Android Internals

Android Architecture and Binder

  • Android is built on top of the Linux kernel.
  • The kernel provides drivers for hardware, networking, file-system access, and process management.

  • Binder is a kernel driver to facilitate inter-process communication.

    Android Architecture and Binder

Inter-Process Communication (IPC) Mechanism

  • Process Isolation: Each process in Android has a separate address space, and a process cannot directly access another process’s memory.

  • Inter-Process Communication (IPC): If a process wants to offer some useful service(s) to other processes, it needs to provide some mechanism that allows other processes to discover and interact with those services. That mechanism is referred to as IPC. The kernel has control over all processes and therefore can expose an interface that enables IPC. In Binder, this interface is the /dev/binder device, which is implemented by the Binder kernel driver.

  • The bulk of Android is implemented in Java and as such is executed by a Java Virtual Machine (JVM). Dalvik is the name of Android's Java VM implementation. Dalvik cannot run Java bytecode (.class files) directly. Dalvik Executables (DEX) are packaged in .dex files. In turn, .dex files are packaged inside system Java libraries (JAR files) or Android applications (APK files).

    Binder IPC

  • Higher-level IPC abstractions in Android such as Intents (commands with associated data that are delivered to components across processes), Messengers (objects that enable message-based communication across processes), and ContentProviders (components that expose a cross-process data management interface) are built on top of Binder.

  • Binder prevents privilege escalation.

APK

  • An Android app is packaged in an APK file.
  • APK stands for Android Application Package
  • An APK file contains the compiled Java code and other resources like texts and images for the Android application.

AndroidManifest.xml

  • It contains information of about the APK.

    • Components in use
    • Permissions
    • etc.

  • This XML file will exist in every android application.

  • It could be located inside the root directory.

  • A sample file would look like:

      <manifest xmlns:android="http://schemas.android.com/apk/res/android"  
      package="com.javatpoint.hello"  
      android:versionCode="1"  
      android:versionName="1.0" >  

      <uses-sdk  
          android:minSdkVersion="8"  
          android:targetSdkVersion="15" />  

      <application  
          android:icon="@drawable/ic_launcher"  
          android:label="@string/app_name"  
          android:theme="@style/AppTheme" >  
          <activity  
              android:name=".MainActivity"  
              android:label="@string/title_activity_main" >  
              <intent-filter>  
                  <action android:name="android.intent.action.MAIN" />  

                  <category android:name="android.intent.category.LAUNCHER" />  
              </intent-filter>  
          </activity>  
      </application>  

  </manifest>

  • Some of the Android components are:

    • Activities
    • Broadcast Receivers
    • Content Providers
    • Services
    • Intents

Activities

An Android app may contain one or more activities, meaning one or more screens. The Android app starts by showing the main activity, and from there the app may make it possible to open additional activities.

Broadcast Receivers

Android apps can send or receive broadcast messages from the Android system and other Android apps. These broadcasts are sent when an event of interest occurs. For example, the Android system sends broadcasts when various system events occur, such as when the system boots up or the device starts charging. Apps can also send custom broadcasts, for example, to notify other apps of something that they might be interested in (for example, some new data has been downloaded).

Content Providers

A content provider manages access to a central repository of data. It supplies data from one application to others on request.

Services

A service is a component that runs in the background to perform long-running operations without needing to interact with the user.

Permissions

  • Because Android applications are sandboxed, they can access only their own files and any world-accessible resources on the device.
  • Android can grant additional, fine-grained access rights to applications in order to allow for richer functionality.
  • Applications can request permissions by defining them in the AndroidManifest.xml file.
  • At application install time, Android inspects the list of requested permissions and decides whether to grant them or not.
  • Once granted, permissions cannot be revoked and they are available to the application without any additional confirmation.

Code Signing

  • All Android applications must be signed by their developer, including system applications. Because Android APK files are an extension of the Java JAR package format, 8 the code signing method used is also based on JAR signing. Android uses the APK signature to make sure updates for an app are coming from the same author (this is called the same origin policy) and to establish trust relationships between applications. Both of these secu- rity features are implemented by comparing the signing certificate of the currently installed target app with the certificate of the update or related application.

  • System applications are signed by a number of platform keys. Different system components can share resources and run inside the same process when they are signed with the same platform key. Platform keys are generated and controlled by whoever maintains the Android version installed on a particular device: device manufacturers, carriers, Google for Nexus devices, or users for self-built open source Android versions.

References

results matching ""

    No results matching ""