android: Disable app zygote under work profile

Android 10 has a bug in the app zygote implementation when used under secondary user like work profile. Update the manifest so only the the 0th service enables app zygote. Then dynamically choose between 0th and 1st service depending on if app zygote needs to be disabled. Bug: 1035432 Change-Id: Ifa3c1cb02fbc86595c7ad15c7feca35bf8ab0abd Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1974571Reviewed-by: Yaron Friedman <yfriedman@chromium.org> Commit-Queue: Bo <boliu@chromium.org> Cr-Commit-Position: refs/heads/master@{#726368}

android: Disable app zygote under work profile
Android 10 has a bug in the app zygote implementation when used under secondary user like work profile. Update the manifest so only the the 0th service enables app zygote. Then dynamically choose between 0th and 1st service depending on if app zygote needs to be disabled. Bug: 1035432 Change-Id: Ifa3c1cb02fbc86595c7ad15c7feca35bf8ab0abd Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1974571Reviewed-by: Yaron Friedman <yfriedman@chromium.org> Commit-Queue: Bo <boliu@chromium.org> Cr-Commit-Position: refs/heads/master@{#726368}
1e01d1ca · Bo Liu · Commit Bot · e920cda2 · 1e01d1ca · 1e01d1ca
Commit 1e01d1ca authored Dec 19, 2019 by Bo Liu Committed by Commit Bot Dec 19, 2019
3 changed files
--- a/base/android/java/src/org/chromium/base/compat/ApiHelperForM.java
+++ b/base/android/java/src/org/chromium/base/compat/ApiHelperForM.java
@@ -11,6 +11,7 @@ import android.net.Network;
 import android.net.NetworkInfo;
 import android.os.Build;
 import android.os.Process;
+import android.os.UserManager;
 import android.security.NetworkSecurityPolicy;
 import android.view.ActionMode;
 import android.view.ViewConfiguration;
@@ -88,6 +89,11 @@ public final class ApiHelperForM {
        return NetworkSecurityPolicy.getInstance().isCleartextTrafficPermitted();
    }

+    /** See {@link UserManager#isSystemUser()}. */
+    public static boolean isSystemUser(UserManager userManager) {
+        return userManager.isSystemUser();
+    }
+
    /*
     * See {@link ActionMode#invalidateContentRect()}.
     * @param actionMode

--- a/base/android/java/src/org/chromium/base/process_launcher/ChildConnectionAllocator.java
+++ b/base/android/java/src/org/chromium/base/process_launcher/ChildConnectionAllocator.java
@@ -8,14 +8,18 @@ import android.content.ComponentName;
 import android.content.Context;
 import android.content.pm.ApplicationInfo;
 import android.content.pm.PackageManager;
+import android.os.Build;
 import android.os.Bundle;
 import android.os.Handler;
 import android.os.Looper;
+import android.os.UserManager;
 import android.support.v4.util.ArraySet;

 import androidx.annotation.VisibleForTesting;

+import org.chromium.base.ContextUtils;
 import org.chromium.base.Log;
+import org.chromium.base.compat.ApiHelperForM;

 import java.util.ArrayDeque;
 import java.util.ArrayList;
@@ -374,10 +378,26 @@ public abstract class ChildConnectionAllocator {
        private final ArraySet<ChildProcessConnection> mAllocatedConnections = new ArraySet<>();
        private int mNextInstance;

+        private static String getServiceSuffix() {
+            // Android Q has a bug in its app zygote implementation under secondary user (eg in a
+            // work profile). See crbug.com/1035432 for details. Disable using the app zygote in
+            // that case by using a non '0' suffix which is the only service entry that enables
+            // app zygote.
+            if (Build.VERSION.SDK_INT == 29) {
+                UserManager userManager =
+                        (UserManager) ContextUtils.getApplicationContext().getSystemService(
+                                Context.USER_SERVICE);
+                if (!ApiHelperForM.isSystemUser(userManager)) {
+                    return "1";
+                }
+            }
+            return "0";
+        }
+
        private VariableSizeAllocatorImpl(Handler launcherHandler, String packageName,
                String serviceClassName, boolean bindToCaller, boolean bindAsExternalService,
                boolean useStrongBinding) {
-            super(launcherHandler, packageName, serviceClassName + "0", bindToCaller,
+            super(launcherHandler, packageName, serviceClassName + getServiceSuffix(), bindToCaller,
                    bindAsExternalService, useStrongBinding);
        }


--- a/chrome/android/java/AndroidManifest.xml
+++ b/chrome/android/java/AndroidManifest.xml
@@ -1193,7 +1193,7 @@ by a child template that "extends" this file.
            android:permission="{{ manifest_package }}.permission.CHILD_SERVICE"
            android:isolatedProcess="true"
            android:exported="{{sandboxed_service_exported|default(false)}}"
-            {% if (use_zygote|default(false) == 'true') %}
+            {% if (use_zygote|default(false) == 'true') and (i == 0) %}
            android:useAppZygote="true"
            {% endif %}
            {% if (sandboxed_service_exported|default(false)) == 'true' %}