Add a new UID range for SDK sandbox processes.
These are processes that are spawned alongside regular app processes.
They have their own UID range, such that they can be properly isolated
from applications.
Add some APIs in Process that allows the system and mainline
modules to verify that a particular UID belongs to a sandbox
process, and to map between the sandbox process and the
corresponding app process.
Bug: 215012578
Test: N/A
Change-Id: I02aaaa1c2bcf9d141ddc97747eb6d7edd52d7b92
Merged-In: I02aaaa1c2bcf9d141ddc97747eb6d7edd52d7b92
diff --git a/core/api/current.txt b/core/api/current.txt
index 15cf71d..88f4eec 100644
--- a/core/api/current.txt
+++ b/core/api/current.txt
@@ -30532,6 +30532,7 @@
method public static final boolean is64Bit();
method public static boolean isApplicationUid(int);
method public static final boolean isIsolated();
+ method public static final boolean isSdkSandbox();
method public static final void killProcess(int);
method public static final int myPid();
method public static final int myTid();
diff --git a/core/api/module-lib-current.txt b/core/api/module-lib-current.txt
index a9f0d2e..a6278f8 100644
--- a/core/api/module-lib-current.txt
+++ b/core/api/module-lib-current.txt
@@ -290,6 +290,9 @@
}
public class Process {
+ method public static final int getAppUidForSdkSandboxUid(int);
+ method public static final boolean isSdkSandboxUid(int);
+ method public static final int toSdkSandboxUid(int);
field public static final int NFC_UID = 1027; // 0x403
field public static final int VPN_UID = 1016; // 0x3f8
}
diff --git a/core/api/test-current.txt b/core/api/test-current.txt
index 00dcb6f..6b588f9 100644
--- a/core/api/test-current.txt
+++ b/core/api/test-current.txt
@@ -1716,7 +1716,10 @@
}
public class Process {
+ method public static final int getAppUidForSdkSandboxUid(int);
method public static final int getThreadScheduler(int) throws java.lang.IllegalArgumentException;
+ method public static final boolean isSdkSandboxUid(int);
+ method public static final int toSdkSandboxUid(int);
field public static final int FIRST_APP_ZYGOTE_ISOLATED_UID = 90000; // 0x15f90
field public static final int FIRST_ISOLATED_UID = 99000; // 0x182b8
field public static final int LAST_APP_ZYGOTE_ISOLATED_UID = 98999; // 0x182b7
diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java
index 2030571..a5395bdf 100644
--- a/core/java/android/os/Process.java
+++ b/core/java/android/os/Process.java
@@ -277,6 +277,26 @@
public static final int LAST_APPLICATION_UID = 19999;
/**
+ * Defines the start of a range of UIDs going from this number to
+ * {@link #LAST_SDK_SANDBOX_UID} that are reserved for assigning to
+ * sdk sandbox processes. There is a 1-1 mapping between a sdk sandbox
+ * process UID and the app that it belongs to, which can be computed by
+ * subtracting (FIRST_SDK_SANDBOX_UID - FIRST_APPLICATION_UID) from the
+ * uid of a sdk sandbox process.
+ *
+ * Note that there are no GIDs associated with these processes; storage
+ * attribution for them will be done using project IDs.
+ * @hide
+ */
+ public static final int FIRST_SDK_SANDBOX_UID = 20000;
+
+ /**
+ * Last UID that is used for sdk sandbox processes.
+ * @hide
+ */
+ public static final int LAST_SDK_SANDBOX_UID = 29999;
+
+ /**
* First uid used for fully isolated sandboxed processes spawned from an app zygote
* @hide
*/
@@ -351,7 +371,7 @@
* ** Keep in sync with utils/threads.h **
* ***************************************
*/
-
+
/**
* Lowest available thread priority. Only for those who really, really
* don't want to run if anything else is happening.
@@ -360,7 +380,7 @@
* {@link java.lang.Thread} class.
*/
public static final int THREAD_PRIORITY_LOWEST = 19;
-
+
/**
* Standard priority background threads. This gives your thread a slightly
* lower than normal priority, so that it will have less chance of impacting
@@ -370,7 +390,7 @@
* {@link java.lang.Thread} class.
*/
public static final int THREAD_PRIORITY_BACKGROUND = 10;
-
+
/**
* Standard priority of threads that are currently running a user interface
* that the user is interacting with. Applications can not normally
@@ -381,7 +401,7 @@
* {@link java.lang.Thread} class.
*/
public static final int THREAD_PRIORITY_FOREGROUND = -2;
-
+
/**
* Standard priority of system display threads, involved in updating
* the user interface. Applications can not
@@ -391,7 +411,7 @@
* {@link java.lang.Thread} class.
*/
public static final int THREAD_PRIORITY_DISPLAY = -4;
-
+
/**
* Standard priority of the most important display threads, for compositing
* the screen and retrieving input events. Applications can not normally
@@ -608,19 +628,19 @@
/**
* Start a new process.
- *
+ *
* <p>If processes are enabled, a new process is created and the
* static main() function of a <var>processClass</var> is executed there.
* The process will continue running after this function returns.
- *
+ *
* <p>If processes are not enabled, a new thread in the caller's
* process is created and main() of <var>processClass</var> called there.
- *
+ *
* <p>The niceName parameter, if not an empty string, is a custom name to
* give to the process instead of using processClass. This allows you to
* make easily identifyable processes even if you are using the same base
* <var>processClass</var> to start them.
- *
+ *
* When invokeWith is not null, the process will be started as a fresh app
* and not a zygote fork. Note that this is only allowed for uid 0 or when
* runtimeFlags contains DEBUG_ENABLE_DEBUGGER.
@@ -822,12 +842,55 @@
}
/**
+ * Returns whether the provided UID belongs to a SDK sandbox process.
+ *
+ * @hide
+ */
+ @SystemApi(client = MODULE_LIBRARIES)
+ @TestApi
+ public static final boolean isSdkSandboxUid(int uid) {
+ uid = UserHandle.getAppId(uid);
+ return (uid >= FIRST_SDK_SANDBOX_UID && uid <= LAST_SDK_SANDBOX_UID);
+ }
+
+ /**
+ *
+ * Returns the app process corresponding to an sdk sandbox process.
+ *
+ * @hide
+ */
+ @SystemApi(client = MODULE_LIBRARIES)
+ @TestApi
+ public static final int getAppUidForSdkSandboxUid(int uid) {
+ return uid - (FIRST_SDK_SANDBOX_UID - FIRST_APPLICATION_UID);
+ }
+
+ /**
+ *
+ * Returns the sdk sandbox process corresponding to an app process.
+ *
+ * @hide
+ */
+ @SystemApi(client = MODULE_LIBRARIES)
+ @TestApi
+ public static final int toSdkSandboxUid(int uid) {
+ return uid + (FIRST_SDK_SANDBOX_UID - FIRST_APPLICATION_UID);
+ }
+
+ /**
+ * Returns whether the current process is a sdk sandbox process.
+ */
+ public static final boolean isSdkSandbox() {
+ return isSdkSandboxUid(myUid());
+ }
+
+ /**
* Returns the UID assigned to a particular user name, or -1 if there is
* none. If the given string consists of only numbers, it is converted
* directly to a uid.
*/
public static final native int getUidForName(String name);
-
+
/**
* Returns the GID assigned to a particular user name, or -1 if there is
* none. If the given string consists of only numbers, it is converted
@@ -882,11 +945,11 @@
/**
* Set the priority of a thread, based on Linux priorities.
- *
+ *
* @param tid The identifier of the thread/process to change.
* @param priority A Linux priority level, from -20 for highest scheduling
* priority to 19 for lowest scheduling priority.
- *
+ *
* @throws IllegalArgumentException Throws IllegalArgumentException if
* <var>tid</var> does not exist.
* @throws SecurityException Throws SecurityException if your process does
@@ -945,7 +1008,7 @@
* @hide
* @param pid The identifier of the process to change.
* @param group The target group for this process from THREAD_GROUP_*.
- *
+ *
* @throws IllegalArgumentException Throws IllegalArgumentException if
* <var>tid</var> does not exist.
* @throws SecurityException Throws SecurityException if your process does
@@ -1034,37 +1097,37 @@
/**
* Set the priority of the calling thread, based on Linux priorities. See
* {@link #setThreadPriority(int, int)} for more information.
- *
+ *
* @param priority A Linux priority level, from -20 for highest scheduling
* priority to 19 for lowest scheduling priority.
- *
+ *
* @throws IllegalArgumentException Throws IllegalArgumentException if
* <var>tid</var> does not exist.
* @throws SecurityException Throws SecurityException if your process does
* not have permission to modify the given thread, or to use the given
* priority.
- *
+ *
* @see #setThreadPriority(int, int)
*/
public static final native void setThreadPriority(int priority)
throws IllegalArgumentException, SecurityException;
-
+
/**
* Return the current priority of a thread, based on Linux priorities.
- *
+ *
* @param tid The identifier of the thread/process. If tid equals zero, the priority of the
* calling process/thread will be returned.
- *
+ *
* @return Returns the current priority, as a Linux priority level,
* from -20 for highest scheduling priority to 19 for lowest scheduling
* priority.
- *
+ *
* @throws IllegalArgumentException Throws IllegalArgumentException if
* <var>tid</var> does not exist.
*/
public static final native int getThreadPriority(int tid)
throws IllegalArgumentException;
-
+
/**
* Return the current scheduling policy of a thread, based on Linux.
*
@@ -1078,7 +1141,7 @@
*
* {@hide}
*/
-
+
@TestApi
public static final native int getThreadScheduler(int tid)
throws IllegalArgumentException;
@@ -1104,7 +1167,7 @@
/**
* Determine whether the current environment supports multiple processes.
- *
+ *
* @return Returns true if the system can run in multiple processes, else
* false if everything is running in a single process.
*
@@ -1131,9 +1194,9 @@
/**
* Change this process's argv[0] parameter. This can be useful to show
* more descriptive information in things like the 'ps' command.
- *
+ *
* @param text The new name of this process.
- *
+ *
* {@hide}
*/
@UnsupportedAppUsage
@@ -1162,12 +1225,12 @@
/**
* Send a signal to the given process.
- *
+ *
* @param pid The pid of the target process.
* @param signal The signal to send.
*/
public static final native void sendSignal(int pid, int signal);
-
+
/**
* @hide
* Private impl for avoiding a log message... DO NOT USE without doing
@@ -1186,24 +1249,24 @@
*/
@UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.P)
public static final native void sendSignalQuiet(int pid, int signal);
-
+
/** @hide */
@UnsupportedAppUsage
public static final native long getFreeMemory();
-
+
/** @hide */
@UnsupportedAppUsage
public static final native long getTotalMemory();
-
+
/** @hide */
@UnsupportedAppUsage
public static final native void readProcLines(String path,
String[] reqFields, long[] outSizes);
-
+
/** @hide */
@UnsupportedAppUsage
public static final native int[] getPids(String path, int[] lastArray);
-
+
/** @hide */
@UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
public static final int PROC_TERM_MASK = 0xff;
@@ -1274,7 +1337,7 @@
/** @hide */
@UnsupportedAppUsage
- public static final native boolean parseProcLine(byte[] buffer, int startIndex,
+ public static final native boolean parseProcLine(byte[] buffer, int startIndex,
int endIndex, int[] format, String[] outStrings, long[] outLongs, float[] outFloats);
/** @hide */
@@ -1283,10 +1346,10 @@
/**
* Gets the total Pss value for a given process, in bytes.
- *
+ *
* @param pid the process to the Pss for
* @return the total Pss value for the given process in bytes,
- * or -1 if the value cannot be determined
+ * or -1 if the value cannot be determined
* @hide
*/
@UnsupportedAppUsage