The webview zygote is shared for all users on the system, and so unlike
the app zygote, it can't use a single whitelisted UID range. For now,
clamp to the upper bound of the UID range, until we have a better idea.
This is still an improvement from the previous status quo, because it
will prevent setuid/setgid into system users.
Bug:
123597434
Test: builds, webview_zygote running
Change-Id: Ia975826ed5b1f20cabb46f60f5951723b1ba80c9
TextUtils.join(",", Build.SUPPORTED_ABIS),
null, // instructionSet
Process.FIRST_ISOLATED_UID,
- Process.LAST_ISOLATED_UID);
+ Integer.MAX_VALUE); // TODO(b/123615476) deal with user-id ranges properly
ZygoteProcess.waitForConnectionToZygote(sZygote.getPrimarySocketAddress());
if (sPackageOriginalAppInfo.sourceDir.equals(sPackage.applicationInfo.sourceDir)) {
throw new RuntimeException("Passed in UID range is invalid, min > max.");
}
- // Verify the UIDs are in the isolated UID range, as that's the only thing that we should
- // be forking right now
- if (!Process.isIsolated(uidGidMin) || !Process.isIsolated(uidGidMax)) {
+ // Verify the UIDs at least do not include system UIDs; we can't easily verify there
+ // are just isolated UIDs in the range, because for the webview zygote, there is no
+ // single range that captures all possible isolated UIDs.
+ // TODO(b/123615476) narrow this down
+ if (uidGidMin < Process.FIRST_ISOLATED_UID) {
throw new RuntimeException("Passed in UID range does not map to isolated processes.");
}