If I want to write a kernel module on Android to identify a developer in a unique manner, is there any provision do so? One way I have thought of is to look at the key used to sign the app, capture it during installation and create a database of it in the kernel. I do not think this will be effective and hence would like to know any other ways.
Related
I'm currently an Android developer and I would like to make an application that will enable and disable logcat.
The purpose would basically be to save battery for the standard user, and to fix logcat not working for developers.
I know of one method to disable/enable logcat which is:
logcat-disable
logcat-enable
Unfortunately, this does not work on all devices since it is based on the kernel.
Also, most (I believe all) devices have a /dev/log/main/ folder in which there is a file that has logs printed into it. I could also possibly attempt to delete the folder (which it will likely be re-created at reboot) or MAYBE change the file permissions for it to prevent the system from writing to it. This option may or may not work.
So, my question is more for kernel developers or those very familiar with kernel development/file structure.
Does anyone have any idea what file is generally modified when a kernel enable/disables logcat?
P.S. I was able to figure out the answer to my question on one kernel, but I doubt if it applies to all.
P.P.S. I'm aware that this is probably a pointless question since every kernel is different, but I'm not sure, so that's why I'm asking.
Thank you!
Ever since I've moved to AOSP based roms (SlimKat, CyanogenMod, OmniRom, Resurrection-Remix,...) , I've noticed that in the DDMS tool (a tool for developers) that it shows all processes, and not just debuggable processes, including all third party apps' processes and OS's processes.
This never occurred for me on stock roms, no matter which device or stock rom I've looked at.
This issue annoys me as a developer, since I usually run only a single app that I develop and when I go to DDMS to choose the app's process, I need to find it amongst many processes (even of WhatsApp) , and, provided it hasn't changed its position on the list, click it and debug it.
So I asked about this on some kernels forums, and usually people didn't mind about it (and for good reason - it can bother only few people).
I've found the next tweak which can do it, but since I'm a complete newb in creating/modifying kernels, I have no idea how to patch it:
setprop ro.debuggable=0
Click to expand...
Click to collapse
Found from here .
I've contacted a few kernel developers and one of them agreed to check it out. I've tested it on CM and it worked just as it was intended :
Only debuggable apps' processes were visible and ready to be debugged.
Anyway, I wish to ask whoever is an expert in developing/modifying kernels those questions:
1. Why isn't this tweak enabled by default?
I mean, this is not the normal way roms work. It's not like this on any stock rom I've seen, not even on Nexus stock roms...
I also don't get why it's this way even for "final/stable" version roms (meaning not nightlies or experimental ones), since you'd probably not need to be able to debug them (users won't give you their device just for that...) .
2. Can you please explain to me, step by step (but don't assume I know anything about kernels development), how to take a rom's zip, and change its kernel so that this tweak will be enabled?
Maybe I could make an automatic tool that does it, either in Java for desktop or for Android.
3. Is there any way to enable this tweak without modifying the kernel? Maybe by using a tool that works with it?
Or maybe, provided we got root, change something to enable it?
Hello guys,
I want to permanently disable camera module and gps module in my phone.
I have not done much android internal modifications but have worked extensively in Embedded Linux.
I though of few approaches,
Method 1:
Find out the camera service which allows higher level applications to communicate with the camera/gps.
Find out the start up script which carries out the 'start service' functionality.
Modify the script and remove those parts.
Reboot
Method 2:
Find out the camera service which allows higher level applications to communicate with the camera/gps.
Add a local script to run at the end to kill the service such that applications will not be able to connect to camera/gps.
Reboot.
Method 3:
Remove/Rename the kernel modules for camera/gps (Don't know whether kernel will crash)
I guess above three ways are sort of easy. But I don't know the service names and init script information.
Can someone help me with this? Can I proceed with any of the above methods or do I need to rebuild the kernel without camera and flash it?
I want to make sure that I do the simplest change possible.
Thank you.
Hi there -
short prologue: I am working on my bachelor thesis and must develop a service that keeps a record of how often a user actively uses the application permission settings of Android 6 and above. The main goal is to have a custom ROM which can be deployed on several phones to conduct a survey.
I identified the file where these settings are stored:
Code:
/system/users/0/runtime-permissions.xml
I want to set up a service running a FileObserver to keep track of the changes in this file. The file is not accessible by normal applications (permission -rw-------) but the service has to run without superuser.
So I want to sign my application with the platform key to obtain system permissions. I am totally clear on the purpose of this security concept and I know that I cannot get the original key. The resulting ROM is not going to be public and is used only in a controlled group for research purposes.
My question is how to exchange the signature/key with what the system applications of my actual ROM are signed. So that I sign my own apk with the same key so it has the special permission. I found the answer to this exact question on stackoverflow but it is quite old and I did not succeed with this explanation.
Do you know if there is another, more current approach?
Thanks in advance!
Device is a Xiaomi Redmi 4X running stock MIUI 9 (Android 7.1.2)
Just have the app built as part of the rom. This will make sure they both have the same signature.
zelendel said:
Just have the app built as part of the rom. This will make sure they both have the same signature.
Click to expand...
Click to collapse
What do you mean by "built as part of the rom"? I cannot build the rom from aosp because the device should run the original MIUI firmware. I used SuperR's Kitchen to modify the rom. Is this not suitable?
That will not work no. Maybe you could try using their patch rom setup. As very little is done with miui here, you mugjt be better off asking in n their forums.
zelendel said:
That will not work no. Maybe you could try using their patch rom setup. As very little is done with miui here, you mugjt be better off asking in n their forums.
Click to expand...
Click to collapse
Can you explain, why this wont work? I supposed I just have to exchange all the signed apk files. When I re-sign them with apksigner then they also obtain the self-signed certificate containing the public key. So why is this not enough? Is there another instance in the OS which checks the app signature on boot?
The entire system partition uses the same signature. So I guess you could go through and recompile everything with the new key but I doubt it would work. Many oem system apps won't work without their oem signature.
Like I said. You maybe better off asking over in the miui forums as very little is done here for it.
Device: Mediatek MT6737M android 6.0 Marshmallow
The end game is to be able to flash (to several devices at one time) root privileges (we're using SuperSU), an APK, and that APKs security settings and permissions while not changing the Androids unique identifiers that Firebase needs to run certain functions of that APK. An added issue here is we are eliminating the native android launcher in the final build.
I can flash several devices at once with everything we need to run the app with the SP Multi Flash Tool however, as you may know that I just painfully figured out, all those devices would have the exact same identifiers. So when Firebase tries to find a specific device it points to all the devices. I looked into using Titanium Backup to preserve the unique IDs in order to replace them after flashing but 1. Titanium Backup costs too much especially if I have to pay per device and 2. That adds another step to a process I need to streamline.
Ideally I would like to be able to flash over everything I need without affecting the IDs that Firebase needs. Is this possible or is this a pipe dream?