Android Internals -- Duration: 5 days
----------------------------------------------
Synopsis

This course, modeled after Jonathan's Levin's seminal works of the same name, discusses the architecture of Android - covering both its design and its implementation. We examine the features of the Android Operating System, and highlight exactly what it inherits from its Linux core, as well as how it diverges with its idiosyncrasies and "Android-isms". Every nook and cranny of the architecture is explored, with modules discussing specific subsystems, such as the Dalvik Virtual Machine, Android RunTime (ART), the Binder IPC mechanism, Hardware Abstraction Layer (HAL), the Media Framework and Android Power Management.

Target Audience

Experienced Android Developers or Implementors; Security Researchers with a deep desire to understand the internals of the world's most popular mobile operating system.

This course is NOT intended for user mode developers who wish to develop GUI applications or use the Android Java SDKs - but can be a great recommended followup for those who already do.

Prerequisites

None.

Objectives Exercises

This course allocates time for hands-on practice, and plenty of instructor led demos. The hands-on exercises include:

MODULES
Day 1
1. Introduction - The Android Architecture - 5-6 hours

Introduction to the Android architecture. We discuss the design and implementation of the various subsystems, at a modular "black box" level, without going into the source code level (yet).

2. Android's Hardware Abstraction Layer - 1 hour

The Android Hardware Abstraction Layer is a key component in Android. It enables the operating system to be adapted to different devices. The basic devices of a phone or tablet - the leds, power, vibrator and others - are abstracted by libhardware into virtual hardware devices, and we discuss them here.

Day 2
3. Partitions & Filesystems - 2 hours

Unlike in a PC or Mac, Android devices have upwards of 20 partitions, and sometimes even double that - with some dozen partitions for Android common across all devices, and the rest vendor dependent. We explore both types, focusing on maintaining the partitions, the files in them, and more.

4-5. Booting - 6 hours

System startup and initialization - Walk through the various stages, from boot loader through kernel startup to basic setup of user mode processes. We also describe the modification of the boot loaders.

Day 3
6. Native Services - 2 hours

Describing the native services started by init - we walk through each and every one of the AOSP services, as well as some common vendor ones. The list includes:

7. Android IPC - 2 hours

Android's IPC mechanism is based on Binder, with some UNIX domain sockets on the side. We detail the inner workings of Binder, including:

Exercises include: Debugging and Tracing Binder IPC 8. The Input Architecture - 2 hours

Android has a complex stack to manage various input sources, such as the touch screen, sensors, and external devices. This module traverses that stack, covering each layer in turn:

Exercises include: Injecting Events Monitoring and Capturing Input Events
Day 4
9. Dalvik 2 hours

Google would have you believe that Dalvik, the virtual machine architecture, is no longer relevant now that L and later versions use the Android RunTime (ART) by default. This couldn't be further from the truth. In this module, we discuss:

Exercises include: Using dexdump and dextra to reverse a Dalvik APK's classes.dex all the way to Java source 10. ART - 1 hour

Since its inception as a "preview" in KitKat (4.4), ART has become the de facto standard for Android's application runtime. It has, however, changed with every version, up to and including the N Preview:

Day 5
11. Android Kernel tweaks - 1 hour

Android is, at the kernel level, almost identical to the common Linux kernel. There are, however, idiosyncrasies and modifications, which optimize the kernel to the mobile environments - low memory conditions, power management considerations, and more. In this chapter, we dig deep into these modifications, by examining each in detail, at the source code level. Specifically, we discuss:

12. Security - 4 hours 13. Connectivity (Optional) 2 hours

An examination of Android's connectivity mechanisms:

Frequently Asked Questions



------------------------------------------------

 Completed in 0.01s