Developing system apps without AOSP

Transcript

1. Developing system
   apps without AOSP
   Erik Helman
   

   View Slide

2. View Slide

3. Custom Android Devices
   

   View Slide

4. Android Developer Boards
   

   View Slide

5. System Apps vs Regular Apps
   • Hidden & System APIs
   • Signature & Permissions
   • Pre-installed
   

   View Slide

6. Why?
   • No AOSP modifications
   • Developer Tooling
   • macOS and Windows
   

   View Slide

7. Using an emulator
   

   View Slide

8. Using an emulator
   

   View Slide

9. Using an emulator
   

   View Slide

10. Using a physical device (Pixel)
    $ adb shell getprop ro.treble.enabled
    true
    

    View Slide

11. Download a Generic System
    Image
    

    View Slide

12. Prepare the GSI
    $ unzip aosp_arm64-img-10018685.zip
    $ simg2img system.img system_raw.img
    $ gzip -c system_raw.img > system_raw.gz
    $ adb push system_raw.gz /storage/emulated/0/Download/
    

    View Slide

13. Flash a GSI using DSU
    $ adb shell am start-activity \
    -n com.android.dynsystem/com.android.dynsystem.VerificationActivity \
    -a android.os.image.action.START_INSTALL \
    -d file:///storage/emulated/0/Download/system_raw.gz \
    --el KEY_SYSTEM_SIZE $(du -b system_raw.img|cut -f1) \
    --el KEY_USERDATA_SIZE
    

    View Slide

14. Generic System Images
    documentation
    developer.android.com/topic/generic-system-image
    

    View Slide

15. Permission protectionLevel
    

    View Slide

16. Converting AOSP test certificates to
    Android keystore
    $ openssl pkcs8 -inform DER -nocrypt -in platform.pk8 -out platform-signing.key
    $ openssl pkcs12 -export -in platform.x509.pem -inkey platform.key \
    -name platform -out platform-signing.pem -password pass:password
    $ openssl pkcs12 -export -in platform.x509.pem -inkey platform-signing.key \
    -name platform -out platform-signing.pem -password pass:password
    $ keytool -importkeystore -destkeystore platform-signing.keystore \
    -deststorepass password -srckeystore platform.pem -srcstoretype PKCS12 -srcstorepass password
    

    View Slide

17. Using the platform key for
    signing
    signingConfigs {
    debug {
    keyAlias 'platform'
    keyPassword 'password'
    storeFile rootProject.file('platform-signing.keystore')
    storePassword 'password'
    }
    }
    

    View Slide

18. Installing from Android Studio
    

    View Slide

19. Installing on the /system/app or /
    system/priv-app partition
    $ adb root
    $ adb disable-verity
    $ adb reboot # Wait for device to reboot...
    $ adb root
    $ adb remount
    $ adb shell mkdir /system/app/YourSystemApp
    $ adb push YourSystemApp.apk /system/app/YourSystemApp
    $ adb reboot # Not usually needed
    Remember to bump versionCode!
    

    View Slide

20. Calling System APIs
    

    View Slide

21. Permissions
    frameworks/base/core/res/AndroidManifest.xml
    
    android:protectionLevel="signature" />
    

    View Slide

22. Inject input events
    (InputManager.java)
    

    View Slide

23. Calling hidden APIs
    Refelctions (Slow!)
    private val injectMethod: Method = InputEvent::class.java
    .getMethod("injectInputEvent", InputEvent::class.java, Int::class.java)
    fun InputManager.injectEvent(inputEvent: InputEvent) {
    injectMethod.invoke(this, inputEvent, 0)
    }
    

    View Slide

24. Calling hidden APIs
    Add an interface
    

    View Slide

25. Calling hidden APIs
    Add an interface
    package android.hardware.input;
    import android.view.InputEvent;
    public interface InputManager {
    public boolean injectInputEvent(InputEvent event, int mode);
    }
    

    View Slide

26. Calling hidden APIs
    Extract framework.jar & android.jar
    1. Copy files from device or emulator
    2. Convert from DEX to Java classes (DexTools)
    3. Package into a new android.jar file
    4. Replace android.jar in your SDK
    

    View Slide

27. Calling hidden APIs
    Build a custom SDK
    $ mkdir ~/my-android-git
    $ cd ~/my-android-git
    $ repo init -u https://android.googlesource.com/platform/manifest \
    -b master -g all,-notdefault,tools
    $ repo sync -j8
    # Edit AOSP!
    $ . build/envsetup.sh
    $ lunch sdk-eng
    $ m
    

    View Slide

28. Android Code Search
    cs.android.com
    

    View Slide

29. Interesting @SystemAPI
    permissions
    
    android:protectionLevel="signature" />
    
    android:protectionLevel="signature" />
    
    android:protectionLevel="signature|privileged" />
    

    View Slide

30. Interesting @SystemAPI
    permissions
    
    android:protectionLevel="signature|privileged|vendorPrivileged|oem|verifier|role" />
    
    android:protectionLevel="signature|privileged|vendorPrivileged|oem|verifier|role"/>
    

    View Slide

31. Interesting @SystemAPI
    permissions
    
    android:protectionLevel="signature|recents|role|installer"/>
    

    View Slide

32. Summary
    • How much System APIs do you need to use?
    • Reflection?
    • Custom interface
    • Custom Engineering SDK
    • Bookmark system AndroidManifest.xml
    • Navigating cs.andorid.com
    

    View Slide