静态注册

MainActivity.java加载so文件、定义native方法并调用 –Android系统寻找–> SO文件（native-lib.cpp） –根据固定格式的方法名进行寻找–> stringFromJNI()方法执行，返回结果给Java层

MainActivity.java：通过System.loadLibrary方法加载指定的so文件，并在代码中声明需要调用的so方法（native关键字标识函数名）

package com.example.applicationwithndk;

import androidx.appcompat.app.AppCompatActivity;

import android.os.Bundle;
import android.widget.TextView;

import com.example.applicationwithndk.databinding.ActivityMainBinding;

public class MainActivity extends AppCompatActivity {

    // Used to load the 'applicationwithndk' library on application startup.
    static {
        System.loadLibrary("applicationwithndk");
    }

    private ActivityMainBinding binding;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);

        binding = ActivityMainBinding.inflate(getLayoutInflater());
        setContentView(binding.getRoot());

        // Example of a call to a native method
        TextView tv = binding.sampleText;
        tv.setText(stringFromJNI());
    }

    /**
     * A native method that is implemented by the 'applicationwithndk' native library,
     * which is packaged with this application.
     */
    public native String stringFromJNI();
}

CMakeLists.txt：指定编译时要将哪些cpp源文件打包进so文件中，同时指定链接时可能要用到的一些安卓系统库

# For more information about using CMake with Android Studio, read the
# documentation: https://d.android.com/studio/projects/add-native-code.html.
# For more examples on how to use CMake, see https://github.com/android/ndk-samples.

# Sets the minimum CMake version required for this project.
cmake_minimum_required(VERSION 3.22.1)

# Declares the project name. The project name can be accessed via ${ PROJECT_NAME},
# Since this is the top level CMakeLists.txt, the project name is also accessible
# with ${CMAKE_PROJECT_NAME} (both CMake variables are in-sync within the top level
# build script scope).
project("applicationwithndk")

# Creates and names a library, sets it as either STATIC
# or SHARED, and provides the relative paths to its source code.
# You can define multiple libraries, and CMake builds them for you.
# Gradle automatically packages shared libraries with your APK.
#
# In this top level CMakeLists.txt, ${CMAKE_PROJECT_NAME} is used to define
# the target library name; in the sub-module's CMakeLists.txt, ${PROJECT_NAME}
# is preferred for the same purpose.
#
# In order to load a library into your app from Java/Kotlin, you must call
# System.loadLibrary() and pass the name of the library defined here;
# for GameActivity/NativeActivity derived applications, the same library name must be
# used in the AndroidManifest.xml file.
add_library(${CMAKE_PROJECT_NAME} SHARED
    # List C/C++ source files with relative paths to this CMakeLists.txt.
    native-lib.cpp)

# Specifies libraries CMake should link to your target library. You
# can link libraries from various origins, such as libraries defined in this
# build script, prebuilt third-party libraries, or Android system libraries.
target_link_libraries(${CMAKE_PROJECT_NAME}
    # List libraries link to the target library
    android
    log)

native-lib.cpp：按照extern “C” JNIEXPORT 函数返回值类型 JNICALL以及Java_包名_类名_方法名(JNIEnv* env, jobject thiz, 函数需要处理的参数){函数体}的固定形式编写C函数

#include <jni.h>
#include <string>

extern "C" JNIEXPORT jstring JNICALL
Java_com_example_applicationwithndk_MainActivity_stringFromJNI(
        JNIEnv* env,
        jobject /* this */) {
    std::string hello = "Hello from C++";
    return env->NewStringUTF(hello.c_str());
}

综上所述，如果我们确定目标函数在某个SO文件中，那么可以在该so文件中检索”_方法名(“的形式快速定位。AndroidStudio在写代码的时候也是这样自动推测的
上面这种方式叫做静态注册，官方的建议适用于一些长期不需要变更内部cpp源码功能的一些方法，用的不是很多的，逆向分析只需要关注怎么搜索SO文件中静态注册的一些JNI方法就可以了。