From f91d33c919c04a22a3d20c4391b88a2a74111700 Mon Sep 17 00:00:00 2001
From: Wale Ogunwale <ogunwale@google.com>
Date: Thu, 25 Jun 2015 09:29:58 -0700
Subject: Prevent system uid component from running in an app process

Bug: 21669445
Change-Id: I792c6e676d4b6d54a51228d264130b8125075d98
---
 .../java/com/android/server/am/ActivityManagerService.java    | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/services/java/com/android/server/am/ActivityManagerService.java b/services/java/com/android/server/am/ActivityManagerService.java
index dc4661f..b2d940b 100644
--- a/services/java/com/android/server/am/ActivityManagerService.java
+++ b/services/java/com/android/server/am/ActivityManagerService.java
@@ -1994,9 +1994,14 @@ public final class ActivityManagerService extends ActivityManagerNative
             SparseArray<ProcessRecord> procs = mProcessNames.getMap().get(
                     processName);
             if (procs == null) return null;
-            final int N = procs.size();
-            for (int i = 0; i < N; i++) {
-                if (UserHandle.isSameUser(procs.keyAt(i), uid)) return procs.valueAt(i);
+            final int procCount = procs.size();
+            for (int i = 0; i < procCount; i++) {
+                final int procUid = procs.keyAt(i);
+                if (UserHandle.isApp(procUid) || !UserHandle.isSameUser(procUid, uid)) {
+                    // Don't use an app process or different user process for system component.
+                    continue;
+                }
+                return procs.valueAt(i);
             }
         }
         ProcessRecord proc = mProcessNames.get(processName, uid);
-- 
cgit v1.1