我试图拦截非植根设备上由我的Andr​​oid应用程序的所有系统调用。

所以每次我的应用程序写入的时间/读取文件，我想拦截系统调用和加密/解密流出于安全目的。加密的部分是没有问题的，但我怎么拦截系统调用？

由于该应用程序的部分模块开发的第三方供应商，而我不能更改源$ C ​​$ C，有没有其他办法，以确保数据的安全存储。

由于我没有root访问我无法访问系统调用表的地址描述这里< /一>，我无法通过LKM模块做到这一点。

我会AP preciate任何建议，谢谢。

编辑：

好吧，我得到了code链接形式西蒙娜Margaritelli现在的工作！为什么我的code不停崩溃的原因是因为我不得不设置正确的内存访问permisions：

  uint32_t的PAGE_SIZE =为getpagesize（）;
uint32_t的entry_page_start = RELOC和放大器; （〜（PAGE_SIZE  -  1））;
则mprotect（（uint32_t的*）entry_page_start，PAGE_SIZE，PROT_READ | PROT_WRITE）;
 

解决方案

的这是如何可以勾上的Andr​​oid系统调用没有root权限（只工作了你自己，当然过程中，这不是系统范围）。

I am trying to intercept all system calls made by my Android app on a non rooted device.

So every time my app writes/reads a file, I want to intercept the system call and encrypt/decrypt the stream for security purposes. The encryption part is no problem, but how do I intercept the system calls?

Because parts of the app are modules developed by third party providers of which I can not change the source code, there is no other way to make sure that data is stored securely.

Since I do not have root access I cannot access the address of the system call table as described here and I can not do this through an LKM module as well.

I would appreciate any suggestions, thanks.

Edit:

Ok I got the code link form Simone Margaritelli to work now! the reason why my code kept crashing is because i had to set the right memory access permisions:

uint32_t page_size = getpagesize();
uint32_t entry_page_start = reloc& (~(page_size - 1));
mprotect((uint32_t *)entry_page_start, page_size, PROT_READ | PROT_WRITE);

This is how you can hook syscalls on Android without root permissions ( only working for your own process of course, this is not system wide ).