Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Developing system apps without AOSP

Avatar for Erik Hellman Erik Hellman
April 28, 2023
Programming
2
600

Developing system apps without AOSP

If you work with Android development long enough, there is a high chance that you eventually will be developing system applications for a custom Android device. This is quite different from doing regular apps we publish on Google Play Store, and used to require that you have the entire AOSP source code checked out in order to work with it.

However, with some understanding of how Android internals work and how to use some undocumented features of the regular build tools, we can actually develop system apps without the whole mess that comes with AOSP.

In this session you'll learn how to use system and signature level permissions, how to efficiently call system APIs, and how to test all of this on a regular Android emulator. Hopefully this will make the daily life easier for all the Android developers working on system applications.
Avatar for Erik Hellman

Erik Hellman

April 28, 2023
Tweet

More Decks by Erik Hellman

See All by Erik Hellman
Wireless protocols for the next generation IoT devices
Avatar for Erik Hellman erikhellman
2
74
Working with Custom Android Devices and AOSP build system
Avatar for Erik Hellman erikhellman
2
390
Working with custom Android devices
Avatar for Erik Hellman erikhellman
2
370
State of BLE on Android in 2023
Avatar for Erik Hellman erikhellman
3
870
State of BLE on Android in 2022
Avatar for Erik Hellman erikhellman
1
1.2k
The technical solutions behind Öppna Skolplattformen
Avatar for Erik Hellman erikhellman
0
200
Bluetooth Low Energy for Modern Android Development
Avatar for Erik Hellman erikhellman
1
970
Introduction to Flutter
Avatar for Erik Hellman erikhellman
0
230
Introduction to Kotlin/JS for frontend development
Avatar for Erik Hellman erikhellman
1
470

Other Decks in Programming

See All in Programming
医療系ソフトウェアのAI駆動開発
Avatar for kouki.miura koukimiura
1
140
flutter_kaigi_mini_4.pdf
Avatar for Hiroki Nobuta nobu74658
0
160
Beyond_the_Prompt__Evaluating__Testing__and_Securing_LLM_Applications.pdf
Avatar for Mete Atamel meteatamel
0
120
ドメイン駆動設計とXPで支える子どもの未来 / Domain-Driven Design and XP Supporting Children's Future
Avatar for nrs nrslib
0
320
Boast Code Party / RubyKaigi 2025 After Event
Avatar for はる lemonade_37
0
110
私のRubyKaigi 2025 Kaigi Effect / My RubyKaigi 2025 Kaigi Effect
Avatar for chobishiba chobishiba
1
140
はじめてのPDFKit.pdf
Avatar for shoma.kato shomakato
0
110
バイラテラルアップサンプリング
Avatar for Fadis fadis
3
600
Embracing Ruby magic
Avatar for Vinicius Stock vinistock
2
270
KANNA Android の技術的課題と取り組み
Avatar for Yosuke Watanabe watabee
1
570
LRパーサーはいいぞ
Avatar for ydah ydah
7
1.4k
AIコーディングの理想と現実
Avatar for Tomohisa Takaoka tomohisa
38
40k

Featured

See All Featured
How to train your dragon (web standard)
Avatar for Monica Dinculescu notwaldorf
91
6k
Designing for Performance
Avatar for Lara Hogan lara
608
69k
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
48
50k
The Web Performance Landscape in 2024 [PerfNow 2024]
Avatar for Tammy Everts tammyeverts
5
580
Navigating Team Friction
Avatar for Lara Hogan lara
185
15k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
430
65k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
507
140k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
667
120k
Sharpening the Axe: The Primacy of Toolmaking
Avatar for Bryan Cantrill bcantrill
41
2.3k
Optimising Largest Contentful Paint
Avatar for Harry Roberts csswizardry
37
3.2k
GraphQLの誤解/rethinking-graphql
Avatar for sonatard sonatard
71
11k
Unsuck your backbone
Avatar for Amy Palamountain ammeep
671
58k

Transcript

  1. Developing system apps without AOSP Erik Helman

  2. None

  3. Custom Android Devices

  4. Android Developer Boards

  5. System Apps vs Regular Apps • Hidden & System APIs

    • Signature & Permissions • Pre-installed

  6. Why? • No AOSP modifications • Developer Tooling • macOS

    and Windows

  7. Using an emulator

  8. Using an emulator

  9. Using an emulator

  10. Using a physical device (Pixel) $ adb shell getprop ro.treble.enabled

    true

  11. Download a Generic System Image

  12. Prepare the GSI $ unzip aosp_arm64-img-10018685.zip $ simg2img system.img system_raw.img

    $ gzip -c system_raw.img > system_raw.gz $ adb push system_raw.gz /storage/emulated/0/Download/

  13. Flash a GSI using DSU $ adb shell am start-activity

    \ -n com.android.dynsystem/com.android.dynsystem.VerificationActivity \ -a android.os.image.action.START_INSTALL \ -d file:///storage/emulated/0/Download/system_raw.gz \ --el KEY_SYSTEM_SIZE $(du -b system_raw.img|cut -f1) \ --el KEY_USERDATA_SIZE <size-of-system_raw.img>

  14. Generic System Images documentation developer.android.com/topic/generic-system-image

  15. Permission protectionLevel

  16. Converting AOSP test certificates to Android keystore $ openssl pkcs8

    -inform DER -nocrypt -in platform.pk8 -out platform-signing.key $ openssl pkcs12 -export -in platform.x509.pem -inkey platform.key \ -name platform -out platform-signing.pem -password pass:password $ openssl pkcs12 -export -in platform.x509.pem -inkey platform-signing.key \ -name platform -out platform-signing.pem -password pass:password $ keytool -importkeystore -destkeystore platform-signing.keystore \ -deststorepass password -srckeystore platform.pem -srcstoretype PKCS12 -srcstorepass password

  17. Using the platform key for signing signingConfigs { debug {

    keyAlias 'platform' keyPassword 'password' storeFile rootProject.file('platform-signing.keystore') storePassword 'password' } }

  18. Installing from Android Studio

  19. Installing on the /system/app or / system/priv-app partition $ adb

    root $ adb disable-verity $ adb reboot # Wait for device to reboot... $ adb root $ adb remount $ adb shell mkdir /system/app/YourSystemApp $ adb push YourSystemApp.apk /system/app/YourSystemApp $ adb reboot # Not usually needed Remember to bump versionCode!

  20. Calling System APIs

  21. Permissions frameworks/base/core/res/AndroidManifest.xml <!-- @SystemApi Allows an application to inject user

    events (keys, touch, trackball) into the event stream and deliver them to ANY window. Without this permission, you can only deliver events to windows in your own process. <p>Not for use by third-party applications. @hide --> <permission android:name="android.permission.INJECT_EVENTS" android:protectionLevel="signature" />

  22. Inject input events (InputManager.java)

  23. Calling hidden APIs Refelctions (Slow!) private val injectMethod: Method =

    InputEvent::class.java .getMethod("injectInputEvent", InputEvent::class.java, Int::class.java) fun InputManager.injectEvent(inputEvent: InputEvent) { injectMethod.invoke(this, inputEvent, 0) }

  24. Calling hidden APIs Add an interface

  25. Calling hidden APIs Add an interface package android.hardware.input; import android.view.InputEvent;

    public interface InputManager { public boolean injectInputEvent(InputEvent event, int mode); }

  26. Calling hidden APIs Extract framework.jar & android.jar 1. Copy files

    from device or emulator 2. Convert from DEX to Java classes (DexTools) 3. Package into a new android.jar file 4. Replace android.jar in your SDK

  27. Calling hidden APIs Build a custom SDK $ mkdir ~/my-android-git

    $ cd ~/my-android-git $ repo init -u https://android.googlesource.com/platform/manifest \ -b master -g all,-notdefault,tools $ repo sync -j8 # Edit AOSP! $ . build/envsetup.sh $ lunch sdk-eng $ m

  28. Android Code Search cs.android.com

  29. Interesting @SystemAPI permissions <!-- Allows uhid write access for creating

    virtual input devices @hide --> <permission android:name="android.permission.VIRTUAL_INPUT_DEVICE" android:protectionLevel="signature" /> <!-- Allows injecting the external camera to replace the internal camera. @hide --> <permission android:name="android.permission.CAMERA_INJECT_EXTERNAL_CAMERA" android:protectionLevel="signature" /> <!-- @SystemApi @TestApi @hide Allows an application to embed other activities --> <permission android:name="android.permission.ACTIVITY_EMBEDDING" android:protectionLevel="signature|privileged" />

  30. Interesting @SystemAPI permissions <!-- @SystemApi @hide Allows an application to

    start activities from background --> <permission android:name="android.permission.START_ACTIVITIES_FROM_BACKGROUND" android:protectionLevel="signature|privileged|vendorPrivileged|oem|verifier|role" /> <!-- Allows an application to start foreground services from the background at any time. <em>This permission is not for use by third-party applications</em>, with the only exception being if the app is the default SMS app. Otherwise, it's only usable by privileged apps, app verifier app, and apps with any of the EMERGENCY or SYSTEM GALLERY roles. --> <permission android:name="android.permission.START_FOREGROUND_SERVICES_FROM_BACKGROUND" android:protectionLevel="signature|privileged|vendorPrivileged|oem|verifier|role"/>

  31. Interesting @SystemAPI permissions <!-- @SystemApi @hide Allows an application to

    create windows using the type {@link android.view.WindowManager.LayoutParams#TYPE_APPLICATION_OVERLAY}, shown on top of all other apps. Allows an application to use {@link android.view.WindowManager.LayoutsParams#setSystemApplicationOverlay(boolean)} to create overlays that will stay visible, even if another window is requesting overlays to be hidden through {@link android.view.Window#setHideOverlayWindows(boolean)}. <p>Not for use by third-party applications. --> <permission android:name="android.permission.SYSTEM_APPLICATION_OVERLAY" android:protectionLevel="signature|recents|role|installer"/>

  32. Summary • How much System APIs do you need to

    use? • Reflection? • Custom interface • Custom Engineering SDK • Bookmark system AndroidManifest.xml • Navigating cs.andorid.com