Netlink implementation for the Android NDK

2019-06-13 19:20发布

I have a requirement for similar task as mentioned in this link.. Passive monitoring of sockets in Android. One way is parsing the /proc/net/{tcp,udp,...} tables. But we have to keep on reading continuously for keep on monitoring; which is not efficient way. As it will be a mobile device app, it will eat up the battery as it requires CPU Time for keep on monitoring for time interval (say 1 sec).

But, I am looking for an event based approach. As I googled about the same, I ended with NETLINK for monitoring the sockets. But I observe that Android NDK doesn't have support for the

#include <linux/sock_diag.h>
#include <linux/inet_diag.h>
#include <linux/unix_diag.h>
#include <linux/packet_diag.h>
#include <linux/netlink_diag.h>

Does anyone tried using NETLINK in Android for monitoring the INET sockets? If so please share the information.

Thanks.


UPDATE: I tried copy pasting the above mentioned files in the "jni" folder and built using ndk-build. Building was successful and also no crashes at the runtime. But, socket creation of type

socket(AF_NETLINK, SOCK_DGRAM, NETLINK_INET_DIAG)

is failing with error EACCES(13) - Permission to create a socket of the specified type and/or protocol is denied.

Any suggestions how to proceed further?

2条回答
小情绪 Triste *
2楼-- · 2019-06-13 20:12

In Android Lollipop, Security Enhanced Linux (SELinux) in Android is enabled in "enforce" mode. By observing/looking at the sandbox definitions Android Source Code - SE Policy of the app.te (Below pasted excerpt), there will not be any supports for the netlink sockets.

app.te

# Privileged netlink socket interfaces.

neverallow appdomain

    self:{

        netlink_socket

        netlink_firewall_socket

        netlink_tcpdiag_socket

        netlink_nflog_socket

        netlink_xfrm_socket

        netlink_audit_socket

        netlink_ip6fw_socket

        netlink_dnrt_socket

    } *;
查看更多
劫难
3楼-- · 2019-06-13 20:22

i think, your app should have root permision!

查看更多
登录 后发表回答