layer is implemented in C++, and the Framework layer and app layer are implemented in Java. In other words, if you want to understand the Android system, you need to be proficient in three languages: C, C++, and Java.

The previous article analyzed the boot process of the Linux system. The boot process of the Android system is similar to that of Linux, except that after the init process starts, it does something different.

The Android system startup process is as follows:

1) Boot ROM is a piece of code embedded in the hardware. It is usually fixed. Its function is to detect whether basic hardware exists, such as whether EMMC exists. If it exists, the bootloader is copied from EMMC to SRAM, the system is started, and then handed over to the bootloader.

2) The bootloader of the Android system is not uboot, but LK (little kernel), which is specifically used to start the Android system.

3) After the bootloader is initialized, it jumps to the start_kernel function of the Linux kernel. This function finally generates kernel_init and kthreadd. kernel_init will then jump from the kernel space to the user space and become the init process of the user space with PID=1. kthreadd (PID=2) is a kernel process that is specifically used to listen for requests to create kernel processes. It maintains a linked list, and if there is a need to create a kernel process, it will be created on the linked list.

Of course, you can see that there is also a swapper (PID=0) process in the figure. It is the only process in the system that is not created using fork. kernel_init and kthreadd are created by it. Swapper is also called idle process. When it runs, the system is in idle state.

4) When kernel_init is transformed into the init process of user space, it will create one of the most important processes in the Android system: Zygote, which will create all the processes required by Android.

Android layer analysis

In this diagram, the communication between the kernel and native layers is syscall, which is familiar to everyone. After all, it is very simple for C++ to call C language.

The communication between the FrameWork layer and the Native layer is more complicated. How does Java call C++ language? There is a JNI mechanism here. JNI has a specific syntax, similar to C language but not C language. It can realize Java calling C++ functions. This process requires the cooperation of Android Runtime (ART) Android virtual machine.

In the Native layer, there are many system services written in C++ for use by the upper layer, such as the most important ServiceManager, which manages all other services.

Case Study

If a mobile app wants to control hardware such as speakers and LEDs, it needs to pass the information from the app to the kernel to operate the hardware. This process is much more complicated than that of Linux applications. And there is more than one way. For example:

1. The app directly reads and writes data to the kernel node, which is similar to echoing directly in the Linux command line. This is the simplest way. Java itself also has file reading and writing functions, which can be read and written by bytes or by strings.

2. The Java language of the app calls the JNI file, and JNI calls the C language to operate the node in the C function.

3. You can also write a Native service in C++, and the APP accesses this service through binder communication and operates nodes in this service. Of course, socket communication is also possible.

Android permissions issues

Of course, all of the above operations require permissions, and the Android system has strict permission restrictions to prevent hackers from cracking.

If you have root privileges, you can enter setenforce 0 in the Android system command line to turn off the Android system's SELinux checking mechanism, and then basically all your operations will be allowed.

In Linux systems, the security mechanism is: I am root, and the programs I send out to access anything should also have root permissions, and no one can stop me.

In the Andorid system, the security mechanism is: no matter who you are, you must apply in advance to do anything, otherwise it will be checked by SELinux. Any behavior without prior application will be rejected. If you look at the log, you will find many avc deny.

Let me give you a more vivid example: a company boss sends his son to work in his company. Logically, the son should have root privileges. Who can stop him? In fact, he can go to work in the company because the boss has said so in advance. However, he needs to apply for permission to go to the bathroom, use the computer, and use the printer. Except for coming to work, any other behavior that has not been stated in advance will be rejected.

This is the strict security mechanism of the Android system, which prevents hackers from messing with your phone after cracking the root permissions, such as: building a program to regularly access your xxx files and then sending them out through the network.

This article is reproduced from the WeChat public account "Embedded Linux System Development"