Develop your own

Android version –

lessons learnt

SecureApps 30/01/2014

Jan Vossaert

Overview

• Introduction

• Android concepts/terminology

• Your own Android version

• Use cases

• Conclusion

Introduction

• What is Android?

o Linux-based mobile phone OS

o Actively developed by Google

o Free to use for hardware manufacturers and others to

use on their device

Introduction

• Why would you build your own Android version?

o Install own default applications

• Cannot be removed by users

o Run Android on custom hardware

o Modifications to Android frameworks

o Add additional applications (PW Manager)

o Settings/security tweaks (VPN/firewall)

o ...

Android for board computers.

(Open Automotive Alliance)

Android for digibox

Licensing

Open: Apache 2

Open: Apache 2

Open: Various licenses

Proprietary (drivers) a (L)GPL

• Bootloader

o Software that starts when device boots

o Responsible for starting Android

o Locked

• Typically restricts software it loads (digitally signed updates etc)

o Unlocked

• Typically loads any software

• Used for booting custom ROMs

Rooted vs unlocked

Rooted vs unlocked

• Unlock bootloader (void warranty)

o Wipes phone

o No need to be root

• Custom ROM with/without root

• Stock ROM with/without root (exploit)

o Root has advantages for back-up (backup more data)

• ‘Locked’ phone

o Phone restricted to telephone operator

o Root Android via exploit

Rooted vs unlocked

• Rooted

o full administrator access of your device.

o run apps that require access to certain system settings

o Some applications refuse to run on rooted phone

Rooted vs unlocked

• Rooted

o BusyBox

• Android, offers a limited amount of UNIX commands

• BusyBox will implement more commands that are necessary for

some root apps to work properly.

o How to root your Android device

• Install custom ROM

• Use exploits (side-loading required)

• SuperOneClick

• FramaRoot

o Writing applications that use root privileges

• RootTools

• http://code.google.com/p/roottools/wiki/Usage

Backup Android device

• Backup with root

o NANDroid

o NAND partition stores all system relevant information

like the bootloader, recovery mode or the kernel.

o Complete system backup of your Android device.

• Backup without root

o Only for applications that implement backup interface

o Local backup via usb

o Remote backup via Google cloud

Your own Android version

Set up development environment

Download source

Modify source

Build source Deploy build

Your own Android version

• Set up development environment

o Linux or Mac OS

o Tested by Google on Ubuntu

o Only 64-bit as of Android 2.3

o http://source.android.com/source/initializing.html

• Download source

o Git repository

o Choose branch

o http://source.android.com/source/downloading.html

Your own Android version

• Source code overview

o bionic: C library (not libc for licensing)

o dalvik: dalvik virtual machine

o external: third party libraries used by Android

o framework: development frameworks provided by Android

o hardware: abstract the actual physical device

o ndk: native development kit

o out: built Adroid system

o prebuilt: contains modules that are prebuilt such as kernel

Your own Android version

• Source code overview

o framework: development frameworks provided by Android

• Java manager:

.../android_source/frameworks/base/core/java/android/hardware/SensorManager.

java

• JNI:

.../android_source/frameworks/base/core/jni/android_hardware_SensorManager.

cpp

o hardware: abstract the actual physical device (HAL)

• C code: .../android_source/hardware/libhardware/include/hardware/sensors.h

Your own Android version

• Regular application: /data/app

• System application: /system/app

o Cannot be uninstalled by user

• Adding system application

o Develop application in eclipse

o Copy app to /packages/apps (symlink also works)

o Delete bin and gen folder

o Create a makefile (Android.mk)

o Add app to /build/target/product/core.mk

o Rebuild Android source

Your own Android version

• Add hardware drivers

o drivers for Google development phones (Nexus) are

freely available

o comes as a self-extracting script

o run from the root of the source tree

• Build type (user – userdebug – eng)

• Target product

o Android flavor to be built

o Different apps/locales

o Configure build for specific device

• PandaBoard

• Increased security measures

• Decreased debugging capabilities

Your own Android version

• Build for custom hardware

o Android builds for similar hardware?

o Kernel is open source

o HAL can be closed source

o New build configuration

• Your own build

o out/target/product/<device name>/update.zip

• Custom ROMs

o Why?

• Newer version of Android

• Add additional features and system tweaks

o Why not?

• Hardware issues

• Warranty

o Distributions

• CyanogenMod

• AOKP

Your own Android version

Your own Android version

• Fastboot

o Special diagnostic and engineering protocol

o Boot device in fastboot mode

o Not accessible on all phones

o Fastboot utility in Android sdk

Your own Android version

• Unlock bootloader

o fastboot oem unlock

• Flash new recovery mode image

o The standard Android recovery mode is limited

o Replacement recovery modes

• Team Win Recovery Project (TWRP)

• ClockworkMod Recovery (CWRM)

o Use fastboot

• fastboot flash recovery your_recovery_image.img

• fastboot boot your_recovery_image.img

Your own Android version

• Unlock bootloader

• Flash new recovery mode image

• Use the recovery mode of the device

o Copy .zip on device

• Re-lock bootloader!

o fastboot oem lock

Use cases

• Fine grained control over release of data to apps

• Secure & flexible backup

Use cases: controlled release of data

• Apps don’t need all the data they request

• Advertisement libraries collect user data

Use cases: controlled release of data

Applications

Contacts Angry

birds …

Application framework

Data

Providers …

Policy

Manager

Management

App

Andro

id s

ourc

e

policy

policy

Policy

Decision

Point

Use cases: controlled release of data

• Policy specification

o On-the-fly

o Pre-defined

Use cases: controlled release of data

• Policy specification

o Pre-defined

o On-the-fly

• Policy rules

o Location

• Real location

• Standard location

• Proximity

• No signal

o Contact data

• None

• Real data

proximity

Use cases: controlled release of data

• Policy specification

o Pre-defined

o On-the-fly

• Policy rules

o Location

• Real location

• Standard location

• Proximity

• No signal

o Contact data

• None

• Real data

Use cases: secure and flexible backup

backup

Use cases: secure and flexible backup

backup

Use cases: secure and flexible backup

Applications

Contacts Browser …

Application framework

Location

Manager

Window

Manager …

Backup

Manager

Backup

Settings

Local

Transport

Custom

Transport

Andro

id s

ourc

e

settings

settings

Conclusion

• Android mods are industrially relevant

o Only kernel modification open source

o Hardware/software requirements for term ‘AndroidTM’

• Android compatibility test suite (free)

• Report generated for Google

• http://source.android.com/faqs.html

• Android can be adjusted to your needs

o Huge codebase

o Updates?

References

• http://lifehacker.com/how-to-flash-a-rom-to-your-android-

phone-30885281

• http://xda-university.com/as-a-developer/introduction-how-

an-android-rom-is-built

• http://trendblog.net/guide-to-android-rooting-custom-roms-

apps-2014-edition/

• http://lifehacker.com/5789397/the-always-up+to+date-

guide-to-rooting-any-android-phone

• http://source.android.com/source/building-devices.html

• http://apcmag.com/how-to-make-your-own-android-

rom.htm

References

• http://dottech.org/23370/how-to-root-android-jailbreak-ios-

iphone-ipad-homebrew-webos/#otheroneclick

• http://trendblog.net/android-guide-make-nandroid-backup-

android-phone/

• https://developers.google.com/android/nexus/drivers

• http://source.android.com/compatibility/index.html

• Embedded Android - O'Reilly Media