linux特权级, linux通信机制, Dalvik, android binder
2012-04-24 10:53
190 查看
Android Binder
Android Interprocess Communication
Thorsten Schreiber
First Advisor: Juraj Somorovsky
Second Advisor: Daniel Buβmeyer
在看《Android Binder》文档时,读到:
1. 特权级英文叫ring,并且是需要硬件支持的。Intel的硬件实现了4个特权级,linux只用0和3。
2. linux通信机制:信号,管道,套接字,消息队列,信号量,共享内存。
3. Native的含义是可以跑在具体机器平台上得程序,不同于跑在虚拟机上的Java。
4. Dalvik Vitual Machine:不同于JVM。JVM关注平台无关性,DVM关注Arm的适配、性能、功耗等。两者设计理念不同。
1. 特权级
More abstractly, the concept of security boundaries of an operating system introduces the term ring.
Note, that this must be a hardware supported feature of the platform. A certain group of rights is assigned to a ring.
Intel hardware supports four rings, but only two rings are used by Linux.
2. linux通信机制
Signals
Oldest IPC method. A process can send signals to processes with the
same uid and gid or in the same process group.
Pipes
Pipes are unidirectional bytestreams that connect the standard output
from one process with the standard input of another process.
Sockets
A socket is an endpoint of bidirectional communication. Two processescan communicate with bytestreams by opening the same socket.
Message queues
Processes can write a message to a message queue that is read-able for other Processes.
Semaphores
A semaphore is a shared variable that can be read and written by
many processes.
Shared Memory
A location in system memory mapped into virtual address
spaces of two processes, that each process can fully access.
3. Native Code
Programs compiled for a specific platform are called native.
Because Java is executed in a virtual machine with its own byte-code, no native code can be executed directly.
Due to the need to access low-level os mechanism like kernel calls, Java has to overcome this obstacle.
This is done by the Java native interface (JNI) , which allows Java to execute compiled code from libraries written in other languages, e.g. C++.
4. Dalvik
The Sun JVM is stack based, because a stack machine can be run on every hardware. Hardware and platform independence were major design principles of Java.
The DVM is register based for performance reasons and well adapted to ARM hardware. This is a different design principle, taking the advantage of hardware independence for high performance and less power consumption, which is essential for mobile purposes
with limited battery capability.
The possibility to use the Java native interface weakens the security guarantying property of Java to implicit checking the bounds of variables and to encapsulate system calls and
the force to use JVM defined interfaces to the system.
The use of native libraries can allow bypassing the type and border checking of the virtual machine and opens the door to stack-overflow attacks.
Android Interprocess Communication
Thorsten Schreiber
First Advisor: Juraj Somorovsky
Second Advisor: Daniel Buβmeyer
在看《Android Binder》文档时,读到:
1. 特权级英文叫ring,并且是需要硬件支持的。Intel的硬件实现了4个特权级,linux只用0和3。
2. linux通信机制:信号,管道,套接字,消息队列,信号量,共享内存。
3. Native的含义是可以跑在具体机器平台上得程序,不同于跑在虚拟机上的Java。
4. Dalvik Vitual Machine:不同于JVM。JVM关注平台无关性,DVM关注Arm的适配、性能、功耗等。两者设计理念不同。
1. 特权级
More abstractly, the concept of security boundaries of an operating system introduces the term ring.
Note, that this must be a hardware supported feature of the platform. A certain group of rights is assigned to a ring.
Intel hardware supports four rings, but only two rings are used by Linux.
2. linux通信机制
Signals
Oldest IPC method. A process can send signals to processes with the
same uid and gid or in the same process group.
Pipes
Pipes are unidirectional bytestreams that connect the standard output
from one process with the standard input of another process.
Sockets
A socket is an endpoint of bidirectional communication. Two processescan communicate with bytestreams by opening the same socket.
Message queues
Processes can write a message to a message queue that is read-able for other Processes.
Semaphores
A semaphore is a shared variable that can be read and written by
many processes.
Shared Memory
A location in system memory mapped into virtual address
spaces of two processes, that each process can fully access.
3. Native Code
Programs compiled for a specific platform are called native.
Because Java is executed in a virtual machine with its own byte-code, no native code can be executed directly.
Due to the need to access low-level os mechanism like kernel calls, Java has to overcome this obstacle.
This is done by the Java native interface (JNI) , which allows Java to execute compiled code from libraries written in other languages, e.g. C++.
4. Dalvik
The Sun JVM is stack based, because a stack machine can be run on every hardware. Hardware and platform independence were major design principles of Java.
The DVM is register based for performance reasons and well adapted to ARM hardware. This is a different design principle, taking the advantage of hardware independence for high performance and less power consumption, which is essential for mobile purposes
with limited battery capability.
The possibility to use the Java native interface weakens the security guarantying property of Java to implicit checking the bounds of variables and to encapsulate system calls and
the force to use JVM defined interfaces to the system.
The use of native libraries can allow bypassing the type and border checking of the virtual machine and opens the door to stack-overflow attacks.
相关文章推荐
- Linux与android进程间的通信及android Binder机制详解
- 以Android中MediaServer启动来看Native层的Binder IPC通信机制
- 从AIDL开始谈Android进程间Binder通信机制
- Android 简单总结Binder通信机制
- Android源码(7) --- Binder(1) Linux IPC 机制
- Android的Binder通信机制
- Android 进阶8:进程通信之 Binder 机制浅析
- Binder---- Android 的IPC 通信机制
- Android 开发 --- 的IPC 通信机制(Binder)
- 图文详解 Android Binder跨进程通信机制 原理
- [置顶] Android开发知识(四)Android进程间Binder通信机制的源码分析(下)
- Android 进程通信-- Binder机制
- 从AIDL开始谈Android进程间Binder通信机制
- Android Binder通信机制学习
- Android Binder 通信机制学习(四)
- 从AIDL开始谈Android进程间Binder通信机制
- Android中跨进程通信的IPC机制(Binder框架)
- 深入理解Android之Binder通信机制
- android中的binder通信机制
- Android 中的Binder跨进程通信机制与AIDL