diff options
| author | Dianne Hackborn <hackbod@google.com> | 2012-02-09 10:47:01 -0800 |
|---|---|---|
| committer | Dianne Hackborn <hackbod@google.com> | 2012-02-09 11:18:33 -0800 |
| commit | a0c283eac33dd2da72235751bbfa4f2d9898d5ea (patch) | |
| tree | 4a772771c79de9a0817115a49b5018397cd64add /core/java/android/app/ActivityThread.java | |
| parent | f6a7e1f7cd12fbbb2e35391850aec7d7d57b8f66 (diff) | |
Add new feature for running services in "isolated" sandbox processes.
This reserves a range of uids (for each user) in which these processes
run. These uids are not associated with an application, so they
effectively run with no permissions. When a Service requests to
run in such a process through android:isolatedProcess="true", each
time it is brought up a new isolated process is started with its
own unique uid.
What we have so far gives us the basic infrastructure; more work
remains to further lock down what these uids have access to.
Change-Id: Ibfd27c75619cba61f528f46ede9113f98dc5f45b
Diffstat (limited to 'core/java/android/app/ActivityThread.java')
| -rw-r--r-- | core/java/android/app/ActivityThread.java | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/core/java/android/app/ActivityThread.java b/core/java/android/app/ActivityThread.java index e4cfc9948704..bf632a9b0caa 100644 --- a/core/java/android/app/ActivityThread.java +++ b/core/java/android/app/ActivityThread.java @@ -134,7 +134,7 @@ public final class ActivityThread { private static final boolean DEBUG_RESULTS = false; private static final boolean DEBUG_BACKUP = true; private static final boolean DEBUG_CONFIGURATION = false; - private static final boolean DEBUG_SERVICE = true; + private static final boolean DEBUG_SERVICE = false; private static final long MIN_TIME_BETWEEN_GCS = 5*1000; private static final Pattern PATTERN_SEMICOLON = Pattern.compile(";"); private static final int SQLITE_MEM_RELEASED_EVENT_LOG_TAG = 75003; @@ -3764,13 +3764,17 @@ public final class ActivityThread { } private void setupGraphicsSupport(LoadedApk info) { + if (Process.isIsolated()) { + // Isolated processes aren't going to do UI. + return; + } try { int uid = Process.myUid(); String[] packages = getPackageManager().getPackagesForUid(uid); // If there are several packages in this application we won't // initialize the graphics disk caches - if (packages.length == 1) { + if (packages != null && packages.length == 1) { ContextImpl appContext = new ContextImpl(); appContext.init(info, null, this); |