安卓10添加修改serial串口的服务

首先添加一个可执行程序源码，在安卓源码目录下system/core/下增加drmservice/drmservice.cpp文件，

#include <stdlib.h>
#include <android-base/logging.h>
#include <fcntl.h>
#include <android-base/properties.h>
#include <cutils/properties.h>

#define SERIAL_NUMBER_DATE "/data/cloudserial"

using android::base::GetProperty;

static int unix_read(int  fd, void*  buff, int  len) {
    int  ret;
    do { ret = read(fd, buff, len); } while (ret < 0 && errno == EINTR);
    return ret;
}

static int sys_read(const char*  filename, char* buff, size_t  buffsize) {
    int  len = 0;
    int  fd  = open(filename, O_RDONLY);
    if (fd >= 0) {
        len = unix_read(fd, buff, buffsize-1);
        close(fd);
    }
    buff[len > 0 ? len : 0] = 0;
    return len;
}

int main( int argc, char *argv[] )
{

    LOG(INFO) << "drmservice start" << argc;
    LOG(INFO) << "argv = " << argv[0];

    char custom_serial[128];
    int len = 0;
    constexpr const char* UNSET = "";

    len = sys_read("/data/cloudserial", custom_serial, sizeof(custom_serial));
    if ( len > 0 ) {
        property_set("ro.serialno", custom_serial);
    } else {
        len = sys_read("/sys/hardware_info/serial_no_info", custom_serial, sizeof(custom_serial));
        if (len > 0) {
            property_set("ro.serialno", custom_serial);
        } else {
            std::string value2 = GetProperty("ro.boot.serialno", UNSET);
            if (value2 != UNSET) {
                strcpy(custom_serial,value2.c_str());
                    property_set("ro.serialno", custom_serial);
            }
        }
    }
    return 0;
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54

然后添加编译脚本：system/core/drmservice/Android.bp文件，具体内容如下

cc_binary {
    name: "drmservice",
    srcs: ["drmservice.cpp"],
    cflags: [
        "-Wall",
        "-Wextra",
        "-Werror",
    ],
    shared_libs: [
        "libbase",
        "libutils",
        "libcutils",
        "liblog",
    ],
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

添加完之后再在对应平台的编译脚本中添加如下两句话，将drmservice添加进去

PRODUCT_PACKAGES += \
    drmservice
1
2

比如我这里是如下路径

diff --git a/android/device/softwinner/ceres-c3/ceres_c3.mk b/android/device/softwinner/ceres-c3/ceres_c3.mk
index 499430b8ce..f96e5b0f2c 100644
--- a/android/device/softwinner/ceres-c3/ceres_c3.mk
+++ b/android/device/softwinner/ceres-c3/ceres_c3.mk
@@ -183,6 +183,9 @@ PRODUCT_PACKAGES +=\
     libmc_watchdog \
     libmc_sound

+PRODUCT_PACKAGES += \
+    drmservice
+
1
2
3
4
5
6
7
8
9
10
11

然后将drmservice服务添加到对应的init.rc中，比如我这里是如下路径

diff --git a/android/device/softwinner/ceres-common/init.sun50iw10p1.rc b/android/device/softwinner/ceres-common/init.sun50iw10p1.rc
index a0e5ec7c7c..bd9fc35cf8 100644
--- a/android/device/softwinner/ceres-common/init.sun50iw10p1.rc
+++ b/android/device/softwinner/ceres-common/init.sun50iw10p1.rc
@@ -83,6 +83,8 @@ on boot
     chown -R system:system /oem/media
     chmod 0644 /oem/media/bootanimation.zip

+    start drmservice
+
 on post-fs-data
     # create file for audio dump data
     mkdir /data/vendor/hardware/audio_d 0777 audio audio
@@ -128,3 +130,9 @@ service mciputils /system/bin/mciputils
        group root
        oneshot
        disabled
+
+service drmservice /system/bin/drmservice
+        class main
+       user root
+        group root
+        oneshot
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

一个服务就算添加成功了，接着就是增加服务执行的selinux权限了。这是我这里

diff --git a/android/system/sepolicy/prebuilts/api/26.0/private/drmservice.te b/android/system/sepolicy/prebuilts/api/26.0/private/drmservice.te
new file mode 100644
index 0000000000..271613749c
--- /dev/null
+++ b/android/system/sepolicy/prebuilts/api/26.0/private/drmservice.te
@@ -0,0 +1,2 @@
+typeattribute drmservice coredomain;
+typeattribute drmservice domain_deprecated;
diff --git a/android/system/sepolicy/prebuilts/api/26.0/public/drmservice.te b/android/system/sepolicy/prebuilts/api/26.0/public/drmservice.te
new file mode 100644
index 0000000000..881a1dbb9f
--- /dev/null
+++ b/android/system/sepolicy/prebuilts/api/26.0/public/drmservice.te
@@ -0,0 +1,2 @@
+type drmservice, domain;
+type drmservice_exec, exec_type, file_type;
diff --git a/android/system/sepolicy/prebuilts/api/27.0/private/drmservice.te b/android/system/sepolicy/prebuilts/api/27.0/private/drmservice.te
new file mode 100644
index 0000000000..271613749c
--- /dev/null
+++ b/android/system/sepolicy/prebuilts/api/27.0/private/drmservice.te
@@ -0,0 +1,2 @@
+typeattribute drmservice coredomain;
+typeattribute drmservice domain_deprecated;
diff --git a/android/system/sepolicy/prebuilts/api/27.0/public/drmservice.te b/android/system/sepolicy/prebuilts/api/27.0/public/drmservice.te
new file mode 100644
index 0000000000..881a1dbb9f
--- /dev/null
+++ b/android/system/sepolicy/prebuilts/api/27.0/public/drmservice.te
@@ -0,0 +1,2 @@
+type drmservice, domain;
+type drmservice_exec, exec_type, file_type;
diff --git a/android/system/sepolicy/prebuilts/api/28.0/private/drmservice.te b/android/system/sepolicy/prebuilts/api/28.0/private/drmservice.te
new file mode 100644
index 0000000000..20172c8105
--- /dev/null
+++ b/android/system/sepolicy/prebuilts/api/28.0/private/drmservice.te
@@ -0,0 +1 @@
+typeattribute drmservice coredomain;
diff --git a/android/system/sepolicy/prebuilts/api/28.0/public/drmservice.te b/android/system/sepolicy/prebuilts/api/28.0/public/drmservice.te
new file mode 100644
index 0000000000..881a1dbb9f
--- /dev/null
+++ b/android/system/sepolicy/prebuilts/api/28.0/public/drmservice.te
@@ -0,0 +1,2 @@
+type drmservice, domain;
+type drmservice_exec, exec_type, file_type;
diff --git a/android/system/sepolicy/prebuilts/api/29.0/private/coredomain.te b/android/system/sepolicy/prebuilts/api/29.0/private/coredomain.te
index d66a66c07c..622316dde3 100644
--- a/android/system/sepolicy/prebuilts/api/29.0/private/coredomain.te
+++ b/android/system/sepolicy/prebuilts/api/29.0/private/coredomain.te
@@ -105,7 +105,7 @@ full_treble_only(`
     -vold
     -system_server
     -priv_app
-  } sysfs:file no_rw_file_perms;
+  } sysfs:file { append create link unlink relabelfrom rename setattr write ioctl lock };

   # /dev
   neverallow {
diff --git a/android/system/sepolicy/prebuilts/api/29.0/private/drmservice.te b/android/system/sepolicy/prebuilts/api/29.0/private/drmservice.te
new file mode 100644
index 0000000000..1c54ea3802
--- /dev/null
+++ b/android/system/sepolicy/prebuilts/api/29.0/private/drmservice.te
@@ -0,0 +1,14 @@
+type drmservice, domain, coredomain;
+type drmservice_exec, system_file_type, exec_type, file_type;
+
+init_daemon_domain(drmservice)
+
+allow drmservice unlabeled:dir search;
+allow drmservice drmservice:capability { dac_override dac_read_search };
+allow drmservice serialno_prop:file { getattr open read  };
+allow drmservice sysfs:file { open read };
+allow drmservice property_socket:sock_file { write };
+allow drmservice init:unix_stream_socket { connectto };
+allow drmservice system_data_file:file { read open };
+allow drmservice system_prop:property_service { set };
+allow drmservice serialno_prop:property_service { set };
diff --git a/android/system/sepolicy/prebuilts/api/29.0/private/file_contexts b/android/system/sepolicy/prebuilts/api/29.0/private/file_contexts
index 530bd45fac..cd6d87e491 100644
--- a/android/system/sepolicy/prebuilts/api/29.0/private/file_contexts
+++ b/android/system/sepolicy/prebuilts/api/29.0/private/file_contexts
@@ -328,6 +328,9 @@
 /system/bin/notify_traceur\.sh       u:object_r:notify_traceur_exec:s0
 /system/bin/migrate_legacy_obb_data\.sh u:object_r:migrate_legacy_obb_data_exec:s0

+#zxy
+/system/bin/drmservice           u:object_r:drmservice_exec:s0
+
 #############################
 # Vendor files
 #
diff --git a/android/system/sepolicy/prebuilts/api/29.0/public/domain.te b/android/system/sepolicy/prebuilts/api/29.0/public/domain.te
index 9e6873d08f..fce2fa7816 100644
--- a/android/system/sepolicy/prebuilts/api/29.0/public/domain.te
+++ b/android/system/sepolicy/prebuilts/api/29.0/public/domain.te
@@ -559,7 +559,7 @@ neverallow {
   -vendor_init
   -zygote
   -priv_app
-} serialno_prop:file r_file_perms;
+} serialno_prop:file { ioctl lock };

 # Do not allow reading the last boot timestamp from system properties
 neverallow { domain -init -system_server -dumpstate -priv_app} firstboot_prop:file r_file_perms;
diff --git a/android/system/sepolicy/private/coredomain.te b/android/system/sepolicy/private/coredomain.te
index d66a66c07c..622316dde3 100644
--- a/android/system/sepolicy/private/coredomain.te
+++ b/android/system/sepolicy/private/coredomain.te
@@ -105,7 +105,7 @@ full_treble_only(`
     -vold
     -system_server
     -priv_app
-  } sysfs:file no_rw_file_perms;
+  } sysfs:file { append create link unlink relabelfrom rename setattr write ioctl lock };

   # /dev
   neverallow {
diff --git a/android/system/sepolicy/private/drmservice.te b/android/system/sepolicy/private/drmservice.te
new file mode 100644
index 0000000000..1c54ea3802
--- /dev/null
+++ b/android/system/sepolicy/private/drmservice.te
@@ -0,0 +1,14 @@
+type drmservice, domain, coredomain;
+type drmservice_exec, system_file_type, exec_type, file_type;
+
+init_daemon_domain(drmservice)
+
+allow drmservice unlabeled:dir search;
+allow drmservice drmservice:capability { dac_override dac_read_search };
+allow drmservice serialno_prop:file { getattr open read  };
+allow drmservice sysfs:file { open read };
+allow drmservice property_socket:sock_file { write };
+allow drmservice init:unix_stream_socket { connectto };
+allow drmservice system_data_file:file { read open };
+allow drmservice system_prop:property_service { set };
+allow drmservice serialno_prop:property_service { set };
diff --git a/android/system/sepolicy/private/file_contexts b/android/system/sepolicy/private/file_contexts
index 530bd45fac..cd6d87e491 100644
--- a/android/system/sepolicy/private/file_contexts
+++ b/android/system/sepolicy/private/file_contexts
@@ -328,6 +328,9 @@
 /system/bin/notify_traceur\.sh       u:object_r:notify_traceur_exec:s0
 /system/bin/migrate_legacy_obb_data\.sh u:object_r:migrate_legacy_obb_data_exec:s0

+#zxy
+/system/bin/drmservice           u:object_r:drmservice_exec:s0
+
 #############################
 # Vendor files
 #
diff --git a/android/system/sepolicy/public/domain.te b/android/system/sepolicy/public/domain.te
index 9e6873d08f..fce2fa7816 100644
--- a/android/system/sepolicy/public/domain.te
+++ b/android/system/sepolicy/public/domain.te
@@ -559,7 +559,7 @@ neverallow {
   -vendor_init
   -zygote
   -priv_app
-} serialno_prop:file r_file_perms;
+} serialno_prop:file { ioctl lock };

 # Do not allow reading the last boot timestamp from system properties
 neverallow { domain -init -system_server -dumpstate -priv_app} firstboot_prop:file r_file_perms;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167

相关阅读:
【强化学习论文合集 | 2021年合集】三. AAMAS-2021 强化学习论文
 Kubernetes学习记录之Pod
Linux权限管理— 文件特殊权限SetUID
从 jsonpath 和 xpath 到 SPL
利用地质年代图谱精准判读文献中的地质时间
 【C++】动态内存 new和delete的简单运用和理解
 centos/rocky/redat 8 删除swap分区，重启后无法进入系统
 虚拟现实（VR）开发框架
 [ vulhub漏洞复现篇 ] Django SQL注入漏洞复现 CVE-2021-35042
接口自动化面试题
原文地址：https://blog.csdn.net/qq_41795122/article/details/125515523