Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Developing system apps without AOSP

Erik Hellman
April 28, 2023
Programming
1
350

Developing system apps without AOSP

If you work with Android development long enough, there is a high chance that you eventually will be developing system applications for a custom Android device. This is quite different from doing regular apps we publish on Google Play Store, and used to require that you have the entire AOSP source code checked out in order to work with it.

However, with some understanding of how Android internals work and how to use some undocumented features of the regular build tools, we can actually develop system apps without the whole mess that comes with AOSP.

In this session you'll learn how to use system and signature level permissions, how to efficiently call system APIs, and how to test all of this on a regular Android emulator. Hopefully this will make the daily life easier for all the Android developers working on system applications.

Erik Hellman

April 28, 2023
Tweet

More Decks by Erik Hellman

See All by Erik Hellman
Working with Custom Android Devices and AOSP build system
erikhellman
1
120
Working with custom Android devices
erikhellman
1
260
State of BLE on Android in 2023
erikhellman
2
560
State of BLE on Android in 2022
erikhellman
1
970
The technical solutions behind Öppna Skolplattformen
erikhellman
0
160
Bluetooth Low Energy for Modern Android Development
erikhellman
1
780
Introduction to Flutter
erikhellman
0
170
Introduction to Kotlin/JS for frontend development
erikhellman
1
360
Useful Coroutine patterns for Android applications
erikhellman
3
260

Other Decks in Programming

See All in Programming
単体テストを書かない技術 #phpcon_odawara
o0h
PRO
27
8.3k
AWS Application Composerで始める、 サーバーレスなデータ基盤構築 / 20240406-jawsug-hokuriku-shinkansen
kasacchiful
1
260
エンターテイメント業界で利用されるAWS
demuyan
0
210
検証も兼ねて個人開発でHonoとかと向き合った話
hanetsuki
1
1k
ADRを一年運用してみた/adr_after_a_year
hanhan1978
7
2.4k
TYPO3 v13 – The road to LTS: What's new and new APIs
luisasofie_xoxo
0
210
Blue/Greenデプロイの導入による 運用フローの改善
kudoas
1
380
DMMプラットフォームがTiDB Cloudを採用した背景
pospome
8
4.1k
1BRC--Nerd Sniping the Java Community
gunnarmorling
0
340
Hanami and htmx
bkuhlmann
0
210
Prepare for Jakarta EE 11 - Performance and Developer Productivity
ivargrimstad
0
810
PHPの次期バージョンはこの時期どうなっているのか - Internalsの開発体制について - PHPカンファレンス小田原
youkidearitai
PRO
1
190

Featured

See All Featured
Facilitating Awesome Meetings
lara
42
5.6k
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
What's in a price? How to price your products and services
michaelherold
237
11k
Building an army of robots
kneath
300
41k
GitHub's CSS Performance
jonrohan
1025
450k
Gamification - CAS2011
davidbonilla
76
4.6k
VelocityConf: Rendering Performance Case Studies
addyosmani
320
23k
Being A Developer After 40
akosma
57
580k
Agile that works and the tools we love
rasmusluckow
325
20k
Designing the Hi-DPI Web
ddemaree
276
33k
Side Projects
sachag
451
41k
The Brand Is Dead. Long Live the Brand.
mthomps
49
29k

Transcript

  1. Developing system apps without AOSP Erik Helman

  2. None

  3. Custom Android Devices

  4. Android Developer Boards

  5. System Apps vs Regular Apps • Hidden & System APIs

    • Signature & Permissions • Pre-installed

  6. Why? • No AOSP modifications • Developer Tooling • macOS

    and Windows

  7. Using an emulator

  8. Using an emulator

  9. Using an emulator

  10. Using a physical device (Pixel) $ adb shell getprop ro.treble.enabled

    true

  11. Download a Generic System Image

  12. Prepare the GSI $ unzip aosp_arm64-img-10018685.zip $ simg2img system.img system_raw.img

    $ gzip -c system_raw.img > system_raw.gz $ adb push system_raw.gz /storage/emulated/0/Download/

  13. Flash a GSI using DSU $ adb shell am start-activity

    \ -n com.android.dynsystem/com.android.dynsystem.VerificationActivity \ -a android.os.image.action.START_INSTALL \ -d file:///storage/emulated/0/Download/system_raw.gz \ --el KEY_SYSTEM_SIZE $(du -b system_raw.img|cut -f1) \ --el KEY_USERDATA_SIZE <size-of-system_raw.img>

  14. Generic System Images documentation developer.android.com/topic/generic-system-image

  15. Permission protectionLevel

  16. Converting AOSP test certificates to Android keystore $ openssl pkcs8

    -inform DER -nocrypt -in platform.pk8 -out platform-signing.key $ openssl pkcs12 -export -in platform.x509.pem -inkey platform.key \ -name platform -out platform-signing.pem -password pass:password $ openssl pkcs12 -export -in platform.x509.pem -inkey platform-signing.key \ -name platform -out platform-signing.pem -password pass:password $ keytool -importkeystore -destkeystore platform-signing.keystore \ -deststorepass password -srckeystore platform.pem -srcstoretype PKCS12 -srcstorepass password

  17. Using the platform key for signing signingConfigs { debug {

    keyAlias 'platform' keyPassword 'password' storeFile rootProject.file('platform-signing.keystore') storePassword 'password' } }

  18. Installing from Android Studio

  19. Installing on the /system/app or / system/priv-app partition $ adb

    root $ adb disable-verity $ adb reboot # Wait for device to reboot... $ adb root $ adb remount $ adb shell mkdir /system/app/YourSystemApp $ adb push YourSystemApp.apk /system/app/YourSystemApp $ adb reboot # Not usually needed Remember to bump versionCode!

  20. Calling System APIs

  21. Permissions frameworks/base/core/res/AndroidManifest.xml <!-- @SystemApi Allows an application to inject user

    events (keys, touch, trackball) into the event stream and deliver them to ANY window. Without this permission, you can only deliver events to windows in your own process. <p>Not for use by third-party applications. @hide --> <permission android:name="android.permission.INJECT_EVENTS" android:protectionLevel="signature" />

  22. Inject input events (InputManager.java)

  23. Calling hidden APIs Refelctions (Slow!) private val injectMethod: Method =

    InputEvent::class.java .getMethod("injectInputEvent", InputEvent::class.java, Int::class.java) fun InputManager.injectEvent(inputEvent: InputEvent) { injectMethod.invoke(this, inputEvent, 0) }

  24. Calling hidden APIs Add an interface

  25. Calling hidden APIs Add an interface package android.hardware.input; import android.view.InputEvent;

    public interface InputManager { public boolean injectInputEvent(InputEvent event, int mode); }

  26. Calling hidden APIs Extract framework.jar & android.jar 1. Copy files

    from device or emulator 2. Convert from DEX to Java classes (DexTools) 3. Package into a new android.jar file 4. Replace android.jar in your SDK

  27. Calling hidden APIs Build a custom SDK $ mkdir ~/my-android-git

    $ cd ~/my-android-git $ repo init -u https://android.googlesource.com/platform/manifest \ -b master -g all,-notdefault,tools $ repo sync -j8 # Edit AOSP! $ . build/envsetup.sh $ lunch sdk-eng $ m

  28. Android Code Search cs.android.com

  29. Interesting @SystemAPI permissions <!-- Allows uhid write access for creating

    virtual input devices @hide --> <permission android:name="android.permission.VIRTUAL_INPUT_DEVICE" android:protectionLevel="signature" /> <!-- Allows injecting the external camera to replace the internal camera. @hide --> <permission android:name="android.permission.CAMERA_INJECT_EXTERNAL_CAMERA" android:protectionLevel="signature" /> <!-- @SystemApi @TestApi @hide Allows an application to embed other activities --> <permission android:name="android.permission.ACTIVITY_EMBEDDING" android:protectionLevel="signature|privileged" />

  30. Interesting @SystemAPI permissions <!-- @SystemApi @hide Allows an application to

    start activities from background --> <permission android:name="android.permission.START_ACTIVITIES_FROM_BACKGROUND" android:protectionLevel="signature|privileged|vendorPrivileged|oem|verifier|role" /> <!-- Allows an application to start foreground services from the background at any time. <em>This permission is not for use by third-party applications</em>, with the only exception being if the app is the default SMS app. Otherwise, it's only usable by privileged apps, app verifier app, and apps with any of the EMERGENCY or SYSTEM GALLERY roles. --> <permission android:name="android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND" android:protectionLevel="signature|privileged|vendorPrivileged|oem|verifier|role"/>

  31. Interesting @SystemAPI permissions <!-- @SystemApi @hide Allows an application to

    create windows using the type {@link android.view.WindowManager.LayoutParams#TYPE_APPLICATION_OVERLAY}, shown on top of all other apps. Allows an application to use {@link android.view.WindowManager.LayoutsParams#setSystemApplicationOverlay(boolean)} to create overlays that will stay visible, even if another window is requesting overlays to be hidden through {@link android.view.Window#setHideOverlayWindows(boolean)}. <p>Not for use by third-party applications. --> <permission android:name="android.permission.SYSTEM_APPLICATION_OVERLAY" android:protectionLevel="signature|recents|role|installer"/>

  32. Summary • How much System APIs do you need to

    use? • Reflection? • Custom interface • Custom Engineering SDK • Bookmark system AndroidManifest.xml • Navigating cs.andorid.com