如何成為系統(tǒng)應(yīng)用
方法一:在Manifest中聲明android:sharedUserId的值為:android.uid.system肖油,android.uid.phone,android.uid.log贾费,android.uid.nfc,android.uid.bluetooth,android.uid.shell的應(yīng)用。
#android/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
//PMS中根據(jù)privateFlags和flags來判定一個應(yīng)用是否為SystemApp或PrivilegedApp
private static boolean isSystemApp(PackageParser.Package pkg) {
return (pkg.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0;
}
//特權(quán)系統(tǒng)應(yīng)用
private static boolean isPrivilegedApp(PackageParser.Package pkg) {
return (pkg.applicationInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) != 0;
}
private static boolean isSystemApp(PackageSetting ps) {
return (ps.pkgFlags & ApplicationInfo.FLAG_SYSTEM) != 0;
}
//根據(jù)sharedUserId賦值flags和privateFlags慢宗,全部為特權(quán)系統(tǒng)應(yīng)用
mSettings = new Settings(mPackages);
mSettings.addSharedUserLPw("android.uid.system", Process.SYSTEM_UID,ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.phone", RADIO_UID,ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.log", LOG_UID,ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.nfc", NFC_UID,ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.bluetooth", BLUETOOTH_UID,ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
mSettings.addSharedUserLPw("android.uid.shell", SHELL_UID,ApplicationInfo.FLAG_SYSTEM, ApplicationInfo.PRIVATE_FLAG_PRIVILEGED);
方法二:指定目錄下的應(yīng)用:/vendor/overlay,/system/framework奔穿,/system/priv-app镜沽,/system/app,/vendor/app贱田,/oem/app缅茉。
#android/frameworks/base/services/core/java/com/android/server/pm/PackageManagerService.java
private static final String VENDOR_OVERLAY_DIR = "/vendor/overlay";
File vendorOverlayDir = new File(VENDOR_OVERLAY_DIR);
scanDirLI(vendorOverlayDir, PackageParser.PARSE_IS_SYSTEM | PackageParser.PARSE_IS_SYSTEM_DIR, scanFlags | SCAN_TRUSTED_OVERLAY, 0);
//PackageParser.PARSE_IS_PRIVILEGED標(biāo)志會轉(zhuǎn)換為ApplicationInfo.PRIVATE_FLAG_PRIVILEGED
// /system/framework為特權(quán)系統(tǒng)應(yīng)用,只是包含資源湘换,不包含代碼
File frameworkDir = new File(Environment.getRootDirectory(), "framework");
scanDirLI(frameworkDir, PackageParser.PARSE_IS_SYSTEM | PackageParser.PARSE_IS_SYSTEM_DIR | PackageParser.PARSE_IS_PRIVILEGED,scanFlags | SCAN_NO_DEX, 0);
// /system/priv-app為特權(quán)系統(tǒng)應(yīng)用
final File privilegedAppDir = new File(Environment.getRootDirectory(), "priv-app");
scanDirLI(privilegedAppDir, PackageParser.PARSE_IS_SYSTEM | PackageParser.PARSE_IS_SYSTEM_DIR | PackageParser.PARSE_IS_PRIVILEGED, scanFlags, 0);
final File systemAppDir = new File(Environment.getRootDirectory(), "app");
scanDirLI(systemAppDir, PackageParser.PARSE_IS_SYSTEM | PackageParser.PARSE_IS_SYSTEM_DIR, scanFlags, 0);
File vendorAppDir = new File("/vendor/app");
scanDirLI(vendorAppDir, PackageParser.PARSE_IS_SYSTEM | PackageParser.PARSE_IS_SYSTEM_DIR, scanFlags, 0);
final File oemAppDir = new File(Environment.getOemDirectory(), "app");
scanDirLI(oemAppDir, PackageParser.PARSE_IS_SYSTEM | PackageParser.PARSE_IS_SYSTEM_DIR, scanFlags, 0);
系統(tǒng)應(yīng)用分類
普通系統(tǒng)應(yīng)用
特權(quán)系統(tǒng)應(yīng)用
定義:特權(quán)系統(tǒng)應(yīng)用是系統(tǒng)應(yīng)用宾舅,同時有ApplicationInfo.PRIVATE_FLAG_PRIVILEGED標(biāo)志。
功能:可以使用protectionLevel為signatureOrSystem或signature|privileged的權(quán)限彩倚。
如何成為特權(quán)系統(tǒng)應(yīng)用
根據(jù)如何成為系統(tǒng)應(yīng)用中PackageManagerService的定義筹我,成為特權(quán)系統(tǒng)應(yīng)用有如下兩種方法:
方法一:在Manifest中聲明android:sharedUserId的值為:android.uid.system,android.uid.phone帆离,android.uid.log蔬蕊,android.uid.nfc,android.uid.bluetooth哥谷,android.uid.shell的應(yīng)用岸夯。
方法二:指定目錄下的應(yīng)用:/system/framework,/system/priv-app们妥。
