当前位置: 代码迷 >> Android >> Android 日记系统logcat内核代码分析
  详细解决方案

Android 日记系统logcat内核代码分析

热度:70   发布时间:2016-05-01 11:50:43.0
Android 日志系统logcat内核代码分析
前一篇文章:http://blog.csdn.net/andyhuabing/article/details/8547719 简要介绍了log系统的上层使用方法,本文重点分
析其log内核驱动代码,使得我们对Android日志系统有一个深刻的认识。


内核代码路径:

kernel/drivers/staging/android/logger.h
kernel/drivers/staging/android/logger.c


1、Logger驱动程序的相关数据结构

首先来看logger.h头文件的内容:

/* include/linux/logger.h * * Copyright (C) 2007-2008 Google, Inc. * Author: Robert Love <[email protected]> * * This software is licensed under the terms of the GNU General Public * License version 2, as published by the Free Software Foundation, and * may be copied, distributed, and modified under those terms. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the * GNU General Public License for more details. * */#ifndef _LINUX_LOGGER_H#define _LINUX_LOGGER_H#include <linux/types.h>#include <linux/ioctl.h>struct logger_entry {	__u16		len;	/* length of the payload */	__u16		__pad;	/* no matter what, we get 2 bytes of padding */	__s32		pid;	/* generating process's pid */	__s32		tid;	/* generating process's tid */	__s32		sec;	/* seconds since Epoch */	__s32		nsec;	/* nanoseconds */	char		msg[0];	/* the entry's payload */};#define LOGGER_LOG_RADIO	"log_radio"	/* radio-related messages */#define LOGGER_LOG_EVENTS	"log_events"	/* system/hardware events */#define LOGGER_LOG_SYSTEM	"log_system"	/* system/framework messages */#define LOGGER_LOG_MAIN		"log_main"	/* everything else */#define LOGGER_ENTRY_MAX_LEN		(4*1024)#define LOGGER_ENTRY_MAX_PAYLOAD	\	(LOGGER_ENTRY_MAX_LEN - sizeof(struct logger_entry))#define __LOGGERIO	0xAE#define LOGGER_GET_LOG_BUF_SIZE		_IO(__LOGGERIO, 1) /* size of log */#define LOGGER_GET_LOG_LEN		_IO(__LOGGERIO, 2) /* used log len */#define LOGGER_GET_NEXT_ENTRY_LEN	_IO(__LOGGERIO, 3) /* next entry len */#define LOGGER_FLUSH_LOG		_IO(__LOGGERIO, 4) /* flush log */#endif /* _LINUX_LOGGER_H */

struct logger_entry是一个用于描述一条Log记录的结构体。
其中len成员变量记录了这条记录的有效负载的长度,有效负载指定的日志记录本身的长度,但是不包括用于描述这个记录的struct logger_entry结构体。

从struct logger_entry中也可以看出:优先级别Priority、Tag字符串以及Msg字符串,pid和tid成员变量分别用来记录是哪条进程写入了这条记录。sec和nsec成员变量记录日志写的时间。msg成员变量记录的就有效负载的内容了,它的大小由len成员变量来确定


#define LOGGER_ENTRY_MAX_LEN(4*1024)
#define LOGGER_ENTRY_MAX_PAYLOAD \
(LOGGER_ENTRY_MAX_LEN - sizeof(struct logger_entry))

这两个宏定义记录了 最大有效负载长度。


再分析下logger.c实现文件:

/* * struct logger_log - represents a specific log, such as 'main' or 'radio' * * This structure lives from module insertion until module removal, so it does * not need additional reference counting. The structure is protected by the * mutex 'mutex'. */struct logger_log {	unsigned char 		*buffer;/* the ring buffer itself */	struct miscdevice	misc;	/* misc device representing the log */	wait_queue_head_t	wq;	/* wait queue for readers */	struct list_head	readers; /* this log's readers */	struct mutex		mutex;	/* mutex protecting buffer */	size_t			w_off;	/* current write head offset */	size_t			head;	/* new readers start here */	size_t			size;	/* size of the log */};

  结构体struct logger_log就是真正用来保存日志的地方了。buffer成员变量变是用保存日志信息的内存缓冲区,它的大小由size成员变量确定。

 buffer是一个循环使用的环形缓冲区,缓冲区中保存的内容是以struct logger_entry为单位的,其组成方式是:

struct logger_entry | priority | tag | msg

/*

 * struct logger_reader - a logging device open for reading * * This object lives from open to release, so we don't need additional * reference counting. The structure is protected by log->mutex. */struct logger_reader {	struct logger_log	*log;	/* associated log */	struct list_head	list;	/* entry in logger_log's list */	size_t			r_off;	/* current read head offset */};

 结构体struct logger_reader用来表示一个读取日志的进程,log成员变量指向要读取的日志缓冲区。list成员变量用来连接其它读者进程。r_off成员变量表示当前要读取的日志在缓冲区中的位置。


2、模块初始化过程:

logger是一个misc设备,那么misc设备是个什么东东呢?网上有很多资料,这里简要说明一下:

杂设备——misc

简单的说,杂设备就是内核自动帮你分配设备号并且自动创建设备文件。

1、自动分配设备号,是指所有注册为杂设备的设备的主设备号为10,而次设备号内核自动分配。

2、自动创建设备文件是指,内核会使用udev(前提是你已经移植udev),动态创建设备节点。


利用:

int misc_register(struct miscdevice * misc); //注册

int misc_deregister(struct miscdevice *misc); //注销


执行cat /proc/devices命令可以查看此类设备

# cat /proc/devices

Character devices:

1 mem

4 /dev/vc/0

4 tty

5 /dev/tty

5 /dev/console

5 /dev/ptmx

10 misc //创建的设备在misc


在logger这里定义了三个日志设备:

/* * Defines a log structure with name 'NAME' and a size of 'SIZE' bytes, which * must be a power of two, greater than LOGGER_ENTRY_MAX_LEN, and less than * LONG_MAX minus LOGGER_ENTRY_MAX_LEN. */#define DEFINE_LOGGER_DEVICE(VAR, NAME, SIZE) \static unsigned char _buf_ ## VAR[SIZE]; \static struct logger_log VAR = { \	.buffer = _buf_ ## VAR, \	.misc = { \		.minor = MISC_DYNAMIC_MINOR, \		.name = NAME, \		.fops = &logger_fops, \		.parent = NULL, \	}, \	.wq = __WAIT_QUEUE_HEAD_INITIALIZER(VAR .wq), \	.readers = LIST_HEAD_INIT(VAR .readers), \	.mutex = __MUTEX_INITIALIZER(VAR .mutex), \	.w_off = 0, \	.head = 0, \	.size = SIZE, \};DEFINE_LOGGER_DEVICE(log_main, LOGGER_LOG_MAIN, 64*1024)DEFINE_LOGGER_DEVICE(log_events, LOGGER_LOG_EVENTS, 256*1024)DEFINE_LOGGER_DEVICE(log_radio, LOGGER_LOG_RADIO, 64*1024)DEFINE_LOGGER_DEVICE(log_system, LOGGER_LOG_SYSTEM, 64*1024)

分别是log_main、log_events和log_radio,名称分别LOGGER_LOG_MAIN、LOGGER_LOG_EVENTS和LOGGER_LOG_RADIO

这三个不同名称的设备文件操作方法如下:

static const struct file_operations logger_fops = {	.owner = THIS_MODULE,	.read = logger_read,	.aio_write = logger_aio_write,	.poll = logger_poll,	.unlocked_ioctl = logger_ioctl,	.compat_ioctl = logger_ioctl,	.open = logger_open,	.release = logger_release,};

日志驱动程序模块的初始化函数为logger_init:

static int __init init_log(struct logger_log *log){	int ret;	ret = misc_register(&log->misc);	if (unlikely(ret)) {		printk(KERN_ERR "logger: failed to register misc "		       "device for log '%s'!\n", log->misc.name);		return ret;	}	printk(KERN_INFO "logger: created %luK log '%s'\n",	       (unsigned long) log->size >> 10, log->misc.name);	return 0;}static int __init logger_init(void){	int ret;	ret = init_log(&log_main);	if (unlikely(ret))		goto out;	ret = init_log(&log_events);	if (unlikely(ret))		goto out;	ret = init_log(&log_radio);	if (unlikely(ret))		goto out;	ret = init_log(&log_system);	if (unlikely(ret))		goto out;out:	return ret;}device_initcall(logger_init);

logger_init函数通过调用init_log函数来初始化了上述提到的三个日志设备,而init_log函数主要调用了misc_register函数来注册misc设备。


3、日志写入重要过程分析:

注册的写入日志设备文件的方法为logger_aio_write

/* * logger_aio_write - our write method, implementing support for write(), * writev(), and aio_write(). Writes are our fast path, and we try to optimize * them above all else. */ssize_t logger_aio_write(struct kiocb *iocb, const struct iovec *iov,			 unsigned long nr_segs, loff_t ppos){	struct logger_log *log = file_get_log(iocb->ki_filp);	size_t orig = log->w_off;	struct logger_entry header;	struct timespec now;	ssize_t ret = 0;	// 下面重点构造 struct logger_entry header 结构体	now = current_kernel_time();	header.pid = current->tgid;	header.tid = current->pid;	header.sec = now.tv_sec;	header.nsec = now.tv_nsec;	header.len = min_t(size_t, iocb->ki_left, LOGGER_ENTRY_MAX_PAYLOAD);	/* null writes succeed, return zero */	if (unlikely(!header.len))		return 0;	mutex_lock(&log->mutex);	/*	 * Fix up any readers, pulling them forward to the first readable	 * entry after (what will be) the new write offset. We do this now	 * because if we partially fail, we can end up with clobbered log	 * entries that encroach on readable buffer.	 */	fix_up_readers(log, sizeof(struct logger_entry) + header.len);	do_write_log(log, &header, sizeof(struct logger_entry));	while (nr_segs-- > 0) {		size_t len;		ssize_t nr;		/* figure out how much of this vector we can keep */		len = min_t(size_t, iov->iov_len, header.len - ret);		/* write out this segment's payload */		nr = do_write_log_from_user(log, iov->iov_base, len);		if (unlikely(nr < 0)) {			log->w_off = orig;			mutex_unlock(&log->mutex);			return nr;		}		iov++;		ret += nr;	}	mutex_unlock(&log->mutex);	/* wake up any blocked readers */	wake_up_interruptible(&log->wq);	return ret;}
首先利用内核信息构造header信息,然后写入:do_write_log(log, &header, sizeof(struct logger_entry));

然后根据nr_segs数目,通过一个while循环把iov的内容写入到日志缓冲区中,也就是日志的优先级别priority、日志Tag和日志主体Msg。


最后一个重要函数说明:

	/*	 * Fix up any readers, pulling them forward to the first readable	 * entry after (what will be) the new write offset. We do this now	 * because if we partially fail, we can end up with clobbered log	 * entries that encroach on readable buffer.	 */	fix_up_readers(log, sizeof(struct logger_entry) + header.len);/* * fix_up_readers - walk the list of all readers and "fix up" any who were * lapped by the writer; also do the same for the default "start head". * We do this by "pulling forward" the readers and start head to the first * entry after the new write head. * * The caller needs to hold log->mutex. */static void fix_up_readers(struct logger_log *log, size_t len){	size_t old = log->w_off;	size_t new = logger_offset(old + len);	struct logger_reader *reader;	if (clock_interval(old, new, log->head))		log->head = get_next_entry(log, log->head, len);	list_for_each_entry(reader, &log->readers, list)		if (clock_interval(old, new, reader->r_off))			reader->r_off = get_next_entry(log, reader->r_off, len);}

为何需要这么一个函数呢?

由于日志缓冲区是循环使用的,即旧的日志记录如果没有及时读取,而缓冲区的内容又已经用完时,就需要覆盖旧的记录来容纳新的记录。而这部分将要被覆盖的内容,有可能是某些reader的下一次要读取的日志所在的位置,以及为新的reader准备的日志开始读取位置head所在的位置。因此,需要调整这些位置,使它们能够指向一个新的有效的位置。


4、日志读取重要过程分析:

注册的读取日志设备文件的方法为logger_read

/* * logger_read - our log's read() method * * Behavior: * * 	- O_NONBLOCK works * 	- If there are no log entries to read, blocks until log is written to * 	- Atomically reads exactly one log entry * * Optimal read size is LOGGER_ENTRY_MAX_LEN. Will set errno to EINVAL if read * buffer is insufficient to hold next entry. */static ssize_t logger_read(struct file *file, char __user *buf,			   size_t count, loff_t *pos){	struct logger_reader *reader = file->private_data;	struct logger_log *log = reader->log;	ssize_t ret;	DEFINE_WAIT(wait);start:	while (1) {		prepare_to_wait(&log->wq, &wait, TASK_INTERRUPTIBLE);		mutex_lock(&log->mutex);		ret = (log->w_off == reader->r_off);		mutex_unlock(&log->mutex);		if (!ret)			break;		if (file->f_flags & O_NONBLOCK) {			ret = -EAGAIN;			break;		}		if (signal_pending(current)) {			ret = -EINTR;			break;		}		schedule();	}	finish_wait(&log->wq, &wait);	if (ret)		return ret;	mutex_lock(&log->mutex);	/* is there still something to read or did we race? */	if (unlikely(log->w_off == reader->r_off)) {		mutex_unlock(&log->mutex);		goto start;	}	/* get the size of the next entry */	ret = get_entry_len(log, reader->r_off);	if (count < ret) {		ret = -EINVAL;		goto out;	}	/* get exactly one entry from the log */	ret = do_read_log_to_user(log, reader, buf, ret);out:	mutex_unlock(&log->mutex);	return ret;}

struct logger_reader *reader = file->private_data; 在这里直接使用 file->private_data是因为在device open时将private_data赋值为reader,在文件操作方法 logger_open 中:

/* * logger_open - the log's open() file operation * * Note how near a no-op this is in the write-only case. Keep it that way! */static int logger_open(struct inode *inode, struct file *file){	struct logger_log *log;	int ret;	ret = nonseekable_open(inode, file);	if (ret)		return ret;	log = get_log_from_minor(MINOR(inode->i_rdev));	if (!log)		return -ENODEV;	if (file->f_mode & FMODE_READ) {		struct logger_reader *reader;		reader = kmalloc(sizeof(struct logger_reader), GFP_KERNEL);		if (!reader)			return -ENOMEM;		reader->log = log;		INIT_LIST_HEAD(&reader->list);		mutex_lock(&log->mutex);		reader->r_off = log->head; // 从log->head位置开始读取日志的,保存在struct logger_reader的成员变量r_off中		list_add_tail(&reader->list, &log->readers);		mutex_unlock(&log->mutex);		file->private_data = reader;  // 这里对private_data进行了赋值	} else		file->private_data = log;	return 0;}

首先在 while (1)循环中判定是否有日志可读,判定语句如下:

ret = (log->w_off == reader->r_off);

即判断当前缓冲区的写入位置和当前读进程的读取位置是否相等,如果不相等,则说明有新的日志可读。

首先通过get_entry_len获取下一条可读的日志记录的长度(日志读取进程是以日志记录为单位进行读取的,一次只读取一条记录

/* get the size of the next entry */
ret = get_entry_len(log, reader->r_off);

如果其中有数据时则利用do_read_log_to_user执行真正的读取动作

/* get exactly one entry from the log */
ret = do_read_log_to_user(log, reader, buf, ret);

下面我们仔细看下get_entry_len函数:

/* * get_entry_len - Grabs the length of the payload of the next entry starting * from 'off'. * * Caller needs to hold log->mutex. */static __u32 get_entry_len(struct logger_log *log, size_t off){	__u16 val;	switch (log->size - off) {	case 1:		memcpy(&val, log->buffer + off, 1);		memcpy(((char *) &val) + 1, log->buffer, 1);		break;	default:		memcpy(&val, log->buffer + off, 2);	}	return sizeof(struct logger_entry) + val;}
上面这段代码第一次也看不很久,后来想到buffer是一个循环缓冲区终于明白啦!!

我们知道每一条日志记录由两大部分组成,一部分是结构体:struct logger_entry,另外一部是payload有效负载即打印主体数据。
有效负载长度记录在struct logger_entry中的len字段中,占用两个字节,与结构的struct logger_entry的首地址相同。因此只要读取记录
最前面两个字节就可以了。
1、两个字节连在一起,直接读取即可,所以直接使用 memcpy(&val, log->buffer + off, 2); 
2、两个字节不连在一起,则需要分别读取,这种情况就是读取缓冲区最后一个字节和第一个字节来获取其长度,而此时r_off与size的长度相差1

ok,继续分析真正的数据读取函数:

/* * do_read_log_to_user - reads exactly 'count' bytes from 'log' into the * user-space buffer 'buf'. Returns 'count' on success. * * Caller must hold log->mutex. */static ssize_t do_read_log_to_user(struct logger_log *log,				   struct logger_reader *reader,				   char __user *buf,				   size_t count){	size_t len;	/*	 * We read from the log in two disjoint operations. First, we read from	 * the current read head offset up to 'count' bytes or to the end of	 * the log, whichever comes first.	 */	len = min(count, log->size - reader->r_off);	if (copy_to_user(buf, log->buffer + reader->r_off, len))		return -EFAULT;	/*	 * Second, we read any remaining bytes, starting back at the head of	 * the log.	 */	if (count != len)		if (copy_to_user(buf + len, log->buffer, count - len))			return -EFAULT;	reader->r_off = logger_offset(reader->r_off + count);	return count;}

根据缓冲区中数据分两段的情况,调用copy_to_user函数来把位于内核空间的日志缓冲区指定的内容拷贝到用户空间的内存缓冲区就可以了,同时,把当前读取日志进程的上下文信息中的读偏移r_off前进到下一条日志记录的开始的位置上。

5、其它函数:

logger_poll  用于log用户态调用select函数进行查询,利用

if (log->w_off != reader->r_off)
ret |= POLLIN | POLLRDNORM;

通知用户是否有有日记需要读取


logger_ioctl 用于一些常用的信息查询,

#define LOGGER_GET_LOG_BUF_SIZE_IO(__LOGGERIO, 1) /* size of log */
#define LOGGER_GET_LOG_LEN _IO(__LOGGERIO, 2) /* used log len */
#define LOGGER_GET_NEXT_ENTRY_LEN _IO(__LOGGERIO, 3) /* next entry len */
#define LOGGER_FLUSH_LOG _IO(__LOGGERIO, 4) /* flush log */


获取缓冲区中数据长度,下一个日志的记录,比较有意义的是 LOGGER_FLUSH_LOG:

list_for_each_entry(reader, &log->readers, list)
reader->r_off = log->w_off;
log->head = log->w_off;

清除缓冲区中的所有数据


  相关解决方案

代码迷 - 您身边的软件异常,代码异常,编程异常助手(发现,解决,分享)
Copyright © 2009-2013 DAIMAMI.COM. All rights reserved.