Compiling TaintDroid

gistfile1.txt

% mkdir -p ~/tdroid/tdroid-2.1_r2.1p
% cd ~/tdroid/tdroid-2.1_r2.1p
% repo init -u git://android.git.kernel.org/platform/manifest.git -b android-2.1_r2.1p
% repo sync
... wait

% . ./build/envsetup.sh
% lunch 1
% make -j4
... wait
% emulator
... ensure the build works

Download the TaintDroid local_manifest.xml (http://appanalysis.org/files/local_manifest.xml) and place 
it in ~/tdroid/tdroid-2.1_r2.1p/.repo or copy and paste the following content into .repo/local_manifest.xml.

Next, pull the source code and make sure we are working with the right version.

% cd ~/tdroid/tdroid-2.1_r2.1p
% repo sync
% cd dalvik
% git branch --track taintdroid-2.1_r2.1p github/taintdroid-2.1_r2.1p
% git checkout taintdroid-2.1_r2.1p
% git pull # (just to be safe)
% cd ..
% cd frameworks/base
% git branch --track taintdroid-2.1_r2.1p github/taintdroid-2.1_r2.1p
% git checkout taintdroid-2.1_r2.1p
% git pull # (just to be safe)


ext2 support is not currently enabled for the SDcard; however the code exists in android-2.1_r2.1p.
The following simple patch to the system/core directory enable ext2/ext3 support for the SDcard and ensures it is 
mounted with user_xattr. It is probably easiest to make the changes by hand as opposed to applying the change as a patch.

diff --git a/vold/volmgr.c b/vold/volmgr.c
index deb680e..a5f5789 100644
--- a/vold/volmgr.c
+++ b/vold/volmgr.c
@@ -43,7 +43,7 @@ static volume_t *vol_root = NULL;
static boolean safe_mode = true;

static struct volmgr_fstable_entry fs_table[] = {
-//    { "ext3", ext_identify, ext_check, ext_mount , true },
+    { "ext3", ext_identify, ext_check, ext_mount , true },
    { "vfat", vfat_identify, vfat_check, vfat_mount , false },
    { NULL, NULL, NULL, NULL , false}
};
diff --git a/vold/volmgr_ext3.c b/vold/volmgr_ext3.c
index fe3b2bb..8979c70 100644
--- a/vold/volmgr_ext3.c
+++ b/vold/volmgr_ext3.c
@@ -157,7 +157,8 @@ int ext_mount(blkdev_t *dev, volume_t *vol, boolean safe_mode)

    char **f;
    for (f = fs; *f != NULL; f++) {
-        rc = mount(devpath, vol->mount_point, *f, flags, NULL);
+        //rc = mount(devpath, vol->mount_point, *f, flags, NULL);
+        rc = mount(devpath, vol->mount_point, *f, flags, "user_xattr");
        if (rc && errno == EROFS) {
            LOGE("ext_mount(%s, %s): Read only filesystem - retrying mount RO",
    devpath, vol->mount_point);


% cd ~
% wget http://www.appanalysis.org/files/yaffs_xattr.patch
...
% cd ~/tdroid/tdroid-2.1_r2.1p
% git clone git://android.git.kernel.org/kernel/common.git
% cd common
% git branch --track android-gldfish-2.6.29 origin/archive/android-gldfish-2.6.29
% git checkout android-gldfish-2.6.29
% git pull # (just to be safe)
% patch -p1 < ~/yaffs_xattr.patch

...
% cd ~/tdroid/tdroid-2.1_r2.1p
% . ./build/envsetup.sh
% lunch 1 # (lunch 1 is fine for now)

...
% cd common
% export ARCH=arm
% export SUBARCH=arm
% export CROSS_COMPILE=arm-eabi-
% make goldfish_defconfig
% make oldconfig
% make menuconfig
# ... verify YAFFS and EXT2 with XATTR and SECURITY support

% make -j4
% cp arch/arm/boot/zImage ~/ # for later use

% cd ~/tdroid/tdroid-2.1_r2.1p
% edit/create buildspec.mk and copy/paste the following:
# Enable core taint tracking logic (always add this)
WITH_TAINT_TRACKING := true

# Enable taint tracking for ODEX files (always add this)
WITH_TAINT_ODEX := true

# Enable taint tracking in the "fast" (aka ASM) interpreter (recommended)
WITH_TAINT_FAST := true

# Enable addition output for tracking JNI usage (not recommended)
#TAINT_JNI_LOG := true


% . ./build/envsetup.sh
% lunch 1
% make clean
% make -j4

Next step is to start the emulator with the compiled kernel and TaintDroid system image.

% emulator -kernel ~/zImage -image ~/tdroid/tdroid-2.1_r2.1p/out/target/product/generic/system.img & 

While booting up, issue:

% adb shell setprop dalvik.vm.execution-mode int:portable

When emulator has booted up:

% wget http://www.appanalysis.org/files/TaintDroidNotify.apk
% adb install TaintDroidNotify.apk