How to modify the system time in Android (the application obtains system permissions)

Systemclock is provided in the android API. setcurrenttimemillis () function to modify the system time. Unfortunately, no matter how you call this function, it is useless. No matter whether it is a simulator or a real machine, you will always get "unable to open alarm driver" in logcat: permission denied ". this function can be used only after the root permission or running and system processes.

I thought there was no way to change the system at the application layer for a long time. Later I searched the internet for a long time and knew that this goal could still be achieved.

The first method is simple, but it needs to be compiled using make in the environment of the Android system source code:
1. Add the Android: shareduserid = "android. uid. System" attribute to the manifest node in androidmanifest. xml of the application.
2. Modify the Android. mk file and add local_certificate: = platform.
3. Use the MM command to compile the generated APK and you will have the permission to modify the system time.

The second method is troublesome, but you do not need to run the virtual machine to the source code environment and use make to compile it:
1. Similarly, add the Android: shareduserid = "android. uid. System" attribute.
2. Compile the APK file using eclipse, but this APK file cannot be used.
3. Open the APK file with the compression software, and delete the CERT. SF and cert. RSA files under the META-INF directory.
4. Use the platform key of the target system to re-sign the APK file. This step is troublesome. First, find the key file. The location in my android source code directory is "build/target/product/security", and the following two files are platform. pk8 and platform. x509.pem. Then, use the signapk tool provided by Android to sign it. The source code of signapk is under "build/tools/signapk" and its usage is "signapk platform. x509.pem platform. pk8 input.apk output.apk ", it is best to use an absolute path for the file name to prevent it from being found. You can also modify the source code to use it directly.

In this way, the final APK is the same as the first method.

The following explains the principle. First, add the Android: shareduserid = "android. uid. System" attribute. With the shared user ID, multiple APK with the same user ID can be configured to run in the same process. Then, assign the UID of the program to Android. uid. system, that is, to allow the program to run in the system process, so that you have the permission to modify the system time.

It is not enough to add the UID. If the APK cannot be installed at this time, the system prompts that the signature is inconsistent because the program wants to run in the system process and the platform key of the target system is required, the platform mentioned in the second method above. pk8 and platform. x509.pem files. The APK can be put into the system process only after the two keys are signed. Adding local_certificate: = platform to the first method is actually using the two keys for signature.

There is also a problem, that is, the program generated in this way can only be used in the original Android system or a self-compiled system, because such a system can get the platform. pk8 and platform. x509.pem files. If other companies do not even install Android. Try the original Android key for signature. The program runs OK on the simulator, but the prompt "package... has no signatures that match those in shared user android. UID. system ", which also protects the system security.

Finally, the Android: shareduserid attribute can not only put the apk in the system process, but also configure multiple APK to run in one process to share data, it should be very useful.

 

After signapk compilation is complete, in the android directory/out/host/linux-x86/framework/signapk. Jar
Usage: Java-jar signapk. Jar platform. x509.pem platform. pk8 test.apk test_signed.apk

Practice has proved that the second method does not need to delete the CERT. SF and cert. RSA files under the META-INF directory, just signapk.

 

Http://blog.csdn.net/liujian885/archive/2010/03/22/5404834.aspx