[Android] Compile android kk443

Download oracle java 6 : http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase6-419409.html

chose : Linux x64 68.75 MB   "jdk-6u45-linux-x64.bin"
# sudo chmode 777 jdk-6u45-linux-x64.bin
# ./jdk-6u45-linux-x64.bin
# export JAVA_HOME=/home/bin/jdk1.6.0_45 (change to your java path)
# export JRE_HOME=${JAVA_HOME}/jre
# export CLASSPATH=.:${JAVA_HOME}/lib:${JRE_HOME}/lib
# export PATH=${JAVA_HOME}/bin:${JRE_HOME}/bin:$PATH


Modify : build/core/main.mk
+ifeq (0,$(shell expr $$(echo $(MAKE_VERSION) | sed "s/[^0-9\.].*//") = 4.1))
$(warning ********************************************************************************)
$(warning *  You are using version $(MAKE_VERSION) of make.)
$(warning *  Android can only be built by versions 3.81 and 3.82.)
$(warning *  see https://source.android.com/source/download.html)
$(warning ********************************************************************************)
$(error stopping)
+endif

[Android] Generate the test key pairs

About key
A. 簽名類型
android的標準簽名key有：
testkey, media, platform, shared
以上的四種，可以在源碼的/build/target/product/security/裡面看到對應的金鑰，其中shared.pk8代表私密金鑰，shared.x509.pem公開金鑰，一定是"成對"出現的。
其中testkey是作為android編譯的時候默認的簽名key，如果系統中的apk的android.mk中沒有設置LOCAL_CERTIFICATE的值，就默認使用testkey。

而如果設置成：
LOCAL_CERTIFICATE := platform
就代表使用platform來簽名，這樣的話這個apk就擁有了和system相同的簽名，因為系統級別的簽名也是使用的platform來簽名，此時使用android:sharedUserId="android.uid.system"才有用！
最後我們需要將testkey置換成releasekey。

B. 製作Release key
subject='/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'
mkdir ~/.android-certs
for x in releasekey platform shared media; do \
./development/tools/make_key ~/.android-certs/$x "$subject"; \
done
C ---> Country Name (2 letter code)
ST ---> State or Province Name (full name)
L ---> Locality Name (eg, city)
O ---> Organization Name (eg, company)
OU ---> Organizational Unit Name (eg, section)
CN ---> Common Name (eg, your name or your server’s hostname)
emailAddress ---> Contact email address

另外在使用上面的make_key腳本生成key的過程中會提示輸入password，直接enter，不要密碼！否則build的過程因為多執行緒會build失敗。(後面會介紹強制使用密碼方法)
將生成的key複製到/build/target/product/security/ 底下，testkey可以不留。
僅需一個人產生即可，其他人複製同一份security key使用，避免使用不同簽章而在燒錄過程驗證不過。

C. 修改系統默認簽名key
若LOCAL_CERTIFICATE沒有設定的話，系統預設會直接使用testkey為APK簽章。
修改預設使用的testkey為releasekey
android4.4/build/core/config.mk
修正前：
DEFAULT_SYSTEM_DEV_CERTIFICATE := build/target/product/security/testkey
修正後：
DEFAULT_SYSTEM_DEV_CERTIFICATE := build/target/product/security/releasekey

/build/core/makefile
修正前：
ifeq ($(DEFAULT_SYSTEM_DEV_CERTIFICATE),build/target/product/security/testkey)
BUILD_VERSION_TAGS += test-keys
修正後：
ifeq ($(DEFAULT_SYSTEM_DEV_CERTIFICATE),build/target/product/security/releasekey)
BUILD_VERSION_TAGS += release-keys

===================================================================
如果你在產生key的過程有輸入password
build/tools/signapk/SignApk.java 在這隻檔案

    private static String readPassword(File keyFile) {
        Console console;
        char[] pwd;
        if((console = System.console()) != null &&
           (pwd = console.readPassword("[%s]", "Enter password for " + keyFile)) != null){
            return String.valueOf(pwd);
        } else {
            //return null;
+           return String.valueOf(password);<<加入這段 強制回傳你設置的密碼
        }
    }
這樣就可以解決build失敗的狀況
-----------------------------------------------------------------------------------------------------------------
build/core/config.mk

ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE
  DEFAULT_SYSTEM_DEV_CERTIFICATE := $(PRODUCT_DEFAULT_DEV_CERTIFICATE)
else
  DEFAULT_SYSTEM_DEV_CERTIFICATE := build/target/product/security/testkey
endif
-----------------------------------------------------------------------------------------------------------------
in your project.mk
PRODUCT_DEFAULT_DEV_CERTIFICATE := \
        device/xxx/testkey


===================================================================
How do I change the KEY path and the RSA for DM-verity?
===================================================================

development/tools/make_key verity    '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com'

out/host/linux-x86/bin/generate_verity_key -convert verity.x509.pem verity_key

mv verity_key.pub verity_key

-----------------------------------------------------------------------------------------------------------------
copy build/target/product/verity.mk to project_path/

ifdef PRODUCT_VERITY_SIGNING_KEY
  PRODUCT_VERITY_SIGNING_KEY := $(PRODUCT_VERITY_SIGNING_KEY)
else
  DEFAULT_SYSTEM_DEV_CERTIFICATE := build/target/product/security/verity
endif
-----------------------------------------------------------------------------------------------------------------
in your project.mk

PRODUCT_VERITY_SIGNING_KEY := \
         device/xxx/verity

DISTTOOLS += \
  $(HOST_OUT_EXECUTABLES)/generate_verity_key


# setup dm-verity configs.
ifneq ($(BUILD_TARGET_DEVICE),sd)
 PRODUCT_SYSTEM_VERITY_PARTITION := /dev/block/mmcblkxxx
 $(call inherit-product, project_path/verity.mk)
else
 PRODUCT_SYSTEM_VERITY_PARTITION := /dev/block/mmcblkxxx
 $(call inherit-product, project_path/verity.mk)

endif

-----------------------------------------------------------------------------------------------------------------


key都建立完成後 應該要有
testkey.pk8      testkey.pem
media.pk8       media.pem
platform.pk8   platform.pem
shared.pk8      shared.pem
verity.pk8       verity.pem.
verity_key
共九個檔案

[Android] Debug

看cpu頻率相關資訊:
/sys/devices/system/cpu/


in android 6:
logcat -b kernel


Screencasting/Mirroring an Android Device Screen onto your Desktop under Ubuntu/Linux Mint

http://www.upubuntu.com/2015/09/screencastingmirroring-android-device.html

[Android] Android

===========================================================
init
system/core/init

readme.txt
keywords.h -init command
===========================================================
Android 6:
查詢相對應的Key_code
frameworks/base/data/keyboards/Generic.kl

處理Key_Event
frameworks/base/services/core/java/com/android/server/policy/PhoneWindowManager.java


158 /* KEY_BACK */
172 /* KEY_HOMEPAGE */
580 /* APP_SWITCH */


/frameworks/base/core/res/res/values/config.xml

===========================================================
Disable the software navigation bar
<bool name="config_showNavigationBar">false</bool>

Check the device init.rc don't "setprop sys.device.type tablet"


If deivetpye is tablet, the mHasNavigationBar will be true.

// Allow a system property to override this. Used by the emulator.
// See also hasNavigationBar().
String navBarOverride = SystemProperties.get("qemu.hw.mainkeys");
if ("1".equals(navBarOverride)) {
    mHasNavigationBar = false;
} else if ("0".equals(navBarOverride)) {
    mHasNavigationBar = true;
}

//if device type is tablet force enable NavigationBar and forbid NavigationBar move
String deviceType = SystemProperties.get("sys.device.type");
if (! "".equals(deviceType) && deviceType.equals("tablet")) {
    mNavigationBarCanMove = false;
    mHasNavigationBar = true;
}
===========================================================
Screen flip
frameworks/base/services/core/java/com/android/server/policy/PhoneWindowManager.java

        if (mForceDefaultOrientation) {
            return Surface.ROTATION_0;

        }

+            return Surface.ROTATION_180;


        synchronized (mLock) {


===========================================================

[Android] screencap

screencap 可以從 command line 擷取螢幕畫面。

screencap [-p] [<FILENAME>]

提供 FILENAME 時表示要把畫面直接寫到手機的記憶卡，否則會輸出到 STDOUT。
加 -p 或 FILENAME 以 .png 結尾時，畫面會輸出成 PNG 格式（預設採用 frame buffer 的原始格式）。例如：

$ adb shell screencap -p /sdcard/screen.png
$ adb pull /sdcard/screen.png
$ adb shell rm /sdcard/screen.png

利用 screencap 沒有給定 FILENAME 時會將畫面輸出到 STDOUT 的特性，可以將上面多個步驟合併成一行指令：

$ adb shell screencap -p | sed 's/\r$//' > screen.png

後面用 sed 多做一層加工，是因為 adb shell 會將 \n 轉成 \r\n 的關係，必須將 \r\n (0x0d0a) 反轉回 \r (0x0a) 才行。實務上，再用 alias 包裝起來會比較方便：

$ alias and-screencap="adb shell screencap -p | sed 's/\r$//'"
$ and-screencap > screen.png # 

之後就可以用 and-screencap > <FILENAME> 直接將畫面存成電腦上的檔案 FILENAME，不需要在手機記憶卡產生暫存檔。

完整的用法

$ screencap -h
usage: screencap [-hp] [FILENAME]
   -h: this message
   -p: save the file as a png.
If FILENAME ends with .png it will be saved as a png.
If FILENAME is not given, the results will be printed to stdout.

轉貼於:http://imsardine.simplbug.com/note/android/adb/commands/screencap.html

[Android] [Recovery]

===========================================================
Recovery klog
===========================================================
If you find : denied  { write } for  pid=183 comm="recovery" name="kmsg"

Moditfy : myandroid/external/sepolicy/recovery.te

Add : allow recovery kmsg_device:chr_file rw_file_perms;
----------------------------------------------------------------------------------------------------
recovery.cpp
#define RECOVERY_KLOG_LEVEL KLOG_INFO_LEVEL

in main to add :
    klog_init();
    klog_set_level(RECOVERY_KLOG_LEVEL

common.h
#include <cutils/klog.h>
#define LOGE(...) KLOG_INFO("<recovery>E", __VA_ARGS__); fprintf(stdout, "E:" __VA_ARGS__)
#define LOGW(...) KLOG_WARNING("<recovery>W", __VA_ARGS__); fprintf(stdout, "W:" __VA_ARGS__)
#define LOGI(...) KLOG_INFO("<recovery>I", __VA_ARGS__); fprintf(stdout, "I:" __VA_ARGS__)
#define LOGV(...) KLOG_INFO("<recovery>V", __VA_ARGS__); fprintf(stdout, "V:" __VA_ARGS__)
#define LOGD(...) KLOG_INFO("<recovery>D", __VA_ARGS__); fprintf(stdout, "D:" __VA_ARGS__)

screen_ui.cpp
in ScreenRecoveryUI::Print to add :
KLOG_INFO("<recovery>UI", "%s", buf);





===========================================================
Make /tmp/recovery.log & /tmp/last_install accessible
===========================================================
If you find : denied  { open } for  pid=194 comm="adbd" path="/tmp/recovery.log" dev="tmpfs"

adb pull /tmp/recovery.log
message : failed to copy '/tmp/recovery.log' to './recovery.log': Permission denied

adb pull /tmp/last_install
message : failed to copy '/tmp/last_install' to './last_install': Permission denied

Moditfy : external/sepolicy/adbd.te
Add : allow adbd tmpfs:file { open };
----------------------------------------------------------------------------------------------------
recovery.cpp
in main to add :
+chmod(TEMPORARY_LOG_FILE, 0644);

install.cpp
in main :
if (install_log) {
        fputs(path, install_log);
        fputc('\n', install_log);
      +chmod(install_file, 0644);
}





===========================================================
Support recovery shell console
===========================================================
mksh/reboot/toubox  Android.mk
LOCAL_STATIC_LIBRARIES += libc
LOCAL_FORCE_STATIC_EXECUTABLE := true
----------------------------------------------------------------------------------------------------
build/core/Makefile
recovery_ash_binary := $(call intermediates-dir-for,EXECUTABLES,ash)/ash
recovery_reboot_binary := $(call intermediates-dir-for,EXECUTABLES,rreboot)/rreboot
recovery_toybox_binary := $(call intermediates-dir-for,EXECUTABLES,rtoybox)/rtoybox
recovery_toybox_tools := \
youtools(ex. cat) \

recovery_toybox_symlinks := $(addprefix $(TARGET_RECOVERY_ROOT_OUT)/sbin/,$(recovery_toybox_tools))


define build-recoveryimage-target
  @echo ----- Making recovery image ------

  $(hide) rm -rf $(TARGET_RECOVERY_ROOT_OUT)/res/*
  $(hide) cp -f $(recovery_ash_binary) $(TARGET_RECOVERY_ROOT_OUT)/sbin/
  $(hide) cp -f $(recovery_reboot_binary) $(TARGET_RECOVERY_ROOT_OUT)/sbin/reboot
  $(hide) cp -f $(recovery_toybox_binary) $(TARGET_RECOVERY_ROOT_OUT)/sbin/
  $(hide) $(foreach t,$(recovery_toybox_symlinks),ln -sf rtoybox $(t);)

$(INSTALLED_RECOVERYIMAGE_TARGET): $(MKBOOTFS) $(MKBOOTIMG) $(MINIGZIP) \
$(INTERNAL_RECOVERYIMAGE_FILES) \
$(recovery_ash_binary) $(recovery_reboot_binary) $(recovery_toybox_binary) \

----------------------------------------------------------------------------------------------------
recovery/etc/init.rc
service console /sbin/ash
    class core
    console
    user root
    group root
    seclabel u:r:recovery:s0

on property:ro.debuggable=1
    start console

on property:service.adb.root=1
    start console






===========================================================

===========================================================
----------------------------------------------------------------------------------------------------






===========================================================

===========================================================
----------------------------------------------------------------------------------------------------

[Android] sepolicy

/external/sepolicy/file_contexts

add :
/system/bin/abc  u:object_r:abc_exec:s0

you can add
/external/sepolicy/abc.te

in abc.te
type abc, domain;
type abc_exec, exec_type, file_type;
init_daemon_domain(abc);