Mobile Security for Android can not do without the learning process load analysis, including Android virtual machine, packing Android, start the process and so on ...
This article on some of the basic load of Android learn.
Android virtual machine
Android development is in contact with the Java virtual machine similar to Dalvik virtual machine and virtual machine ART
Dalvik virtual machine
What is the Dalvik virtual machine
Dalvik virtual machine referred to as the Dalvik VM or DVM, is the Google Android platform developed specifically for the virtual machine, which runs on Android runtime, DVM should be noted that not a Java Virtual Machine (Jvm virtual machine)
The difference between the JVM virtual machine DVM
1. Based on different architectures
Jvm based stack, the stack need to read and write data, the instruction will be required more, this will lead to slow, limited performance for mobile devices, is obviously not very suitable.
DVM register-based, it does not stack-based virtual machine used in the copy of the data out of a large number of stack instruction, while a more compact and more simple instruction. However, since the display is specified operands, so based on an instruction register is larger than the stack-based instruction, but due to the reduced number of instructions, the total number of codes is not increased much.
2. Perform different bytecode
JVM Java virtual machine code for execution of the process from writing to:
1) write Java code
2) All the Java code by the Java compiler (the javac) compiled java byte code, i.e. .class files
After. 3) Java byte code is interpreted into machine language in the Java virtual machine program execution
DVM virtual machine process from writing Java code to perform:
1) write Java code
2) All the Java code by the Java compiler (the javac) compiled java byte code, i.e. .class files
3) Java byte code into bytecode Dalvik Android tool of dx, i.e., the file .dex
. 4) Dalvik byte code runs on a virtual machine Dalvik
Comparison file structure of FIG.
ART Virtual Machine
ART virtual machine is Android4.4 released, to replace Dalvik virtual machine, Android 4.4 defaults or DVM, but the system will provide an option to turn on ART. 5.0 when Android, the default use of ART.
The difference between ART and virtual machine DVM
1.DVM virtual machine each time you run the application, the need to convert bytecode into machine code by the time compilers, operating efficiency will reduce this application, and in ART, the system will be applied when installing a precompiled , pre-compiled bytecode into machine code and stored locally, so that the application does not need to compile each run, to enhance the operating efficiency.
2.ART since the pre-compiled bytecode into machine code stored locally, the virtual machine ART space larger than Dalvik.
Apk packaging process
Android build system to compile application resources and source code, and then package them to be testing, deployment, APK signed and distributed.
Generally, when using Android Studio developers use Gradle build toolkit to automate and manage the process of building, but also the flexibility to custom build configuration.
Before looking at the Android packing process, review the contents of a package apk, you can know which files inside it are:
| File or directory | Explanation |
|---|---|
| assets folder | Static files to be stored need to be packaged in the APK |
| lib folder | Store application-dependent native libraries |
| META-INF folder | 1. stored under the directory signature information is used to ensure the security and integrity of the system apk package 2.CERT.RSA the file contains signatures and public key certificate 3.CERT.SF this is SHA1 hash of the first three lines of each file 4.MANIFEST.MF version number, and the hash value (BASE64) for each file, including the resource file. This is SHA1 (hash) for the whole of each file. |
| res folder | Storage directory resource files (images, text, xml layout) |
| AndroidManifest.xml | A manifest file that describes the application name, version, permission, registration and other information services. |
| classes.dex | After java source compiler compiles the generated dalvik bytecode files, the main part of the main code is run on a virtual machine Dalvik |
| resources.arsc | It used to record the mapping relationship between resource files and resource ID, used to find the resources according to the resource ID |
Apk know the contents of the package, it will be better understood Android packing process:
First look at the tools used in the various steps (green box):
| name | Features | Path in the operating system |
|---|---|---|
| aapt | Android Resource packaging tools, and generate R.java and resources.arsc file | ${ANDROID_SDK_HOME}/platform-tools/appt |
| aidl | Android接口描述语言.aidl文件转化为.java文件的工具 | ${ANDROID_SDK_HOME}/platform-tools/aidl |
| javac | Java Compiler(编译器)将R.java、AIDL接口生成的java文件、应用代码java文件编译成.class文件。 |
${JDK_HOME}/javac或/usr/bin/javac |
| dex | 转化.class文件为Davik VM能识别的.dex文件 | ${ANDROID_SDK_HOME}/platform-tools/dx |
| apkbuilder | 将资源文件和.dex文件生成未签名的.apk文件 |
${ANDROID_SDK_HOME}/tools/opkbuilder |
| jarsigner | .jar文件的签名工具 | ${JDK_HOME}/jarsigner或/usr/bin/jarsigner |
| zipalign | 字节码对齐工具 |
${ANDROID_SDK_HOME}/tools/zipalign |
整个apk打包流程为:
- 通过aapt工具进行资源文件(包括AndroidManifest.xml、布局文件、各种xml资源等)的打包,生成R.java文件。
- 通过aidl工具处理AIDL文件,生成相应的Java文件。
- 通过Javac工具编译项目源码,生成Class文件。
- 通过dx工具将所有的Class文件转换成DEX文件,该过程主要完成Java字节码转换成Dalvik字节码,压缩常量池以及清除冗余信息等工作。
- 通过apkbuilder工具将资源文件、DEX文件打包生成APK文件。
- 利用jarsigner对生成的APK文件进行签名。
- 如果是正式版的APK,还会利用ZipAlign工具进行对齐处理,对齐的过程就是将APK文件中所有的资源文件举例文件的起始距离都偏移4字节的整数倍,这样通过内存映射访问APK文件的速度会更快。
-------------------------------------------------------------------
具体每一步打包流程为:
1. aapt阶段:
使用aapt来打包res资源文件,生成R.java、resources.arsc和res文件(二进制 & 非二进制如res/raw和pic保持原样)
- res目录,有9种子目录
- R.java文件。里面拥有很多个静态内部类,比如layout,string等。每当有这种资源添加时,就在R.java文件中添加一条静态内部类里的静态常量类成员,且所有成员都是int类型。
- resources.arsc文件。这个文件记录了所有的应用程序资源目录的信息,包括每一个资源名称、类型、值、ID以及所配置的维度信息。我们可以将这个文件想象成是一个资源索引表,这个资源索引表在给定资源ID和设备配置信息的情况下,能够在应用程序的资源目录中快速地找到最匹配的资源。
2. aidl阶段:
AIDL,Android接口定义语言,Android提供的IPC的一种独特实现。这个阶段处理.aidl文件,生成对应的Java接口文件。
3. Java Compiler阶段:
通过Java Compiler编译R.java、Java接口文件、Java源文件,生成.class文件。
4. dex阶段:
通过dex命令,将.class文件和第三方库中的.class文件处理生成classes.dex。
5. apkbuilder阶段:
将 classes.dex,resources.arsc,res文件夹(res/raw资源被原装不动地打包进APK之外,其它的资源都会被编译或者处理)、Other Resources(assets文件夹),AndroidManifest.xml打包成apk文件。
6. Jarsigner阶段
对apk进行签名,可以进行Debug和Release 签名。
7. zipalign阶段
release mode 下使用 aipalign 进行align,即对签名后的apk进行对齐处理。
Zipalign是一个android平台上整理APK文件的工具,它对apk中未压缩的数据进行4字节对齐,对齐后就可以使用mmap函数读取文件,可以像读取内存一样对普通文件进行操作。如果没有4字节对齐,就必须显式的读取,这样比较缓慢并且会耗费额外的内存。
在 Android SDK 中包含一个名为 zipalign 的工具,它能够对打包后的 app 进行优化。 其位于 SDK 的 \build-tools\23.0.2\zipalign.exe 目录下
Android启动流程
这里不再多说,推一下大佬博客:
https://www.jianshu.com/p/9f978d57c683
讲的很详细