CN105975333B - The method and device of application program operation control - Google Patents
The method and device of application program operation control Download PDFInfo
- Publication number
- CN105975333B CN105975333B CN201510993178.5A CN201510993178A CN105975333B CN 105975333 B CN105975333 B CN 105975333B CN 201510993178 A CN201510993178 A CN 201510993178A CN 105975333 B CN105975333 B CN 105975333B
- Authority
- CN
- China
- Prior art keywords
- resource
- application
- destination application
- program
- native applications
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2209/00—Indexing scheme relating to G06F9/00
- G06F2209/48—Indexing scheme relating to G06F9/48
- G06F2209/482—Application
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
The present invention provides a kind of methods of application program operation control, it include: that the installation kit that resource is attached to as host application for having identical packet name with host application is called in reflection, to load the destination application that the installation kit is realized, wherein, the required resource of the required resource Yu native applications program of destination application corresponds;It is monitored by active process of the Hook Function to destination application;When monitoring the call instruction to the active process of destination application by Hook Function, the required resource with the one-to-one native applications program of required resource of destination application is called.The present invention also provides a kind of devices of application program operation control.By the related resource of performance objective application program, the identical implementing result of related resource with execution native applications program can be realized;And destination application operates in the sandbox constructed by host application, installation and operation activity are not perceived by system.
Description
Technical field
The present invention relates to field of computer technology, specifically, the present invention relates to a kind of sides of application program operation control
Method and a kind of device of application program operation control.
Background technique
With the development of the times, various terminal equipment has become essential tool in for people's lives, and various functions are strong
Big terminal operating system and end application continues to bring out, and brings more convenient and fast experience for user.In the prior art,
Application program only uniquely form can be installed and be run in the system environments of terminal device, i.e., for a kind of instant messaging class
Application program, can only install in a terminal device and run the instant messaging class application program, and user only can be with
It is logged in by unique account and relevant operation is executed to it.But popularizing with instant messaging class application program, increasingly
More users wishes to log in a kind of instant messaging class application program by multiple accounts in a terminal device to realize to not
With the differentiation management and exchange of friend information.In the prior art, have through multiple domain accounts between different operating system
Switching is to realize the solution for logging in a kind of instant messaging class application program by multiple accounts in a terminal device.But
It is that the program is needed the permission of highest system level and just may be implemented based on multiple operating system, and does not have universality.
In the prior art, sandbox is a kind of performing environment according to security strategy limiting program behavior, extensively at present
It is practically applicable in various operating systems.By taking Android as an example, some application programs are needed for realization application program inherent function
Except purpose, especially commercial object, random application system permission obtains privacy of user data, executes network access, keeps
Device activity, transmission short message behavior etc..It is light then may cause privacy of user leaking data or occupying system resources, it is heavy then can
Malice deduct fees, product placement, consume rate, fraud is inveigled etc. can be passed through, user is made to suffer a loss.Therefore, pass through sandbox technology
The performing environment of offer is managed by resource, permission of the sandbox to system, application program is allowed to run in the sandbox, application
The access of program is first examined through sandbox by security strategy, forms a kind of isolation operation effect relative to system itself as a result,
Fruit can be effectively protected the safety of system.For security strategy used in sandbox, a variety of different operating systems are adapted to
There is different details to consider, the basic knowledge that these related technologies are realized is grasped by those skilled in the art, without superfluous
It states.
Therefore, it is necessary to a kind of solutions run by sandbox technology come performance objective application program, so that running on
Destination application can realize the repertoire and respective service of native applications program in sandbox.
Summary of the invention
To overcome above-mentioned technical problem or at least being partially solved above-mentioned technical problem, spy proposes following technical scheme:
The embodiment of the present invention proposes a kind of method of application program operation control, comprising:
The installation kit that resource is attached to as host application for having identical packet name with host application is called in reflection,
To load the destination application that the installation kit is realized, wherein the required resource and native applications of the destination application
The affiliated resource of program corresponds;
It is monitored by active process of the Hook Function to the destination application;
When monitoring the call instruction to the active process of destination application by Hook Function, call and the mesh
Mark the affiliated resource of the affiliated resource native applications program correspondingly of application program.
Preferably, the step of loading the destination application that the installation kit is realized, comprising:
By the host application, to establish the required resource and native applications program of the destination application
The one-to-one relationship of required resource.
Preferably, establish the required resource of the destination application and the required resource of native applications program one is a pair of
It should be related to, specifically include:
The installation kit is parsed to determine the resource name of the affiliated resource of destination application;
According to the resource name of the affiliated resource of destination application, load and the required resource one of native applications program are a pair of
The resource answered.
Preferably, the destination application includes reserved extension, for the extension with the native applications program
Resource matches.
Preferably, this method further include: detect the more new demand servicing of the native applications program, be based on the target application
The reserved extension of program updates the required resource of the destination application.
Wherein, the corresponding text in the resource file and/or dynamic library file to the installation kit of the host application
Part is identical.
Preferably, this method further include:
By executing the required resource of the destination application, to realize and execute belonging to the native applications program
The identical implementing result of resource.
Wherein, the affiliated resource of the destination application, including following at least any one:
ActivityManagerService resource;
PackageManagerService resource;
Activity component;
Service component;
Broadcast Receiver component;
Content Provider component.
Another embodiment of the present invention proposes a kind of device of application program operation control, comprising:
Loading module is attached to for reflecting to call with the conduct host application that host application has identical packet name
The installation kit of resource, to load the destination application that the installation kit is realized, wherein the required money of the destination application
The required resource of source and native applications program corresponds;
Monitoring module, for being monitored by active process of the Hook Function to the destination application;
Calling module, for working as the call instruction monitored by Hook Function to the active process of destination application
When, call the required resource with the required resource of the destination application native applications program correspondingly.
Preferably, the loading module includes:
Establish unit, for by the host application, come establish the destination application required resource and
The one-to-one relationship of the required resource of native applications program.
Preferably, the unit of establishing specifically includes:
Parsing subunit determines the resource name of the required resource of destination application for parsing the installation kit;
Subelement is loaded, for the resource name according to the required resource of destination application, load and native applications program
The one-to-one resource of required resource.
Preferably, the destination application includes reserved extension, for the extension with the native applications program
Resource matches.
Preferably, the device further include:
Update module, for detecting the more new demand servicing of the native applications program, based on the destination application
Reserved extension updates the required resource of the destination application.
Wherein, the corresponding text in the resource file and/or dynamic library file to the installation kit of the host application
Part is identical.
Preferably, further includes:
Realize module, it is described primary to realize and execute for the required resource by executing the destination application
The identical implementing result of required resource of application program.
Wherein, the required resource of the destination application, including following at least any one:
ActivityManagerService resource;
PackageManagerService resource;
Activity component;
Service component;
Broadcast Receiver component;
Content Provider component.
In the embodiment of the present invention, mesh of the load with host application with identical packet name is removed by reflection call-by mechanism
Mark application program, due to host application packet name having the same, in android system, can make movable component and
Serviced component establish with the normal communication of ActivityManagerService, and movable component, serviced component and wide can be made
Component etc. is broadcast, is smoothly identified by PackageManagerService, is reduced different in relation to the operation of shell adding application program in the prior art
Normal error rate;Since host application and destination application have used identical packet name, it is not necessary to for what is called by reflection
The various components (Activity, Service, Broadcast Receiver and Content Provider) of destination application
Individually construction principal function entrance (ActivityThread.main), need not also consider bring due to packet name
The program implementation complexity problem of PackageManagerService verification, to greatly improve program operational efficiency;Pass through place
The communication between the destination application of former installation kit and sandbox running environment is set up in primary application program, so that target application
The active procedure of program can be monitored further by sandbox running environment, to be applicable in it security strategy, and by host
The required resource of required resource and native applications program that destination application is established in application program corresponds, can be in host
Pass through the required corresponding resource of Hook Function invocation target application program in application program, it is ensured that destination application can be by place
Primary application program normal load simultaneously keeps being safely operated, and realizes destination application and be totally independent of native applications program.
In the present invention, by the related resource of performance objective application program, it can be realized and execute native applications program
The identical implementing result of related resource;And destination application operates in the sandbox constructed by host application,
It is installed and operation activity is not perceived by system, so as to solve in the prior art to answer a kind of instant messaging class
With program, the instant messaging class application program can be only installed and run in a terminal device, meanwhile, user only may be used
Bottleneck of relevant operation is logged in and executed to it by unique account.User is realized to wish to lead in a terminal device
It crosses multiple accounts and logs in a kind of reality that instant messaging class application program is managed and exchanged with the differentiation realized to different friend informations
Border application purpose.
The additional aspect of the present invention and advantage will be set forth in part in the description, these will become from the following description
Obviously, or practice through the invention is recognized.
Detailed description of the invention
Above-mentioned and/or additional aspect and advantage of the invention will become from the following description of the accompanying drawings of embodiments
Obviously and it is readily appreciated that, in which:
Fig. 1 is the flow chart of the method for the application program operation control of one embodiment in the present invention;
Fig. 2 is the structural schematic diagram of the device of the application program operation control of another embodiment in the present invention.
Specific embodiment
The embodiment of the present invention is described below in detail, examples of the embodiments are shown in the accompanying drawings, wherein from beginning to end
Same or similar label indicates same or similar element or element with the same or similar functions.Below with reference to attached
The embodiment of figure description is exemplary, and for explaining only the invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singular " one " used herein, " one
It is a ", " described " and "the" may also comprise plural form.It is to be further understood that being arranged used in specification of the invention
Diction " comprising " refer to that there are the feature, integer, step, operation, element and/or component, but it is not excluded that in the presence of or addition
Other one or more features, integer, step, operation, element, component and/or their group.It should be understood that when we claim member
Part is " connected " or when " coupled " to another element, it can be directly connected or coupled to other elements, or there may also be
Intermediary element.In addition, " connection " used herein or " coupling " may include being wirelessly connected or wirelessly coupling.It is used herein to arrange
Diction "and/or" includes one or more associated wholes for listing item or any cell and all combinations.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art
Language and scientific term), there is meaning identical with the general understanding of those of ordinary skill in fields of the present invention.Should also
Understand, those terms such as defined in the general dictionary, it should be understood that have in the context of the prior art
The consistent meaning of meaning, and unless idealization or meaning too formal otherwise will not be used by specific definitions as here
To explain.
The application scenarios that a kind of application program progress control method and device that will be described below the present invention are implemented are
The running environment based on Android operation system of installation on mobile terminals.
Those skilled in the art should know, the present invention is proposed power and proposes based on exempting from Root, however, proposing power operation
It is the rights management control that android system is implemented, the present invention is also suitable for the Android behaviour that Root proposes power of course
Make in system.
The present invention be proposed based on sandbox principle, so, those skilled in the art are able to combine well known sandbox real
Show principle to understand implementation of the invention.The effect of sandbox is to provide the running environment of relative closure for destination application,
Access application program to the resource of system, by the application of sandbox security strategy, and as defined in being limited within the scope of.Cause
And essence of the invention is that provide a kind of sandbox example, it is realized in terms of two, first aspect is to provide construction target and answers
With the solution of program, second aspect, which is to provide, corresponding with the former runs control program.The two aspects can be integrated
Realize in software to sandbox, destination application processed using the realization of its first aspect, so using its
The realization of two aspects, safe sandbox running environment is provided for destination application.
In view of this, the method for application program operation control of the invention, major embodiment sandbox example in a first aspect, with
The destination application of corresponding sandbox running environment is adapted in processing.
Fig. 1 is the flow chart of the method for the application program operation control of one embodiment in the present invention.
Wherein, in the embodiment of invention, destination application is the application program that present invention needs are realized, the mesh of realization
The repertoire that mark application program needs to have native applications program, is capable of providing and the identical clothes of native applications program
Business.Host application is to realize the shell adding application program of destination application, completes target application by host application
The installation and operation of program.
Step S110: reflection, which is called, with host application there is the conduct host application of identical packet name to be attached to resource
Installation kit, to load the destination application that the installation kit is realized, wherein the required resource of destination application with it is primary
The required resource of application program corresponds;Step S120: it is carried out by active process of the Hook Function to destination application
Monitoring;Step S130: when monitoring the call instruction to the active process of destination application by Hook Function, call with
The required resource of the one-to-one native applications program of the required resource of destination application.
In the embodiment of the present invention, mesh of the load with host application with identical packet name is removed by reflection call-by mechanism
Mark application program, due to host application packet name having the same, in android system, can make movable component and
Serviced component establish with the normal communication of ActivityManagerService, and movable component, serviced component and wide can be made
Component etc. is broadcast, is smoothly identified by PackageManagerService, is reduced different in relation to the operation of shell adding application program in the prior art
Normal error rate;Since host application and destination application have used identical packet name, it is not necessary to for what is called by reflection
The various components (Activity, Service, BroadcastReceiver and Content Provider) of destination application
Individually construction principal function entrance (ActivityThread.main), need not also consider bring due to packet name
The program implementation complexity problem of PackageManagerService verification, to greatly improve program operational efficiency;Pass through place
The communication between the destination application of former installation kit and sandbox running environment is set up in primary application program, so that target application
The active procedure of program can be monitored further by sandbox running environment, to be applicable in it security strategy, and by host
The required resource of required resource and native applications program that destination application is established in application program corresponds, can be in host
Pass through the required corresponding resource of Hook Function invocation target application program in application program, it is ensured that destination application can be by place
Primary application program normal load simultaneously keeps being safely operated, and realizes destination application and be totally independent of native applications program.
In the present invention, by the related resource of performance objective application program, it can be realized and execute native applications program
The identical implementing result of related resource;And destination application operates in the sandbox constructed by host application,
It is installed and operation activity is not perceived by system, so as to solve in the prior art to answer a kind of instant messaging class
With program, the instant messaging class application program can be only installed and run in a terminal device, meanwhile, user only may be used
Bottleneck of relevant operation is logged in and executed to it by unique account.User is realized to wish to lead in a terminal device
It crosses multiple accounts and logs in a kind of reality that instant messaging class application program is managed and exchanged with the differentiation realized to different friend informations
Border application purpose.
Step S110: reflection, which is called, with host application there is the conduct host application of identical packet name to be attached to resource
Installation kit, to load the destination application that the installation kit is realized, wherein the required resource of destination application with it is primary
The required resource of application program corresponds.
Wherein, the required resource of destination application, including but not limited to:
ActivityManagerService resource;
PackageManagerService resource;
Activity component;
Service component;
Broadcast Receiver component;
Content Provider component.
Wherein, the resource file and/or dynamic library file of host application are identical as the corresponding document in installation kit.
Specifically, called by reflection mechanism has the conduct host application of identical packet name attached with host application
Installation kit with resource then loads the destination application that the installation kit is realized, and will be complete needed for destination application
Required whole resources of portion's resource and native applications program correspond.
Android operation system has it to be different from the principle of other operating systems, and Android provides four big groups for developer
Part refers specifically to the components such as Activity, Service, Broadcast Receiver and Content Provider.
Android application program is supplied to user in the form of APK installation kit and installs, and in APK installation kit, has for encapsulating reality
Show the classes.dex code file of the program code of various components and for various components used in Expression and Application program
The Androidmanifest.xml configuration file of the contents such as registration information and authority application information.Due to the peace of application program
Dress process is exactly the process of PackageManagerService (PMS) parsing Androidmanifest.xml file, and this hair
Bright middle application program installation kit is not installed on local, therefore is unable to get the correlation attribute information of application program, but only obtain
Take such as Activity component, Service component, Broadcast Receiver component, ContentProvider component information
When, ActivityManagerService (AMS) could be passed through and operate normally application program.
Reflection mechanism used by the present embodiment can be Java reflection mechanism, and Java reflection mechanism is in operating status
In, for any one class, it can know all properties and method of this class;For any one object, can adjust
With its any one method;The function of this dynamic acquisition information and the method for dynamic call object is JAVA language
Reflection mechanism.
By reflection mechanism, the addAssetPath method in AssetManager is called, host application is installed
Resource in file is loaded into Resource, passes through the money in Resource object reference host application installation file
Source.Before obtaining host application installation file resource, first have to create DexClassLoader load by host program
Then host application installation kit creates the resource of AssetManager load host application installation file, finally leads to
Cross the resource that Resource object reads host application installation file.
Preferably, the step of loading the destination application that the installation kit is realized includes that step S111 (does not show in figure
Out).Step S111 (not shown): by host application, the required resource of Lai Jianli destination application with it is primary
The one-to-one relationship of the required resource of application program.
For example, the operating system of terminal device is android system, destination application App1 ', the target application journey
The repertoire and respective service of sequence native applications program App1 to be realized;In the host application of terminal device,
" App1 ' .apk " is the installation kit that host application is attached to resource, calls installation kit " App1 ' by Java reflection mechanism
.apk ", the destination application App1 ' that then load " App1 ' .apk " is realized, loads in host application
During " App1 ' .apk ", required whole resources of creation destination application App1 ' are such as
ActivityManagerService resource, PackageManagerService resource, Activity component, Service group
Part, Broadcast Receiver component and Content Provider component, wherein destination application App1's ' is required
Whole resources for example ActivityManagerService resource, PackageManagerService resource, Activity component,
Service component, Broadcast Receiver component and Content Provider component are corresponded and are identical to primary
The required whole resources for the App1 that application program is run in terminal device Android operation system are such as
ActivityManagerService resource, PackageManagerService resource, Activity component, Service group
Part, Broadcast Receiver component and Content Provider component.
Preferably, the one-to-one correspondence for establishing the required resource of destination application and the required resource of native applications program closes
The step of being specifically includes step S112 (not shown) and step S113 (not shown).Step S112: parsing installation
Wrap the resource name to determine the required resource of destination application;Step S113: according to the required resource of destination application
Resource name, the one-to-one resource of required resource of load and native applications program.
The means for parsing the former installation kit of application program, are well known to those skilled in the art.Installation kit APK file essence
On be using ZIP compress technique combination signature technology realization compressed package therefore on the one hand it can be discharged by decompression technique
On the other hand internal file can also obtain its internal file (its generation in this case by the tool software of Apktool etc
Code file can be reversed .smali file).Those skilled in the art can be given using these well-known techniques at one consummately
Determine to handle former installation kit in catalogue, to obtain inside therein by way of internal memory operation (non-file operation)
File.
Android application program in the process of running, be by one be known as AssetsManager resource manager come
Read the resource file being packaged in inside APK file.Each Activity component of application program is associated with one
ContextImpl object, this ContextImpl object are exactly the operation context environmental for describing Activity component
's.The member function init of this ContextImpl object is called to execute initialization Activity assembly operating context ring
The work in border, wherein just including Resources object and AssetsManager object that creation is used to access application resource
Work.Wherein, ContextImpl.init function is just defined on file f rameworks/base/core/java/
In android/app/ContextImpl.java.What the parameter packageInfo in ContextImpl.init function was directed toward
It is a loadedApk object, this loadedApk object factory is currently to start Apk belonging to component.With visiting
The Resources object for asking application resource is by being a loadedApk pointed by call parameters packageInfo
The member function getResources of object is created.It follows that Resources object can be created, to extract or access
Application resource.
For example, parsing installation kit " App1 ' .apk " to determine the resource of required whole resources of destination application App1 '
Name, such as ActivityManagerService, PackageManagerService, Activity, Service, Broadcast
Receiver and Content Provider then creates the required whole of native applications program App1 in host application
The one-to-one resource of resource for example ActivityManagerService resource, PackageManagerService resource,
Activity component, Service component, Broadcast Receiver component and Content Provider component.
Preferably, destination application includes reserved extension, for the extended resources phase with native applications program
Match.
Specifically, during destination application App1 ' is loaded in host application, while target application is loaded
The reserved extension of program App1 ', for matching with the extended resources of native applications program App1.
For example, during loading destination application App1 ' in host application, while loading target application journey
The reserved extension of sequence App1 ' such as increases the XML text of user interface layout when native applications program App1 updates
Part " layout.xml " can create the XML of corresponding user interface layout in the reserved extension of destination application App1 '
File " layout.xml ".
Step S120: it is monitored by active process of the Hook Function to destination application.
Need exist for supplement: term " hook " is covered for by intercepting the function transmitted between component software
It calls, message or event change or increase the technology of the behavior of operating system, application program or other software component.And locate
The code for managing this intercepted function call, event or message is thus referred to as hook hook function.Hook is commonly used in various
Target, including function debug and be extended to function.Its example may include being transmitted in keyboard or mouse event
They or hooking system service call (system call) are intercepted before application program or system function behavior, function execute
As a result etc., to monitor or modify the function etc. of application program or other assemblies.Hook hook function can be used in the present embodiment
Take over installation self checking operation required when application program operation.
As a sandbox example, run on destination application in sandbox running environment, monitoring objective application program
Active process be sandbox running environment core implementor, be responsible for realizing function: by monitoring objective application program
Access to resource makes destination application process can be realized the normal call to corresponding resource.For example, above-mentioned related to mesh
The calling that the resource of the installation kit of application program App1 ' carries out is marked, can be referred to by monitoring the specific specific calling for calling resource
It enables, is realized using Hook technology.It can will be in such a way that active process of the Hook Function to destination application be monitored
Service processes are registered as, with the call instruction of Hook Function associated objects application program App1 ' active process to realize to target
The activity monitoring of application program App1 '.
Step S130: it when monitoring the call instruction to the active process of destination application by Hook Function, adjusts
With the required resource with the one-to-one native applications program of the required resource of destination application.
For example, monitoring using entrance of the Hook Function to related call instruction, this call instruction is intercepted and captured, and obtain
The title for the resource for taking destination application App1 ' to access, as Hook Function gets the money of destination application App1 ' access
Source is ActivityManagerService, is subsequently diverted to execute corresponding Hook Function, by the Hook Function call with it is primary
The corresponding ActivityManagerService resource of application program.
In a preferred embodiment, this method further includes step S140 (not shown).Step S140: it detects primary
The more new demand servicing of application program, the required resource of the reserved extension more new target application based on destination application.
For example, when host application detects the more new demand servicing of native applications program App1, as wrapped in more new demand servicing
The XML file " layout.xml " for increasing user interface layout is included, is created in the reserved extension of destination application App1 '
The XML file " layout.xml " of corresponding user interface layout is built, realizes the corresponding update to destination application App1 '.
In a preferred embodiment, this method further includes S150 (not shown).Step S150: it is answered by performance objective
With the required resource of program, to realize implementing result identical with the required resource of native applications program is executed.
For example, passing through terminal device android system needed for executing native applications program App1
ActivityManagerService resource can activate starting native applications program App1, in host application, by holding
ActivityManagerService resource in host application needed for row destination application App1 ' can activate starting
Destination application App1 '.
In the preferred embodiment, by the related resource of performance objective application program, it can be realized and execute primary answer
With the identical implementing result of the related resource of program;And destination application is operated in through host application building
In sandbox, installation and operation activity are not perceived by system, so as to solve in the prior art, for a kind of Instant Messenger
Believe class application program, the instant messaging class application program can be only installed and run in a terminal device, meanwhile, it uses
Family only can log in by unique account and execute to it bottleneck of relevant operation.User is realized to wish to set in a terminal
A kind of instant messaging class application program is logged in realize differentiation management and friendship to different friend informations by multiple accounts in standby
The practical application purpose of stream.
Fig. 2 is the structural schematic diagram of the device of the application program operation control of another embodiment in the present invention.
Wherein, in the embodiment of invention, destination application is the application program that present invention needs are realized, the mesh of realization
The repertoire that mark application program needs to have native applications program, is capable of providing and the identical clothes of native applications program
Business.Host application is to realize the shell adding application program of destination application, completes target application by host application
The installation and operation of program.
The reflection of loading module 210, which is called, with host application there is the conduct host application of identical packet name incidentally to provide
The installation kit in source, to load the destination application that the installation kit is realized, wherein the required resource and original of destination application
The required resource of raw application program corresponds;Monitoring module 220 is by Hook Function to the active process of destination application
It is monitored;Calling module 230 when monitoring the call instruction to the active process of destination application by Hook Function,
Call the required resource with the one-to-one native applications program of required resource of destination application.
The reflection of loading module 210, which is called, with host application there is the conduct host application of identical packet name incidentally to provide
The installation kit in source, to load the destination application that the installation kit is realized, wherein the required resource and original of destination application
The required resource of raw application program corresponds.
Wherein, the required resource of destination application, including but not limited to:
ActivityManagerService resource;
PackageManagerService resource;
Activity component;
Service component;
Broadcast Receiver component;
Content Provider component.
Wherein, the resource file and/or dynamic library file of host application are identical as the corresponding document in installation kit.
Specifically, called by reflection mechanism has the conduct host application of identical packet name attached with host application
Installation kit with resource then loads the destination application that the installation kit is realized, and will be complete needed for destination application
Required whole resources of portion's resource and native applications program correspond.
Android operation system has it to be different from the principle of other operating systems, and Android provides four big groups for developer
Part refers specifically to the components such as Activity, Service, Broadcast Receiver and Content Provider.
Android application program is supplied to user in the form of APK installation kit and installs, and in APK installation kit, has for encapsulating reality
Show the classes.dex code file of the program code of various components and for various components used in Expression and Application program
The Androidmanifest.xml configuration file of the contents such as registration information and authority application information.Due to the peace of application program
Dress process is exactly the process of PackageManagerService (PMS) parsing Androidmanifest.xml file, and this hair
Bright middle application program installation kit is not installed on local, therefore is unable to get the correlation attribute information of application program, but only obtain
Take such as Activity component, Service component, Broadcast Receiver component, ContentProvider component information
When, ActivityManagerService (AMS) could be passed through and operate normally application program.
Reflection mechanism used by the present embodiment can be Java reflection mechanism, and Java reflection mechanism is in operating status
In, for any one class, it can know all properties and method of this class;For any one object, can adjust
With its any one method;The function of this dynamic acquisition information and the method for dynamic call object is JAVA language
Reflection mechanism.
By reflection mechanism, the addAssetPath method in AssetManager is called, host application is installed
Resource in file is loaded into Resource, passes through the money in Resource object reference host application installation file
Source.Before obtaining host application installation file resource, first have to create DexClassLoader load by host program
Then host application installation kit creates the resource of AssetManager load host application installation file, finally leads to
Cross the resource that Resource object reads host application installation file.
Preferably, loading module 210 includes establishing unit (not shown);Unit is established by the host using journey
Sequence, to establish the one-to-one relationship of the required resource of the destination application and the required resource of native applications program.
For example, the operating system of terminal device is android system, destination application App1 ', the target application journey
The repertoire and respective service of sequence native applications program App1 to be realized;In the host application of terminal device,
" App1 ' .apk " is the installation kit that host application is attached to resource, calls installation kit " App1 ' by Java reflection mechanism
.apk ", the destination application App1 ' that then load " App1 ' .apk " is realized, loads in host application
During " App1 ' .apk ", required whole resources of creation destination application App1 ' are such as
ActivityManagerService resource, PackageManagerService resource, Activity component, Service group
Part, Broadcast Receiver component and Content Provider component, wherein destination application App1's ' is required
Whole resources for example ActivityManagerService resource, PackageManagerService resource, Activity component,
Service component, Broadcast Receiver component and Content Provider component are corresponded and are identical to primary
The required whole resources for the App1 that application program is run in terminal device Android operation system are such as
ActivityManagerService resource, PackageManagerService resource, Activity component, Service group
Part, Broadcast Receiver component and Content Provider component.
Preferably, it establishes unit and specifically includes parsing subunit (not shown) and load subelement and (do not show in figure
Out).Parsing subunit: installation kit is parsed to determine the resource name of the required resource of destination application;Load subelement: according to
The resource name of the required resource of destination application, the one-to-one resource of required resource of load and native applications program.
The means for parsing the former installation kit of application program, are well known to those skilled in the art.Installation kit APK file essence
On be using ZIP compress technique combination signature technology realization compressed package therefore on the one hand it can be discharged by decompression technique
On the other hand internal file can also obtain its internal file (its generation in this case by the tool software of Apktool etc
Code file can be reversed .smali file).Those skilled in the art can be given using these well-known techniques at one consummately
Determine to handle former installation kit in catalogue, to obtain inside therein by way of internal memory operation (non-file operation)
File.
Android application program in the process of running, be by one be known as AssetsManager resource manager come
Read the resource file being packaged in inside APK file.Each Activity component of application program is associated with one
ContextImpl object, this ContextImpl object are exactly the operation context environmental for describing Activity component
's.The member function init of this ContextImpl object is called to execute initialization Activity assembly operating context ring
The work in border, wherein just including Resources object and AssetsManager object that creation is used to access application resource
Work.Wherein, ContextImpl.init function is just defined on file f rameworks/base/core/java/
In android/app/ContextImpl.java.What the parameter packageInfo in ContextImpl.init function was directed toward
It is a loadedApk object, this loadedApk object factory is currently to start Apk belonging to component.With visiting
The Resources object for asking application resource is by being a loadedApk pointed by call parameters packageInfo
The member function getResources of object is created.It follows that Resources object can be created, to extract or access
Application resource.
For example, parsing installation kit " App1 ' .apk " to determine the resource of required whole resources of destination application App1 '
Name, such as ActivityManagerService, PackageManagerService, Activity, Service, Broadcast
Receiver and Content Provider then creates the required whole of native applications program App1 in host application
The one-to-one resource of resource for example ActivityManagerService resource, PackageManagerService resource,
Activity component, Service component, Broadcast Receiver component and Content Provider component.
Preferably, destination application includes reserved extension, for the extended resources phase with native applications program
Match.
Specifically, during destination application App1 ' is loaded in host application, while target application is loaded
The reserved extension of program App1 ', for matching with the extended resources of native applications program App1.
For example, during loading destination application App1 ' in host application, while loading target application journey
The reserved extension of sequence App1 ' such as increases the XML text of user interface layout when native applications program App1 updates
Part " layout.xml " can create the XML of corresponding user interface layout in the reserved extension of destination application App1 '
File " layout.xml ".
Monitoring module 220 is monitored by active process of the Hook Function to destination application.
Need exist for supplement: term " hook " is covered for by intercepting the function transmitted between component software
It calls, message or event change or increase the technology of the behavior of operating system, application program or other software component.And locate
The code for managing this intercepted function call, event or message is thus referred to as hook hook function.Hook is commonly used in various
Target, including function debug and be extended to function.Its example may include being transmitted in keyboard or mouse event
They or hooking system service call (system call) are intercepted before application program or system function behavior, function execute
As a result etc., to monitor or modify the function etc. of application program or other assemblies.Hook hook function can be used in the present embodiment
Take over installation self checking operation required when application program operation.
As a sandbox example, run on destination application in sandbox running environment, monitoring objective application program
Active process be sandbox running environment core implementor, be responsible for realizing function: by monitoring objective application program
Access to resource makes destination application process can be realized the normal call to corresponding resource.For example, above-mentioned related to mesh
The calling that the resource of the installation kit of application program App1 ' carries out is marked, can be referred to by monitoring the specific specific calling for calling resource
It enables, is realized using Hook technology.It can will be in such a way that active process of the Hook Function to destination application be monitored
Service processes are registered as, with the call instruction of Hook Function associated objects application program App1 ' active process to realize to target
The activity monitoring of application program App1 '.
Calling module 230 when monitoring the call instruction to the active process of destination application by Hook Function,
Call the required resource with the one-to-one native applications program of required resource of destination application.
For example, monitoring using entrance of the Hook Function to related call instruction, this call instruction is intercepted and captured, and obtain
The title for the resource for taking destination application App1 ' to access, as Hook Function gets the money of destination application App1 ' access
Source is ActivityManagerService, is subsequently diverted to execute corresponding Hook Function, by the Hook Function call with it is primary
The corresponding ActivityManagerService resource of application program.
In a preferred embodiment, which further includes update module (not shown).Update module detects primary
The more new demand servicing of application program, the required resource of the reserved extension more new target application based on destination application.
For example, when host application detects the more new demand servicing of native applications program App1, as wrapped in more new demand servicing
The XML file " layout.xml " for increasing user interface layout is included, is created in the reserved extension of destination application App1 '
The XML file " layout.xml " of corresponding user interface layout is built, realizes the corresponding update to destination application App1 '.
In a preferred embodiment, which further includes realizing module (not shown).Realize module by executing mesh
The required resource of application program is marked, to realize implementing result identical with the required resource of native applications program is executed.
For example, passing through terminal device android system needed for executing native applications program App1
ActivityManagerService resource can activate starting native applications program App1, in host application, by holding
ActivityManagerService resource in host application needed for row destination application App1 ' can activate starting
Destination application App1 '.
In the preferred embodiment, by the related resource of performance objective application program, it can be realized and execute primary answer
With the identical implementing result of the related resource of program;And destination application is operated in through host application building
In sandbox, installation and operation activity are not perceived by system, so as to solve in the prior art, for a kind of Instant Messenger
Believe class application program, the instant messaging class application program can be only installed and run in a terminal device, meanwhile, it uses
Family only can log in by unique account and execute to it bottleneck of relevant operation.User is realized to wish to set in a terminal
A kind of instant messaging class application program is logged in realize differentiation management and friendship to different friend informations by multiple accounts in standby
The practical application purpose of stream.
Those skilled in the art of the present technique are appreciated that the present invention includes being related to for executing in operation described herein
One or more equipment.These equipment can specially design and manufacture for required purpose, or also may include general
Known device in computer.These equipment have the computer program being stored in it, these computer programs are selectively
Activation or reconstruct.Such computer program can be stored in equipment (for example, computer) readable medium or be stored in
It e-command and is coupled in any kind of medium of bus respectively suitable for storage, the computer-readable medium includes but not
Be limited to any kind of disk (including floppy disk, hard disk, CD, CD-ROM and magneto-optic disk), ROM (Read-Only Memory, only
Read memory), RAM (Random Access Memory, immediately memory), EPROM (Erasable Programmable
Read-Only Memory, Erarable Programmable Read only Memory), EEPROM (Electrically Erasable
Programmable Read-Only Memory, Electrically Erasable Programmable Read-Only Memory), flash memory, magnetic card or light card
Piece.It is, readable medium includes by equipment (for example, computer) with any Jie for the form storage or transmission information that can be read
Matter.
Those skilled in the art of the present technique be appreciated that can be realized with computer program instructions these structure charts and/or
The combination of each frame and these structure charts and/or the frame in block diagram and/or flow graph in block diagram and/or flow graph.This technology neck
Field technique personnel be appreciated that these computer program instructions can be supplied to general purpose computer, special purpose computer or other
The processor of programmable data processing method is realized, to pass through the processing of computer or other programmable data processing methods
The scheme specified in frame or multiple frames of the device to execute structure chart and/or block diagram and/or flow graph disclosed by the invention.
Those skilled in the art of the present technique have been appreciated that in the present invention the various operations crossed by discussion, method, in process
Steps, measures, and schemes can be replaced, changed, combined or be deleted.Further, each with having been crossed by discussion in the present invention
Kind of operation, method, other steps, measures, and schemes in process may also be alternated, changed, rearranged, decomposed, combined or deleted.
Further, in the prior art to have and the step in various operations, method disclosed in the present invention, process, measure, scheme
It may also be alternated, changed, rearranged, decomposed, combined or deleted.
The above is only some embodiments of the invention, it is noted that for the ordinary skill people of the art
For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered
It is considered as protection scope of the present invention.
Claims (16)
1. a kind of method of application program operation control characterized by comprising
The installation kit that resource is attached to as host application for having identical packet name with host application is called in reflection, to add
Carry the destination application that the installation kit is realized, wherein the required resource and native applications program of the destination application
Required resource correspond;
It is monitored by active process of the Hook Function to the destination application;
When monitoring the call instruction to the active process of destination application by Hook Function, calling is answered with the target
With the required resource of the required resource of the program native applications program correspondingly.
2. the method for application program operation control according to claim 1, wherein load the target that the installation kit is realized and answer
The step of with program, comprising:
By the host application, to establish the required of the required resource of the destination application and native applications program
The one-to-one relationship of resource.
3. the method for application program operation control according to claim 2, wherein establish the institute of the destination application
The one-to-one relationship for needing the required resource of resource and native applications program, specifically includes:
The installation kit is parsed to determine the resource name of the required resource of destination application;
According to the resource name of the required resource of destination application, load one-to-one with the required resource of native applications program
Resource.
4. the method for application program operation control according to claim 1, the destination application includes reserved extension
, for matching with the extended resources of the native applications program.
5. the method for application program operation control according to claim 4, this method further include:
The more new demand servicing for detecting the native applications program, described in reserved extension based on the destination application updates
The required resource of destination application.
6. the method for application program operation control according to claim 1, wherein the resource text of the host application
Part and/or dynamic library file are identical as the corresponding document in the installation kit.
7. the method for application program operation control according to claim 1-6, further includes:
By executing the required resource of the destination application, to realize and execute the required resource of the native applications program
Identical implementing result.
8. the method for application program operation control according to claim 1, wherein the required money of the destination application
Source, including following at least any one:
ActivityManagerService resource;
PackageManagerService resource;
Activity component;
Service component;
Broadcast Receiver component;
Content Provider component.
9. a kind of device of application program operation control characterized by comprising
Loading module with host application there is the conduct host application of identical packet name to be attached to resource for reflecting to call
Installation kit, to load the destination application that the installation kit is realized, wherein the required resource of the destination application with
The required resource of native applications program corresponds;
Monitoring module, for being monitored by active process of the Hook Function to the destination application;
Calling module, for adjusting when monitoring the call instruction to the active process of destination application by Hook Function
With the required resource of the native applications program correspondingly of the required resource with the destination application.
10. the device of application program operation control according to claim 9, wherein the loading module includes:
Establish unit, for by the host application, come establish the required resource of the destination application with it is primary
The one-to-one relationship of the required resource of application program.
11. the device of application program operation control according to claim 10, wherein the unit of establishing specifically includes:
Parsing subunit determines the resource name of the required resource of destination application for parsing the installation kit;
Subelement is loaded, for the resource name according to the required resource of destination application, the institute of load and native applications program
Need the one-to-one resource of resource.
12. the device of application program operation control according to claim 9, the destination application includes reserved extension
, for matching with the extended resources of the native applications program.
13. the device of application program operation control according to claim 12, the device further include:
Update module, it is reserved based on the destination application for detecting the more new demand servicing of the native applications program
Extension updates the required resource of the destination application.
14. the device of application program operation control according to claim 9, wherein the resource of the host application
File and/or dynamic library file are identical as the corresponding document in the installation kit.
15. according to the device of the described in any item application program operation controls of claim 9-14, further includes:
Module is realized, for the required resource by executing the destination application, to realize and execute the native applications
The identical implementing result of required resource of program.
16. the device of application program according to claim 9 operation control, wherein the destination application it is required
Resource, including following at least any one:
ActivityManagerService resource;
PackageManagerService resource;
Activity component;
Service component;
Broadcast Receiver component;
Content Provider component.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510993178.5A CN105975333B (en) | 2015-12-24 | 2015-12-24 | The method and device of application program operation control |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510993178.5A CN105975333B (en) | 2015-12-24 | 2015-12-24 | The method and device of application program operation control |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105975333A CN105975333A (en) | 2016-09-28 |
| CN105975333B true CN105975333B (en) | 2019-05-31 |
Family
ID=56988302
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510993178.5A Active CN105975333B (en) | 2015-12-24 | 2015-12-24 | The method and device of application program operation control |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105975333B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108121561B (en) * | 2016-11-28 | 2021-08-17 | 百度在线网络技术(北京)有限公司 | Application program repairing method, device and system |
| CN106708580A (en) * | 2016-12-27 | 2017-05-24 | 北京奇虎科技有限公司 | Free-installation application program operating method, system and intelligent terminal |
| US10747874B2 (en) * | 2018-05-22 | 2020-08-18 | NortonLifeLock, Inc. | Systems and methods for controlling an application launch based on a security policy |
| CN111324386B (en) * | 2018-12-13 | 2024-08-20 | 北京奇虎科技有限公司 | Method and device for starting split application program, electronic equipment and storage medium |
| CN111324888B (en) * | 2018-12-13 | 2024-05-10 | 北京奇虎科技有限公司 | Verification method and device for application program starting, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8196213B2 (en) * | 2008-07-11 | 2012-06-05 | Microsoft Corporation | Verification of un-trusted code for consumption on an insecure device |
| CN103885763A (en) * | 2012-12-21 | 2014-06-25 | 腾讯科技(深圳)有限公司 | Operating system resource access method and system |
| CN104376255A (en) * | 2014-11-28 | 2015-02-25 | 北京奇虎科技有限公司 | Application program running control method and device |
| CN104462879A (en) * | 2014-11-28 | 2015-03-25 | 北京奇虎科技有限公司 | Root-free running control method and device of application program |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9307009B2 (en) * | 2012-02-15 | 2016-04-05 | Mobilespan Inc. | Presenting execution of a remote application in a mobile device native format |
-
2015
- 2015-12-24 CN CN201510993178.5A patent/CN105975333B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8196213B2 (en) * | 2008-07-11 | 2012-06-05 | Microsoft Corporation | Verification of un-trusted code for consumption on an insecure device |
| CN103885763A (en) * | 2012-12-21 | 2014-06-25 | 腾讯科技(深圳)有限公司 | Operating system resource access method and system |
| CN104376255A (en) * | 2014-11-28 | 2015-02-25 | 北京奇虎科技有限公司 | Application program running control method and device |
| CN104462879A (en) * | 2014-11-28 | 2015-03-25 | 北京奇虎科技有限公司 | Root-free running control method and device of application program |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105975333A (en) | 2016-09-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105975333B (en) | The method and device of application program operation control | |
| CN107317730B (en) | Method, equipment and system for monitoring state of block chain node | |
| CN105955782B (en) | Application program operation control method and device | |
| CN106384045B (en) | Android storage application sandbox based on application program virtualization and communication method | |
| CN104992081B (en) | A kind of safe Enhancement Method of Android application programs third party code | |
| CN105389263B (en) | Application software authority monitoring method, system and equipment | |
| CN106357609B (en) | A kind of method and system, public network server and private clound equipment creating user | |
| CN109672580A (en) | Full link monitoring method, apparatus, terminal device and storage medium | |
| CN110119350A (en) | Software Development Kit test method, device and equipment and computer storage medium | |
| CN103514395B (en) | Plug-in right control method and system | |
| CN111552568A (en) | Cloud service calling method and device | |
| CN105094996A (en) | Security-enhancing method and system of Android system based on dynamic authority verification | |
| CN106547590A (en) | The startup method of privacy application program and starter | |
| CN106066803A (en) | Application program runs the method and device controlled | |
| CN110677453A (en) | ZooKeeper-based distributed lock service implementation method, device, equipment and storage medium | |
| CN107688555A (en) | A kind of function trustship relies on the general offer method of service in calculating | |
| CN112527252A (en) | Applet management method and device, applet platform, electronic device and medium | |
| WO2017004918A1 (en) | Security control method and device, and computer storage medium | |
| CN104899481A (en) | System and method for preventing decompilation of application programs | |
| CN106293821B (en) | Method and device for acquiring and transmitting application program data and running application program | |
| CN105930190B (en) | A kind of program self-start method and device based on operating system | |
| CN105447384B (en) | A kind of anti-method monitored, system and mobile terminal | |
| CN105608774A (en) | Intelligent entrance guard control system and control method thereof | |
| CN111385253A (en) | Vulnerability detection system for network security of power distribution automation system | |
| RU2520395C2 (en) | Method and system for monitoring safety-related system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220729 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
| TR01 | Transfer of patent right |