当前位置：首页 > article >正文

Android framework 编程之 - Binder调用方UID

article 2024/11/19 22:18:58

注：不要弄混 uid 和 userID 的区别。

1. 获取Binder 调用方UID

	Binder.getCallingUid

    /**
     * Return the Linux UID assigned to the process that sent you the
     * current transaction that is being processed. This UID can be used with
     * higher-level system services to determine its identity and check
     * permissions. If the current thread is not currently executing an
     * incoming transaction, then its own UID is returned.
     */
    @CriticalNative
    @android.ravenwood.annotation.RavenwoodReplace
    public static final native int getCallingUid();

2. 判断UID 是否是特殊UID

例如判断是否是System UID

uid == Process.SYSTEM_UID

特殊 UID 的列表
这里仅仅列出一部分
frameworks/base/core/java/android/os/Process.java

    /**
     * An invalid UID value.
     */
    public static final int INVALID_UID = -1;

    /**
     * Defines the root UID.
     */
    public static final int ROOT_UID = 0;

    /**
     * Defines the UID/GID under which system code runs.
     */
    public static final int SYSTEM_UID = 1000;

    /**
     * Defines the UID/GID under which the telephony code runs.
     */
    public static final int PHONE_UID = 1001;

    /**
     * Defines the UID/GID for the user shell.
     */
    public static final int SHELL_UID = 2000;

将 Binder 调用方 UID 变为本地 UID ，豁免部分权限检查

	// 将调用标识变为本地进程，相对于System Server 就是 system server 进程
	final long token = Binder.clearCallingIdentity();
	try {
		// 权限检查的是本地进程。
	} finally {
		// 将调用标识变为非本地标识
		Binder.restoreCallingIdentity(token);
	}