Android INJECT_EVENTS permission

Question

I am trying to create an application that will have a service running in the background that will be capable of injecting touch screen events into whatever activity is running. I am able to inject events into an Activity that is part of my application by calling Instrumentation.sendPointerSync(motionEvent); However if I try to do this without an activity from my application running I get a permission error saying that I don't have the INJECT_EVENTS permission. I've added this permission to my manifest like this: <uses-permission android:name="android.permission.INJECT_EVENTS"></uses-permission> Its still throwing the same permission exception though. After a bit of searching I've gotten the answer that in order to receive the INJECT_EVENTS permission your app must be signed by the same signature that the system is signed with. I am unclear however what exactly this means. I am going to have to find a custom rom build it and sign it with the same signature that the application is signed with. Then install the custom rom on my device, then install my app and I'll be able to inject the touch events correctly? If this is the case am I better off starting with a custom rom that is already put together, like one from this page Or is it a situation where I am going to need to grab a git copy of the android project and build the whole thing myslef? And either way does anyone know of a place you could point me that would get me working in the right direction to make this happen?

Answer 1

To inject events into a separate process, it is required to both install your app into /system/app and sign your APK with the system certificate.

1. Add permission to the app manifest

<uses-permission android:name="android.permission.INJECT_EVENTS"/> 

2. Sign your APK with the system certificate

This requires that you have the AOSP source in order to build a keystore with the google keys used to build the system running on the phone.

Given you have an AOSP directory, @Eli does an excellent job of showing how to build the keystore using a nice script called 'keytool-importkeypair'

Using IntelliJ as an example, choose Generate Signed APK.. from the Build menu. Locate the keystore created above, type in the password given (e.g., android), give the key the same password, if desired. Note that the signed apk is written to the project root (!) not to the typical location (./out/production//).

3. Install into /system/app/

adb root adb remount adb push MyApp.apk /system/app 

The 'installation' happens automatically. Note, however, that unlike the normal app installation process, any native libraries in your APK are not copied into /system/lib/. You will need to do that manually, if you are using the NDK to build and call your own native libraries.

Answer 2

Actually, this is pretty simple on a rooted device. I think any app that is running off /system will get access to whatever permissions it requires. So simply manually install your App to /system (as described here http://androidforums.com/droid-all-things-root/64603-installing-apk-system-app-directory.html ):

Execute the following commands in the terminal emulator to remount the /system directory as read/write and to install the application into the /system/app directory from the SDCARD:

su mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system cp /sdcard/APP.apk /system/app 

If you prefer to use adb from your computer, execute these commands:

adb remount adb shell cp /sdcard/APP.apk /system/app 

Several users have utilized root explorer from the Google marketplace to simplify this process.

---

Alternatively, check this out: How to compile Android Application with system permissions