From 450b55bbd9eb3a7b52aa9f5ec4276dcf499a0110 Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@google.com>
Date: Thu, 16 Mar 2017 18:17:11 -0400
Subject: [PATCH] Do not allow WebView instantiation from privileged processes.

Test: Patched in CL on bug, got UnsupportedOperationException
Bug: 36077109
Change-Id: I01dba02407dd7b1ea1ce22f0023f8882e1e96dae
---
 core/java/android/webkit/WebViewFactory.java | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/core/java/android/webkit/WebViewFactory.java b/core/java/android/webkit/WebViewFactory.java
index 0906d1a1e0348..81c2f5d5ef4c3 100644
--- a/core/java/android/webkit/WebViewFactory.java
+++ b/core/java/android/webkit/WebViewFactory.java
@@ -198,7 +198,9 @@ public final class WebViewFactory {
             if (sProviderInstance != null) return sProviderInstance;
 
             final int uid = android.os.Process.myUid();
-            if (uid == android.os.Process.ROOT_UID || uid == android.os.Process.SYSTEM_UID) {
+            if (uid == android.os.Process.ROOT_UID || uid == android.os.Process.SYSTEM_UID
+                    || uid == android.os.Process.PHONE_UID || uid == android.os.Process.NFC_UID
+                    || uid == android.os.Process.BLUETOOTH_UID) {
                 throw new UnsupportedOperationException(
                         "For security reasons, WebView is not allowed in privileged processes");
             }