Obtain complete package name in android kernel mode

0
votes

I am working on one project requires obtaining the complete app package name inside kernel mode. I realized the package name is also the process name inside kernel. However, the task_struct->comm (process name) can only give me 15 characters long.

Also, fs/proc/base.c proc_get_cmdline() can return the full process name but it is private function. I try to export proc_get_cmdline() to public and invoke from my loadable kernel module, but it always crash when I invoke the public proc_get_cmdline().

Is there any way I can get the complete package name inside kernel? Like read from proc/pid/cmdline, read from mm_struct, etc. Appreciate any code example.

1
androidclinux-kernel
may i know what is the purpose of this project? and what will you achieve from this? - Sumit Gemini
We only get the control of android framework and kerne. We want to sent the package name to the server without changing app and server. - user2491515

1 Answers

0
votes

You are not supposed to call proc_pid_cmdline().

It is a non-public function in fs/proc/base.c:

static int proc_pid_cmdline(struct seq_file *m, struct pid_namespace *ns, struct pid *pid, struct task_struct *task)

However, what it does is simple:

get_cmdline(task, m->buf, PAGE_SIZE);

That is not likely to return the full path though and it will not be possible to determine the full path in every case. The arg[0] value may be overwritten, the file could be deleted or moved, etc. A process may exec() in a way which obscures the original command line, and all kinds of other maladies.

A scan of my opensuse 12.3 system /proc/*/cmdline turns up all kinds of less-than-useful results:

/proc/1/cmdline
/sbin/init showopts 
/proc/10/cmdline

/proc/11/cmdline

/proc/1163/cmdline
/sbin/dhclient6 -6 -cf /var/lib/dhcp6/dhclient6.eth0.conf -lf /var/lib/dhcp6/dhclient6.eth0.lease -pf /var/run/dhclient6.eth0.pid -q eth0 
/proc/12/cmdline

/proc/13/cmdline

/proc/14/cmdline

/proc/15/cmdline

/proc/16/cmdline

/proc/17/cmdline

/proc/1710/cmdline
/sbin/dhcpcd --netconfig -L -E -HHH -c /etc/sysconfig/network/scripts/dhcpcd-hook -t 0 -h del1-dhp-32429 eth0 
/proc/172/cmdline

/proc/185/cmdline

/proc/186/cmdline

/proc/187/cmdline

/proc/19/cmdline

/proc/2/cmdline

/proc/20/cmdline

/proc/21/cmdline

/proc/22/cmdline

/proc/23/cmdline

/proc/25/cmdline

/proc/254/cmdline

/proc/255/cmdline

/proc/26/cmdline

/proc/2671/cmdline
/usr/lib/upower/upowerd 
/proc/2674/cmdline
/usr/lib/polkit-1/polkitd --no-debug 
/proc/27/cmdline

/proc/2727/cmdline
/usr/lib/udisks2/udisksd --no-debug 
/proc/28/cmdline

/proc/285/cmdline
/usr/lib/systemd/systemd-journald 
/proc/286/cmdline

/proc/288/cmdline

/proc/29/cmdline

/proc/2913/cmdline
/usr/sbin/cron -n 
/proc/2924/cmdline
/usr/sbin/sshd -D 
/proc/3/cmdline

/proc/3023/cmdline
/usr/lib/postfix/master 
/proc/3090/cmdline
pickup -l -t fifo -u 
/proc/3091/cmdline
qmgr -l -t fifo -u 
/proc/31/cmdline

/proc/311/cmdline
/usr/lib/systemd/systemd-udevd 
/proc/3132/cmdline
/usr/lib/vmware/bin/vmware-vmblock-fuse -o subtype=vmware-vmblock,default_permissions,allow_other /var/run/vmblock-fuse 
/proc/3168/cmdline
/usr/sbin/vmware-authdlauncher 
/proc/32/cmdline

Works for me in openSUSE 12.3: 

for I in /proc/*/cmdline; do echo $I; cat $I | tr '\000' ' '; echo; done