Mobile Spaces

  • 1,641 views
Uploaded on

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,641
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
44
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. A Sneak Peek IntoAndroid Internals GDG Dec-2012 By Yoav WeissMobileSpaces Founder & CTO
  • 2. What were going to talk about● Virtualizing Android● Understanding Android internals through dynamic tracing
  • 3. What is MobileSpaces● Solving BYOD through a unique virtualization platform● Any app, any device, no root(!)● Funded by Accel Partners
  • 4. Short demo of
  • 5. Android Security Model in a nutshell● The Android security model is based on linux kernel separation● Apps and services run in usermode● Each app is assigned a unique uid and a home directory● Android takes advantage of linux gids● Android permissions are enforced by uid rather than package
  • 6. Application Initialization Process Step 1 - ActivityManager asks the System Server to start Activity/Service/Receiver/Provider * ActivityManager is actually a service running in the system_server process
  • 7. Application Initialization Process Step 2 - System Server checks which package provides that functionality
  • 8. Application Initialization Process Step 3 - System Server tells Zygote to load the package
  • 9. Application Initialization Process Step 4 - Zygote forks and creates the new application process
  • 10. Application Initialization Process Step 5 - The application is set up: ● Check permissions ● Set gid ● Set uid ● Load the package
  • 11. Application Initialization Process Step 6 - The application starts listening for instructions from ActivityManager (Activity lifecycle messages)
  • 12. Virtualizing AndroidSince Android apps and services run inusermode, they must interact with the world viasyscalls.
  • 13. Binder Flow ExampleStep 1 - Camera app asks MediaServer to access the camera
  • 14. Binder Flow ExampleStep 2 - MediaServer asks system_server if camera app is allow to access the camera
  • 15. Binder Flow ExampleStep 3 - system_server grants the permission
  • 16. Binder Flow ExampleStep 4 - MediaServer opens the camera driver and configures it
  • 17. Binder Flow ExampleStep 5 - MediaServer returns the file descriptor to the camera app whichcan now use the camera
  • 18. Live Demos Using the platform
  • 19. Summary● We virtualized Android. No root required● We used the VM to peek into the systemMobileSpaces is hiring!Visit us at: http://www.mobilespaces.somContact us: jobs@mobilespaces.com
  • 20. Q&A