In the NotificationManagerService.java from Android 5.0 framework source code. I don't understand when the uid will be zero.
private static boolean isUidSystem(int uid) {
final int appid = UserHandle.getAppId(uid);
return (appid == Process.SYSTEM_UID || appid == Process.PHONE_UID || uid == 0);
}
Android's Process class contains the following definitions (among others):
/**
* Defines the root UID.
*/
public static final int ROOT_UID = 0;
/**
* Defines the UID/GID under which system code runs.
*/
public static final int SYSTEM_UID = 1000;
/**
* Defines the UID/GID under which the telephony code runs.
*/
public static final int PHONE_UID = 1001;
These framework values correspond to kernel uids for the root, system, and radio users. In Android, many system processes run as one of these three uids.
NotificationManagerService uses isUidSystem() to check if the calling process is owned by one of these users and if so, set the boolean isSystemNotification (it also ends up true if the package name begins with android.*).
Note that isSystemUid doesn't directly compare the calling uid with the above values, but first runs it through UserHandle.getAppId(), which takes the kernel value and mods it with UserHandle.PER_USER_RANGE, normally defined as 100000 (i.e., uid % PER_USER_RANGE). This ends up being the last five digits of the kernel uid, where the first two correspond to the userId on multi-user devices.
So the uid and appId will be 0 for processes and apps that are running as the root user, and isSystemUid() will return true in this case. It will also return true whenever the uid is from a caller running as the system or radio user.