2

So I've been digging around AOSP trying to figure out how an android app is installed. So far this is where I'm at:

The apk File will be sent from PackageInstallerActivity to InstallAppProgress where it invokes the PackageManager method installPackage().

The previous call to PackageManager gets directed to the PackageManagerService, with the magic of AIDL (took some time for me to understand this).

In the core method installPackageWithVerification() an instance of the PackageHandler gets created and the message passing takes place in a robust way with the usage of a bunch of status codes like INIT_COPY, PACKAGE_VERIFIED etc.

Based on the status codes of the messages received in the Handler the ops takes place. To start of with INIT_COPY - adds the package to the list of pending installs and invokes message with code MCS_BOUND.

This copies the basic files extracted from the apk files like the data files.

And somewhere down in the lane come the message with flag CHECK_PENDING_VERIFICATION, which takes the package from the pending list parses the entries, especially the AndroidManifest file. Verifies and validates stuff like package signature, packageName etc etc.

Then a call is made to updateSettingLI() which in turn makes 3 more important function calls eventually.

  • moveDexFilesLI()
  • setPermissionsLI() - extracts dir res/ files, resources.arsc, Manifest.xml
  • updatePermissionsLPw() - calls grantPermissionLPw - and adds the groupids of the permissions parsed from the manifest file

At this point of time the Package object has the respective groupids so until now I was able to figure out basically how Permissions gets transformed into groupids. Pardon my rant, I thought this might be useful for someone dubugging PackageManagerService, especially the scanPackageLI method it is easy to get lost in code.

Now the actual question, I know figuratively in android each app is nothing but a linux process controlled with its own uid and gids. We have the gids from the above I want to know how from the PackageManagerService this gets transformed to a linux process.

I know "installd" also plays a crucial role in the install process. But I was unable to find the link where the permissions or access rights (according to linux teminology) is set for the package (process in linux) being installed?

Kindly help me out.

Adi GuN
  • 1,244
  • 3
  • 16
  • 38

1 Answers1

2

Very good question. But to find the answer to your question you need to look into slightly another direction, namely start of processes. As you may know in Android there is a special process called Zygote. This is a pre-warmed process (meaning that in its memory there are already some libraries loaded) and from this process all Android processes are forked off.

When you start an application, Android system sends a command through a socket to Zygote to create a new process. Within this command also a set of gids assigned to the application based on permissions is sent. After Zygote has created a new process it setgid the passed gids. Thus, the forked process receives its uid and gids. But this process only relevant for permissions, which are mapped onto gids.

Yury
  • 20,618
  • 7
  • 58
  • 86
  • Thank you for your suggestion. Yes even I do feel that I'm on a wrong track and going through the Zygote code does help me understand the nuances on how the permissions are set. Especially the forkAndSpecialize() method in the dalvik_system_Zygote.cpp actually does the setting group ids part with setgroups(gid) for the forked process. My question is when we actually click on an App in android what exactly does the invocation of eventually to this part. I want to trace out the path. Could you help me with some pointers on the same. Thanks – Adi GuN Mar 03 '14 at 23:35
  • 1
    Try to apply the information in this link: http://coltf.blogspot.it/p/android-os-processes-and-zygote.html Actually, if I'm not wrong you need to look for the method called startActivityMayWait(), which is called by startActivity() method of ActivityManagerService – Yury Mar 04 '14 at 09:32
  • Thank you so much Yury. The article did help me a lot. – Adi GuN Mar 04 '14 at 19:36
  • @Yury Is there any good blog or something related to this which will give more detailed information, if yes please share – Shirish Herwade Jun 12 '14 at 07:09