Scribd
Upload
208 views23 pages

Android Internals 101103 101220132519 Phpapp01

The document provides an overview of the Android system architecture and startup process. It describes the overall architecture including the Linux kernel, native user-space components like Dalvik and Bionic, and key system services like the activity manager and binder. It explains how the bootloader loads the kernel at startup, which initializes devices and mounts filesystems. The init process then starts core system daemons and the zygote process, which preloads classes and starts the system server and activity manager to launch the home screen. The document also covers hardware support, the Java native interface, stock Android apps, and methods for hacking and modifying the platform.

Uploaded by

Bhanushali Ashwin
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
Download as pdf or txt
208 views23 pages

Android Internals 101103 101220132519 Phpapp01

The document provides an overview of the Android system architecture and startup process. It describes the overall architecture including the Linux kernel, native user-space components like Dalvik and Bionic, and key system services like the activity manager and binder. It explains how the bootloader loads the kernel at startup, which initializes devices and mounts filesystems. The init process then starts core system daemons and the zygote process, which preloads classes and starts the system server and activity manager to launch the home screen. The document also covers hardware support, the Java native interface, stock Android apps, and methods for hacking and modifying the platform.

Uploaded by

Bhanushali Ashwin
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
Download as pdf or txt
Download as pdf or txt
You are on page 1/ 23

Android Internals

Android Montreal November 3rd 2010 Karim Yaghmour / @karimyaghmour

Overall Architecture System startup Linux Kernel Hardware Support Native User-Space Dalvik JNI System Server

Activity Manager Binder Stock Android Apps Hacking

Overall Architecture

Arch vs. Tools


SDK, Eclipse, .apk

Manifest: Perms / SDK ver.

.dex, ddms NDK, rootfs, initrc, adb GNU toolchain (fastboot)

System Startup

Bootloader Kernel Init Zygote System Server Activity Manager Launcher (Home)

Startup - Bootloader

CPU fetches first instruction from bootloader Bootloader boots kernel from flash:
0x0000038600000x000003900000:"misc" 0x0000039000000x000003e00000:"recovery" 0x000003e000000x000004300000:"boot" 0x0000043000000x00000c300000:"system" 0x00000c3000000x0000183c0000:"userdata" 0x0000183c00000x00001dd20000:"cache" 0x00001dd200000x00001df20000:"kpanic" 0x00001df200000x00001df60000:"dinfo" 0x00001df600000x00001dfc0000:"setupdata" 0x00001dfc00000x00001e040000:"splash1" 0x0000003000000x000001680000:"modem" From Acer Liquid-E Kernel /system /data /cache

Startup - Kernel

Core kernel initialization Device drivers initialization Root filesystem mounting Execution of /init

Startup - Init

Open, parses, and runs /init.rc:


Create mountpoints and mount filesystems Set up filesystem permissions Set OOM adjustments properties Start daemons:

adbd servicemanager (binder) vold netd rild app_process -Xzygote (Zygote) mediaserver ...

Startup Zygote, etc.

app_main:

runtime.start(com.android.internal.os.Zygote, ...)

startVM() Call Zygote's main() preloadClasses() startSystemServer() ... magic ... Call SystemServer's run() Start all system services/managers Start ActivityManager: Send Intent.CATEGORY_HOME Launcher2 kicks in

Linux Kernel Generic Features

Linux Kernel - Androidisms


Wakelocks lowmem handler Binder RAM console Logger ...

Hardware Support
Bluetooth GPS Wifi Display Keymaps and Keyboards Lights Backlight Keyboard Buttons Battery Notifications Attention Audio Camera Power Management Sensors Accelerometer Magnetic Field Orientation Gyroscope Light Pressure Temperature Proximity Radio Layer Interface BlueZ through D-BUS IPC (to avoid GPL contamination it seems) Manufacturer-provided libgps.so wpa_supplicant Std framebuffer driver (/dev/fb0) Std input event (/dev/event0) Manufacturer-provided liblights.so

Manufacturer-provided libaudio.so (could use ALSA underneath ... at least as illustrated in t Manufacturer-provided libcamera.so (could use V4L2 kernel driver underneath ... again as Wakelocks kernel patch Manufacturer-provided libsensors.so

Manufacturer-provided libril-<companyname>-<RIL version>.so

Native User-Space

Rootfs:

/system /data

Libs: Bionic, SQLite, SSL, OpenGL|ES, Non-Posix: limited Pthreads support, no SysV IPC

Toolbox Daemons: vold, rild, netd, adbd, ...

Dalvik

Sun-Java = Java language + JVM + JDK libs Android Java = Java language + Dalvik + Apache Harmony Target:

Slow CPU Relatively low RAM OS without swap space Battery powered

Now has JIT

Dalvik's .dex files


JVM munches on .class files Dalvik munches on .dex files .dex file = .class files post-processed by dx utility Uncompressed .dex = 0.5 * Uncompressed .jar

JNI Java Native Interface


Call gate for other languages, such as C, C++ Equivalent to .NET's pinvoke Usage: include and call native code from App Tools = NDK ... samples included Check out JNI Programmer's Guide and Specification - freely available PDF

System Server
Entropy Service Power Manager Activity Manager Telephone Registry Package Manager Account Manager Content Manager System Content Providers Battery Service Lights Service Vibrator Service Alarm Manager Init Watchdog Sensor Service Window Manager Bluetooth Service Device Policy Status Bar Clipboard Service Input Method Service NetStat Service NetworkManagement Service Connectivity Service Throttle Service Accessibility Manager Mount Service Notification Manager Device Storage Monitor Location Manager Search Service DropBox Service Wallpaper Service Audio Service Headset Observer Dock Observer UI Mode Manager Service Backup Service AppWidget Service Recognition Service Status Bar Icons DiskStats Service ADB Settings Observer

Activity Manager

Start new Activities, Services Fetch Content Providers Intent broadcasting OOM adj. maintenance Application Not Responding Ex. starting new app from Launcher: onClick(Launcher)->startActivity(Activity.java)>Binder->ActivityManagerService>startViaZygote(Process.java)->Socket->Zygote

Binder

CORBA/COM-like IPC Data sent through parcels in transactions Kernel-supported mechanism Check /proc/binder/*

Stock Android Apps from AOSP


/packages/apps AccountsAndSettings AlarmClock Bluetooth Browser Calculator Calendar Camera CertInstaller Contacts DeskClock Email Gallery HTMLViewer Launcher2 Mms Music PackageInstaller Protips Provision QuickSearchBox Settings SoundRecorder SpeechRecorder Stk VoiceDialer /packages/providers ApplicationProvider CalendarProvider ContactsProvider DownloadProvider DrmProvider GoogleContactsProvider MediaProvider TelephonyProvider UserDictionaryProvider /packages/inputmethods LatinIME OpenWnn PinyinIME

Hacking

Source:

AOSP -- source.android.com / android.git.kernel.org Cyanogenmod -- www.cyanogenmod.com Moders sites ... aplenty ... repo / git fastboot recovery Kernel privilege escalation exploits -- one-click root ...

Tools:

AOSP contents
bionic bootable build cts dalvik development device external frameworks hardware libcore ndk packages prebuilt sdk system C library replacement Reference bootloader Build system Compatibility Test Suite Dalvik VM Development tools Device-specific files and components Copy of external projects used by AOSP System services, android.*, Android-related cmds, etc. Hardware support libs Apache Harmony The NDK Stock Android apps, providers, etc. Prebuilt binaries The SDK pieces of the world that are the core of the embedded linux platform at the heart of Android.

Thank you ... karim.yaghmour@opersys.com

You might also like