Android INJECT_EVENTS permission

FoamyGuy picture FoamyGuy · Mar 21, 2011 · Viewed 59.3k times · Source

I am trying to create an application that will have a service running in the background that will be capable of injecting touch screen events into whatever activity is running. I am able to inject events into an Activity that is part of my application by calling Instrumentation.sendPointerSync(motionEvent); However if I try to do this without an activity from my application running I get a permission error saying that I don't have the INJECT_EVENTS permission. I've added this permission to my manifest like this: <uses-permission android:name="android.permission.INJECT_EVENTS"></uses-permission> Its still throwing the same permission exception though. After a bit of searching I've gotten the answer that in order to receive the INJECT_EVENTS permission your app must be signed by the same signature that the system is signed with. I am unclear however what exactly this means. I am going to have to find a custom rom build it and sign it with the same signature that the application is signed with. Then install the custom rom on my device, then install my app and I'll be able to inject the touch events correctly? If this is the case am I better off starting with a custom rom that is already put together, like one from this page Or is it a situation where I am going to need to grab a git copy of the android project and build the whole thing myslef? And either way does anyone know of a place you could point me that would get me working in the right direction to make this happen?

Answer

Brent Faust picture Brent Faust · Apr 7, 2014

To inject events into a separate process, it is required to both install your app into /system/app and sign your APK with the system certificate.

1. Add permission to the app manifest

<uses-permission android:name="android.permission.INJECT_EVENTS"/>

2. Sign your APK with the system certificate

This requires that you have the AOSP source in order to build a keystore with the google keys used to build the system running on the phone.

Given you have an AOSP directory, @Eli does an excellent job of showing how to build the keystore using a nice script called 'keytool-importkeypair'

Using IntelliJ as an example, choose Generate Signed APK.. from the Build menu. Locate the keystore created above, type in the password given (e.g., android), give the key the same password, if desired. Note that the signed apk is written to the project root (!) not to the typical location (./out/production//).

3. Install into /system/app/

adb root
adb remount
adb push MyApp.apk /system/app

The 'installation' happens automatically. Note, however, that unlike the normal app installation process, any native libraries in your APK are not copied into /system/lib/. You will need to do that manually, if you are using the NDK to build and call your own native libraries.