Create utility method for calculating supplemental_uid from app_uid
Every app will now have a corresponding supplemental process associated
with it. We need an utility method to map one to the other.
Implementation details: supplemental process uid will be between range
20k-30k. As such, it will be a 10k offset from app id. See ag/16621743.
Bug: 211763739
Test: atest installd_service_test
Ignore-AOSP-First: Feature is being developed in internal branch
Change-Id: I2b6d6b086985bcb24c837eaa95a937d429d6a583
Merged-In: I2b6d6b086985bcb24c837eaa95a937d429d6a583
(cherry picked from commit 1c7acfdb671c7edc4432bc8542df54c49736963d)
diff --git a/libcutils/include/cutils/multiuser.h b/libcutils/include/cutils/multiuser.h
index 9a2305c..4911c48 100644
--- a/libcutils/include/cutils/multiuser.h
+++ b/libcutils/include/cutils/multiuser.h
@@ -30,6 +30,7 @@
extern appid_t multiuser_get_app_id(uid_t uid);
extern uid_t multiuser_get_uid(userid_t user_id, appid_t app_id);
+extern uid_t multiuser_get_supplemental_uid(userid_t user_id, appid_t app_id);
extern gid_t multiuser_get_cache_gid(userid_t user_id, appid_t app_id);
extern gid_t multiuser_get_ext_gid(userid_t user_id, appid_t app_id);
diff --git a/libcutils/include/private/android_filesystem_config.h b/libcutils/include/private/android_filesystem_config.h
index 8e6b81c..155d3f5 100644
--- a/libcutils/include/private/android_filesystem_config.h
+++ b/libcutils/include/private/android_filesystem_config.h
@@ -210,6 +210,10 @@
*/
#define AID_OVERFLOWUID 65534 /* unmapped user in the user namespace */
+/* use the ranges below to determine whether a process is supplemental */
+#define AID_SUPPLEMENTAL_PROCESS_START 20000 /* start of uids allocated to supplemental process */
+#define AID_SUPPLEMENTAL_PROCESS_END 29999 /* end of uids allocated to supplemental process */
+
/* use the ranges below to determine whether a process is isolated */
#define AID_ISOLATED_START 90000 /* start of uids for fully isolated sandboxed processes */
#define AID_ISOLATED_END 99999 /* end of uids for fully isolated sandboxed processes */
diff --git a/libcutils/multiuser.cpp b/libcutils/multiuser.cpp
index 0fd3d0c..76ae4ce 100644
--- a/libcutils/multiuser.cpp
+++ b/libcutils/multiuser.cpp
@@ -29,6 +29,15 @@
return (user_id * AID_USER_OFFSET) + (app_id % AID_USER_OFFSET);
}
+uid_t multiuser_get_supplemental_uid(userid_t user_id, appid_t app_id) {
+ int supplementalProcessOffset = AID_SUPPLEMENTAL_PROCESS_START - AID_APP_START;
+ if (app_id >= AID_APP_START && app_id <= AID_APP_END) {
+ return (user_id * AID_USER_OFFSET) + (app_id % AID_USER_OFFSET) + supplementalProcessOffset;
+ } else {
+ return -1;
+ }
+}
+
gid_t multiuser_get_cache_gid(userid_t user_id, appid_t app_id) {
if (app_id >= AID_APP_START && app_id <= AID_APP_END) {
return multiuser_get_uid(user_id, (app_id - AID_APP_START) + AID_CACHE_GID_START);
diff --git a/libcutils/multiuser_test.cpp b/libcutils/multiuser_test.cpp
index 4b0fd13..68270de 100644
--- a/libcutils/multiuser_test.cpp
+++ b/libcutils/multiuser_test.cpp
@@ -18,6 +18,7 @@
#include <gtest/gtest.h>
static constexpr auto ERR_GID = static_cast<gid_t>(-1);
+static constexpr auto ERR_UID = static_cast<uid_t>(-1);
TEST(MultiuserTest, TestMerge) {
EXPECT_EQ(0U, multiuser_get_uid(0, 0));
@@ -30,6 +31,22 @@
EXPECT_EQ(1050000U, multiuser_get_uid(10, 50000));
}
+TEST(MultiuserTest, TestSupplementalUid) {
+ EXPECT_EQ(ERR_UID, multiuser_get_supplemental_uid(0, 0));
+ EXPECT_EQ(ERR_UID, multiuser_get_supplemental_uid(0, 1000));
+ EXPECT_EQ(20000U, multiuser_get_supplemental_uid(0, 10000));
+ EXPECT_EQ(25000U, multiuser_get_supplemental_uid(0, 15000));
+ EXPECT_EQ(29999U, multiuser_get_supplemental_uid(0, 19999));
+ EXPECT_EQ(ERR_UID, multiuser_get_supplemental_uid(0, 50000));
+
+ EXPECT_EQ(ERR_UID, multiuser_get_supplemental_uid(10, 0));
+ EXPECT_EQ(ERR_UID, multiuser_get_supplemental_uid(10, 1000));
+ EXPECT_EQ(1020000U, multiuser_get_supplemental_uid(10, 10000));
+ EXPECT_EQ(1025000U, multiuser_get_supplemental_uid(10, 15000));
+ EXPECT_EQ(ERR_UID, multiuser_get_supplemental_uid(10, 20000));
+ EXPECT_EQ(ERR_UID, multiuser_get_supplemental_uid(10, 50000));
+}
+
TEST(MultiuserTest, TestSplitUser) {
EXPECT_EQ(0U, multiuser_get_user_id(0));
EXPECT_EQ(0U, multiuser_get_user_id(1000));