Loading core/java/android/os/Process.java +15 −1 Original line number Original line Diff line number Diff line Loading @@ -151,6 +151,20 @@ public class Process { */ */ public static final int LAST_ISOLATED_UID = 99999; public static final int LAST_ISOLATED_UID = 99999; /** * First gid for applications to share resources. Used when forward-locking * is enabled but all UserHandles need to be able to read the resources. * @hide */ public static final int FIRST_SHARED_APPLICATION_GID = 50000; /** * Last gid for applications to share resources. Used when forward-locking * is enabled but all UserHandles need to be able to read the resources. * @hide */ public static final int LAST_SHARED_APPLICATION_GID = 59999; /** /** * Defines a secondary group id for access to the bluetooth hardware. * Defines a secondary group id for access to the bluetooth hardware. */ */ Loading core/java/android/os/UserHandle.java +9 −0 Original line number Original line Diff line number Diff line Loading @@ -138,6 +138,15 @@ public final class UserHandle implements Parcelable { return uid % PER_USER_RANGE; return uid % PER_USER_RANGE; } } /** * Returns the shared app gid for a given uid or appId. * @hide */ public static final int getSharedAppGid(int id) { return Process.FIRST_SHARED_APPLICATION_GID + (id % PER_USER_RANGE) - Process.FIRST_APPLICATION_UID; } /** /** * Returns the user id of the current process * Returns the user id of the current process * @return user id of the current process * @return user id of the current process Loading services/java/com/android/server/am/ActivityManagerService.java +14 −1 Original line number Original line Diff line number Diff line Loading @@ -2008,9 +2008,10 @@ public final class ActivityManagerService extends ActivityManagerNative int[] gids = null; int[] gids = null; int mountExternal = Zygote.MOUNT_EXTERNAL_NONE; int mountExternal = Zygote.MOUNT_EXTERNAL_NONE; if (!app.isolated) { if (!app.isolated) { int[] permGids = null; try { try { final PackageManager pm = mContext.getPackageManager(); final PackageManager pm = mContext.getPackageManager(); gids = pm.getPackageGids(app.info.packageName); permGids = pm.getPackageGids(app.info.packageName); if (Environment.isExternalStorageEmulated()) { if (Environment.isExternalStorageEmulated()) { if (pm.checkPermission( if (pm.checkPermission( Loading @@ -2024,6 +2025,18 @@ public final class ActivityManagerService extends ActivityManagerNative } catch (PackageManager.NameNotFoundException e) { } catch (PackageManager.NameNotFoundException e) { Slog.w(TAG, "Unable to retrieve gids", e); Slog.w(TAG, "Unable to retrieve gids", e); } } /* * Add shared application GID so applications can share some * resources like shared libraries */ if (permGids == null) { gids = new int[1]; } else { gids = new int[permGids.length + 1]; System.arraycopy(permGids, 0, gids, 1, permGids.length); } gids[0] = UserHandle.getSharedAppGid(UserHandle.getAppId(uid)); } } if (mFactoryTest != SystemServer.FACTORY_TEST_OFF) { if (mFactoryTest != SystemServer.FACTORY_TEST_OFF) { if (mFactoryTest == SystemServer.FACTORY_TEST_LOW_LEVEL if (mFactoryTest == SystemServer.FACTORY_TEST_LOW_LEVEL Loading services/java/com/android/server/pm/PackageManagerService.java +3 −2 Original line number Original line Diff line number Diff line Loading @@ -7289,7 +7289,7 @@ public class PackageManagerService extends IPackageManager.Stub { final int groupOwner; final int groupOwner; final String protectedFile; final String protectedFile; if (isFwdLocked()) { if (isFwdLocked()) { groupOwner = uid; groupOwner = UserHandle.getSharedAppGid(uid); protectedFile = RES_FILE_NAME; protectedFile = RES_FILE_NAME; } else { } else { groupOwner = -1; groupOwner = -1; Loading Loading @@ -7371,7 +7371,8 @@ public class PackageManagerService extends IPackageManager.Stub { int doPostCopy(int uid) { int doPostCopy(int uid) { if (isFwdLocked()) { if (isFwdLocked()) { if (uid < Process.FIRST_APPLICATION_UID if (uid < Process.FIRST_APPLICATION_UID || !PackageHelper.fixSdPermissions(cid, uid, RES_FILE_NAME)) { || !PackageHelper.fixSdPermissions(cid, UserHandle.getSharedAppGid(uid), RES_FILE_NAME)) { Slog.e(TAG, "Failed to finalize " + cid); Slog.e(TAG, "Failed to finalize " + cid); PackageHelper.destroySdDir(cid); PackageHelper.destroySdDir(cid); return PackageManager.INSTALL_FAILED_CONTAINER_ERROR; return PackageManager.INSTALL_FAILED_CONTAINER_ERROR; Loading Loading
core/java/android/os/Process.java +15 −1 Original line number Original line Diff line number Diff line Loading @@ -151,6 +151,20 @@ public class Process { */ */ public static final int LAST_ISOLATED_UID = 99999; public static final int LAST_ISOLATED_UID = 99999; /** * First gid for applications to share resources. Used when forward-locking * is enabled but all UserHandles need to be able to read the resources. * @hide */ public static final int FIRST_SHARED_APPLICATION_GID = 50000; /** * Last gid for applications to share resources. Used when forward-locking * is enabled but all UserHandles need to be able to read the resources. * @hide */ public static final int LAST_SHARED_APPLICATION_GID = 59999; /** /** * Defines a secondary group id for access to the bluetooth hardware. * Defines a secondary group id for access to the bluetooth hardware. */ */ Loading
core/java/android/os/UserHandle.java +9 −0 Original line number Original line Diff line number Diff line Loading @@ -138,6 +138,15 @@ public final class UserHandle implements Parcelable { return uid % PER_USER_RANGE; return uid % PER_USER_RANGE; } } /** * Returns the shared app gid for a given uid or appId. * @hide */ public static final int getSharedAppGid(int id) { return Process.FIRST_SHARED_APPLICATION_GID + (id % PER_USER_RANGE) - Process.FIRST_APPLICATION_UID; } /** /** * Returns the user id of the current process * Returns the user id of the current process * @return user id of the current process * @return user id of the current process Loading
services/java/com/android/server/am/ActivityManagerService.java +14 −1 Original line number Original line Diff line number Diff line Loading @@ -2008,9 +2008,10 @@ public final class ActivityManagerService extends ActivityManagerNative int[] gids = null; int[] gids = null; int mountExternal = Zygote.MOUNT_EXTERNAL_NONE; int mountExternal = Zygote.MOUNT_EXTERNAL_NONE; if (!app.isolated) { if (!app.isolated) { int[] permGids = null; try { try { final PackageManager pm = mContext.getPackageManager(); final PackageManager pm = mContext.getPackageManager(); gids = pm.getPackageGids(app.info.packageName); permGids = pm.getPackageGids(app.info.packageName); if (Environment.isExternalStorageEmulated()) { if (Environment.isExternalStorageEmulated()) { if (pm.checkPermission( if (pm.checkPermission( Loading @@ -2024,6 +2025,18 @@ public final class ActivityManagerService extends ActivityManagerNative } catch (PackageManager.NameNotFoundException e) { } catch (PackageManager.NameNotFoundException e) { Slog.w(TAG, "Unable to retrieve gids", e); Slog.w(TAG, "Unable to retrieve gids", e); } } /* * Add shared application GID so applications can share some * resources like shared libraries */ if (permGids == null) { gids = new int[1]; } else { gids = new int[permGids.length + 1]; System.arraycopy(permGids, 0, gids, 1, permGids.length); } gids[0] = UserHandle.getSharedAppGid(UserHandle.getAppId(uid)); } } if (mFactoryTest != SystemServer.FACTORY_TEST_OFF) { if (mFactoryTest != SystemServer.FACTORY_TEST_OFF) { if (mFactoryTest == SystemServer.FACTORY_TEST_LOW_LEVEL if (mFactoryTest == SystemServer.FACTORY_TEST_LOW_LEVEL Loading
services/java/com/android/server/pm/PackageManagerService.java +3 −2 Original line number Original line Diff line number Diff line Loading @@ -7289,7 +7289,7 @@ public class PackageManagerService extends IPackageManager.Stub { final int groupOwner; final int groupOwner; final String protectedFile; final String protectedFile; if (isFwdLocked()) { if (isFwdLocked()) { groupOwner = uid; groupOwner = UserHandle.getSharedAppGid(uid); protectedFile = RES_FILE_NAME; protectedFile = RES_FILE_NAME; } else { } else { groupOwner = -1; groupOwner = -1; Loading Loading @@ -7371,7 +7371,8 @@ public class PackageManagerService extends IPackageManager.Stub { int doPostCopy(int uid) { int doPostCopy(int uid) { if (isFwdLocked()) { if (isFwdLocked()) { if (uid < Process.FIRST_APPLICATION_UID if (uid < Process.FIRST_APPLICATION_UID || !PackageHelper.fixSdPermissions(cid, uid, RES_FILE_NAME)) { || !PackageHelper.fixSdPermissions(cid, UserHandle.getSharedAppGid(uid), RES_FILE_NAME)) { Slog.e(TAG, "Failed to finalize " + cid); Slog.e(TAG, "Failed to finalize " + cid); PackageHelper.destroySdDir(cid); PackageHelper.destroySdDir(cid); return PackageManager.INSTALL_FAILED_CONTAINER_ERROR; return PackageManager.INSTALL_FAILED_CONTAINER_ERROR; Loading
