我想在Android平台上的libc中挂接socket函数,并实现为Suterusu。在下面给出一些代码:
void hookrw_init ( void )
{
__android_log_print(ANDROID_LOG_INFO, "hook_function", "Hooking socket\n");
void *libcHandle = dlopen("/system/lib/libc.so", RTLD_NOW);
__android_log_print(ANDROID_LOG_INFO, "hook_function", "open libc.so\n");
if (libcHandle != 0) {
socket_connect = (void *)dlsym(libcHandle, "connect");
hijack_start(socket_connect, &on_connect);
}
static int on_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen) {
char *ip = inet_ntoa(((struct sockaddr_in *)addr)->sin_addr);
int port = ((struct sockaddr_in *)addr)->sin_port;
__android_log_print(ANDROID_LOG_INFO, "hook_function", "on_connect, ip=%s, port=%d\n", ip, port);
hijack_pause(socket_connect);
__android_log_print(ANDROID_LOG_INFO, "hook_function", "call connect on socket\n");
int ret = socket_connect(sockfd, addr, addrlen);
__android_log_print(ANDROID_LOG_INFO, "hook_function", "connect return=%d\n", ret);
hijack_resume(socket_connect);
return ret;
}
但是上面的工具不是线程安全的,尤其是在hijack_pause和hijack_resume之间无法挂钩套接字连接功能,而每次暂停/恢复都需要执行cacheflush,这可能是性能问题。你能给我一些建议吗?