About Android Device Manager-devicepolicymanager (i)

Source: Internet
Author: User
Tags xml parser

    There is a Device manager in the security of Andorid, I believe most of the Android users will not pay attention to this thing, recently after installing an application found that the inside of the things changed, how to do, research research look. </span>

Old ideas, from the most obvious clues to start analysis, "Device Manager" These words is the best clue, in the setting package search, a lot of multi-language words of the string, this is not what I am looking for, I am looking for who is using this string, in a layout file found:


        <preference android:title= "@string/manage_device_admin"                    android:summary= "@string/manage_device_admin_ Summary "                    android:persistent=" false "                    android:fragment=" Com.android.settings.DeviceAdminSettings "/>
That will be specific to see deviceadminsettings this fragment. This is a more formal fragment, it is easy to understand, the key in which the updatelist this function:

    void Updatelist () {mactiveadmins.clear ();        List<componentname> cur = mdpm.getactiveadmins ();            if (cur! = null) {for (int i=0; i<cur.size (); i++) {Mactiveadmins.add (Cur.get (i));        }} mavailableadmins.clear (); list<resolveinfo> avail = getactivity (). Getpackagemanager (). Querybroadcastreceivers (New Intent (Devic eadminreceiver.action_device_admin_enabled), Packagemanager.get_meta_data |        packagemanager.get_disabled_until_used_components);        if (avail = = null) {avail = Collections.emptylist ();        }//Some admins listed in Mactiveadmins if not has been found by the above query.        We thus add them separately.        set<componentname> activeadminsnotinavail = new hashset<componentname> (mactiveadmins); for (ResolveInfo ri:avail) {componentname ricomponentname = new ComponentName (rI.activityinfo.packagename, Ri.activityInfo.name);        Activeadminsnotinavail.remove (Ricomponentname);            } if (!activeadminsnotinavail.isempty ()) {avail = new arraylist<resolveinfo> (avail);            Packagemanager Packagemanager = getactivity (). Getpackagemanager (); for (ComponentName unlistedactiveadmin:activeadminsnotinavail) {list<resolveinfo> resolved = Packa                        Gemanager.querybroadcastreceivers (New Intent (). SetComponent (Unlistedactiveadmin), Packagemanager.get_meta_data |                packagemanager.get_disabled_until_used_components);                if (resolved! = null) {Avail.addall (resolved); }}} for (int i = 0, count = avail.size (); I < count; i++) {ResolveInfo ri = Avai            L.get (i); try {deviceadmininfo dpi = new Deviceadmininfo (getactivity (), Ri);                if (dpi.isvisible () | | mactiveadmins.contains (dpi.getcomponent ())) {Mavailableadmins.add (DPI);             }} catch (Xmlpullparserexception e) {LOG.W (TAG, "skipping" + Ri.activityinfo, E);             } catch (IOException e) {LOG.W (TAG, "skipping" + Ri.activityinfo, E);    }} getlistview (). Setadapter (New Policylistadapter ()); }
The function itself is not complex, but it still doesn't see what the so-called Device Manager is. Here the clues need to be carefully analyzed, there seems to be two of the list:

An active list and a list of available, OK. And what you see on the UI is exactly the same. Then you can explain that each item in the list should be a so-called Device Manager, and the difference between the two lists is whether it is active.

Then look at the list of active, how it came about:

        Mactiveadmins.clear ();        List<componentname> cur = mdpm.getactiveadmins ();        if (cur! = null) {for            (int i=0; i<cur.size (); i++) {                Mactiveadmins.add (Cur.get (i));}        }
OK, get from MDPM, MDPM is Devicepolicymanager object. See here to vomit trough, Android framework in the Xxxmanager basically will be corresponding to a xxxservice, are through the typical aidl to achieve inter-process communication. Here is also good to be expected:

    /**     * Return A list of all currently active device Administrator ' s component     * names.  Note that if there is no administrators than null may be     * returned.     */Public    list<componentname> Getactiveadmins () {        if (mservice! = null) {            try {                return Mservice.getactiveadmins (Userhandle.myuserid ());            } catch (RemoteException e) {                LOG.W (TAG, "Failed talking with device policy service", e);            }        }        return null;    }

Mservice is bound to be the object of Idevicepolicymanager, to find concrete implementation is sure to find concrete service,devicepolicymanagerservice.

    Public list<componentname> getactiveadmins (int userhandle) {        enforcecrossuserpermission (userHandle);        Synchronized (this) {            devicepolicydata policy = getuserdata (userhandle);            Final int N = Policy.mAdminList.size ();            if (N <= 0) {                return null;            }            arraylist<componentname> res = new arraylist<componentname> (N);            for (int i=0; i<n; i++) {                Res.add (Policy.mAdminList.get (i). Info.getcomponent ());            }            return res;        }    }
First see enforcecrossuserpermission This should be required permission, a lot of service methods will first check permissions, this is a reflection of the Android security mechanism, not much to say this. Look at the logic is relatively simple, from the local list inside copied a copy to return.

See here, still do not know what this thing is, but at least know that he is in a list of the form of the service inside, then see how to add the list bar.

Two places were found in this file. Add: One in Setactiveadmin, consistent in loadsettingslocked

The most setactiveadmin found that he is a hide the excuse exists in the manager class, it seems that the third should not be transferred to, then see Loadsettingslocked Bar. Can not see this function in the XML parser, then probably guessed that there should be an XML file exists.

    private static Journaledfile makejournaledfile (int userhandle) {        final String base = Userhandle = = 0                ? "/data/system/" + device_policies_xml                : New File (Environment.getusersystemdirectory (userhandle), DEVICE_ Policies_xml)                        . GetAbsolutePath ();        return new Journaledfile (base), new file (base + ". tmp"));    }
Look at this function and you'll probably find it. /data/system under Device_policies.xml specifically don't look at this XML content, we are concerned about who went back to write this file? With him on a savesettingslocked, tracing it can be found in the handlepackageschanged inside the call, others have a lot of calls, but does not look like.

Can be found when the package changes when the call to, before you see the new application installed after the page changes, this phenomenon is also consistent.

The phenomenon is explained through, but still do not understand, what it is to use. Let's analyze it next.

About Android Device Manager-devicepolicymanager (i)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.