On Wednesday, July 27, 2011 5:32:39 PM UTC-4, Jeff wrote: > I would like to identify an application which is sending an SMS > message from kernel space. Currently, we can easily catch the fact > that an SMS is being sent. This SMS message is sent under the context > of "/system/bin/rild". This makes sense since rild handles all > interactions with the modem. > > From my understanding, in user space, there is an intent between an > application and the telephony stack. The application requests the > telephony stack to send an SMS on behalf of this application. Is there > any way to catch this intent at the kernel level? Do these intents use > the binder IPC calls? >
This really sounds like something better done by modifying the android platform than by modifying the kernel. At some point there's a handoff from code running within the application process (where the kernel knows who it is, at least in terms of UID) to code running in the system process (where the kernel could determine the identity only by puzzling out user space data structures). In the vast majority of cases, the IPC mechanism used is indeed binder. And it's largely done with 16 bit string identifiers plus a few numeric fields. So if you read through the platform sources, or set up some logging in binder, you can probably figure out how to fingerprint the binder transactions used _by a particular version of the platform_ to send an sms message. You can likely identify intents in general, and then sms-related ones from that. But one might ask why you want to do it this way, and not in the platform userspace code where the actual private interfaces are maintained. -- unsubscribe: android-kernel+unsubscr...@googlegroups.com website: http://groups.google.com/group/android-kernel
