Develop your own
Android version –
lessons learnt
SecureApps 30/01/2014
Jan Vossaert
Overview
• Introduction
• Android concepts/terminology
• Your own Android version
• Use cases
• Conclusion
Introduction
• What is Android?
o Linux-based mobile phone OS
o Actively developed by Google
o Free to use for hardware manufacturers and others to
use on their device
Introduction
• Why would you build your own Android version?
o Install own default applications
• Cannot be removed by users
o Run Android on custom hardware
o Modifications to Android frameworks
o Add additional applications (PW Manager)
o Settings/security tweaks (VPN/firewall)
o ...
Android for board computers.
(Open Automotive Alliance)
Android for digibox
Licensing
Open: Apache 2
Open: Apache 2
Open: Various licenses
Proprietary (drivers) a (L)GPL
• Bootloader
o Software that starts when device boots
o Responsible for starting Android
o Locked
• Typically restricts software it loads (digitally signed updates etc)
o Unlocked
• Typically loads any software
• Used for booting custom ROMs
Rooted vs unlocked
Rooted vs unlocked
• Unlock bootloader (void warranty)
o Wipes phone
o No need to be root
• Custom ROM with/without root
• Stock ROM with/without root (exploit)
o Root has advantages for back-up (backup more data)
• ‘Locked’ phone
o Phone restricted to telephone operator
o Root Android via exploit
Rooted vs unlocked
• Rooted
o full administrator access of your device.
o run apps that require access to certain system settings
o Some applications refuse to run on rooted phone
Rooted vs unlocked
• Rooted
o BusyBox
• Android, offers a limited amount of UNIX commands
• BusyBox will implement more commands that are necessary for
some root apps to work properly.
o How to root your Android device
• Install custom ROM
• Use exploits (side-loading required)
• SuperOneClick
• FramaRoot
o Writing applications that use root privileges
• RootTools
• http://code.google.com/p/roottools/wiki/Usage
Backup Android device
• Backup with root
o NANDroid
o NAND partition stores all system relevant information
like the bootloader, recovery mode or the kernel.
o Complete system backup of your Android device.
• Backup without root
o Only for applications that implement backup interface
o Local backup via usb
o Remote backup via Google cloud
Your own Android version
Set up development environment
Download source
Modify source
Build source Deploy build
Your own Android version
• Set up development environment
o Linux or Mac OS
o Tested by Google on Ubuntu
o Only 64-bit as of Android 2.3
o http://source.android.com/source/initializing.html
• Download source
o Git repository
o Choose branch
o http://source.android.com/source/downloading.html
Your own Android version
• Source code overview
o bionic: C library (not libc for licensing)
o dalvik: dalvik virtual machine
o external: third party libraries used by Android
o framework: development frameworks provided by Android
o hardware: abstract the actual physical device
o ndk: native development kit
o out: built Adroid system
o prebuilt: contains modules that are prebuilt such as kernel
Your own Android version
• Source code overview
o framework: development frameworks provided by Android
• Java manager:
.../android_source/frameworks/base/core/java/android/hardware/SensorManager.
java
• JNI:
.../android_source/frameworks/base/core/jni/android_hardware_SensorManager.
cpp
o hardware: abstract the actual physical device (HAL)
• C code: .../android_source/hardware/libhardware/include/hardware/sensors.h
Your own Android version
• Regular application: /data/app
• System application: /system/app
o Cannot be uninstalled by user
• Adding system application
o Develop application in eclipse
o Copy app to /packages/apps (symlink also works)
o Delete bin and gen folder
o Create a makefile (Android.mk)
o Add app to /build/target/product/core.mk
o Rebuild Android source
Your own Android version
• Add hardware drivers
o drivers for Google development phones (Nexus) are
freely available
o comes as a self-extracting script
o run from the root of the source tree
• Build type (user – userdebug – eng)
• Target product
o Android flavor to be built
o Different apps/locales
o Configure build for specific device
• PandaBoard
• Increased security measures
• Decreased debugging capabilities
Your own Android version
• Build for custom hardware
o Android builds for similar hardware?
o Kernel is open source
o HAL can be closed source
o New build configuration
• Your own build
o out/target/product/<device name>/update.zip
• Custom ROMs
o Why?
• Newer version of Android
• Add additional features and system tweaks
o Why not?
• Hardware issues
• Warranty
o Distributions
• CyanogenMod
• AOKP
Your own Android version
Your own Android version
• Fastboot
o Special diagnostic and engineering protocol
o Boot device in fastboot mode
o Not accessible on all phones
o Fastboot utility in Android sdk
Your own Android version
• Unlock bootloader
o fastboot oem unlock
• Flash new recovery mode image
o The standard Android recovery mode is limited
o Replacement recovery modes
• Team Win Recovery Project (TWRP)
• ClockworkMod Recovery (CWRM)
o Use fastboot
• fastboot flash recovery your_recovery_image.img
• fastboot boot your_recovery_image.img
Your own Android version
• Unlock bootloader
• Flash new recovery mode image
• Use the recovery mode of the device
o Copy .zip on device
• Re-lock bootloader!
o fastboot oem lock
Use cases
• Fine grained control over release of data to apps
• Secure & flexible backup
Use cases: controlled release of data
• Apps don’t need all the data they request
• Advertisement libraries collect user data
Use cases: controlled release of data
Applications
Contacts Angry
birds …
Application framework
Data
Providers …
Policy
Manager
Management
App
Andro
id s
ourc
e
policy
policy
Policy
Decision
Point
Use cases: controlled release of data
• Policy specification
o On-the-fly
o Pre-defined
Use cases: controlled release of data
• Policy specification
o Pre-defined
o On-the-fly
• Policy rules
o Location
• Real location
• Standard location
• Proximity
• No signal
o Contact data
• None
• Real data
proximity
Use cases: controlled release of data
• Policy specification
o Pre-defined
o On-the-fly
• Policy rules
o Location
• Real location
• Standard location
• Proximity
• No signal
o Contact data
• None
• Real data
Use cases: secure and flexible backup
backup
Use cases: secure and flexible backup
backup
Use cases: secure and flexible backup
Applications
Contacts Browser …
Application framework
Location
Manager
Window
Manager …
Backup
Manager
Backup
Settings
Local
Transport
Custom
Transport
Andro
id s
ourc
e
settings
settings
Conclusion
• Android mods are industrially relevant
o Only kernel modification open source
o Hardware/software requirements for term ‘AndroidTM’
• Android compatibility test suite (free)
• Report generated for Google
• http://source.android.com/faqs.html
• Android can be adjusted to your needs
o Huge codebase
o Updates?
References
• http://lifehacker.com/how-to-flash-a-rom-to-your-android-
phone-30885281
• http://xda-university.com/as-a-developer/introduction-how-
an-android-rom-is-built
• http://trendblog.net/guide-to-android-rooting-custom-roms-
apps-2014-edition/
• http://lifehacker.com/5789397/the-always-up+to+date-
guide-to-rooting-any-android-phone
• http://source.android.com/source/building-devices.html
• http://apcmag.com/how-to-make-your-own-android-
rom.htm
References
• http://dottech.org/23370/how-to-root-android-jailbreak-ios-
iphone-ipad-homebrew-webos/#otheroneclick
• http://trendblog.net/android-guide-make-nandroid-backup-
android-phone/
• https://developers.google.com/android/nexus/drivers
• http://source.android.com/compatibility/index.html
• Embedded Android - O'Reilly Media