linux特權級, linux通訊機制, Dalvik, android binder

Android Binder
Android Interprocess Communication
Thorsten Schreiber
First Advisor: Juraj Somorovsky
Second Advisor: Daniel Buβmeyer

 

 

在看《Android Binder》文檔時，讀到：

1. 特權級英文叫ring，並且是需要硬體支援的。Intel的硬體實現了4個特權級，linux只用0和3。

2. linux通訊機制：訊號，管道，通訊端，訊息佇列，訊號量，共用記憶體。

3. Native的含義是可以跑在具體機器平台上得程式，不同於跑在虛擬機器上的Java。

4. Dalvik Vitual Machine：不同於JVM。JVM關注平台無關性，DVM關注Arm的適配、效能、功耗等。兩者設計理念不同。

 

 

1. 特權級

More abstractly, the concept of security boundaries of an operating system introduces the term ring.

Note, that this must be a hardware supported feature of the platform. A certain group of rights is assigned to a ring.

Intel hardware supports four rings, but only two rings are used by Linux.

 

2. linux通訊機制

Signals

  Oldest IPC method. A process can send signals to processes with the
same uid and gid or in the same process group.

Pipes

  Pipes are unidirectional bytestreams that connect the standard output
from one process with the standard input of another process.

Sockets

  A socket is an endpoint of bidirectional communication. Two processescan communicate with bytestreams by opening the same socket.

Message queues

  Processes can write a message to a message queue that is read-able for other Processes.

Semaphores

  A semaphore is a shared variable that can be read and written by
many processes.

Shared Memory

  A location in system memory mapped into virtual address
spaces of two processes, that each process can fully access.

 

3. Native Code

Programs compiled for a specific platform are called native.

Because Java is executed in a virtual machine with its own byte-code, no native code can be executed directly.

Due to the need to access low-level os mechanism like kernel calls, Java has to overcome this obstacle.

This is done by the Java native interface (JNI) , which allows Java to execute compiled code from libraries written in other languages, e.g. C++.

 

4. Dalvik

The Sun JVM is stack based, because a stack machine can be run on every hardware. Hardware and platform independence were major design principles of Java.

The DVM is register based for performance reasons and well adapted to ARM hardware. This is a different design principle, taking the advantage of hardware independence for high performance and less power consumption, which is essential for mobile purposes
with limited battery capability.

The possibility to use the Java native interface weakens the security guarantying property of Java to implicit checking the bounds of variables and to encapsulate system calls and
the force to use JVM defined interfaces to the system.

The use of native libraries can allow bypassing the type and border checking of the virtual machine and opens the door to stack-overflow attacks.