diff options
author | Christopher Tate <ctate@google.com> | 2014-10-30 13:44:27 -0700 |
---|---|---|
committer | Christopher Tate <ctate@android.com> | 2014-11-07 18:40:47 +0000 |
commit | bbe23b31dcd0eec8af5b5198970de7ff2a9ef79a (patch) | |
tree | e0f6458989ba16677e19f930fcfd128af6d11d3f /services/backup/java/com/android/server/backup/BackupManagerService.java | |
parent | 4b19b7aaff1d1ff972ebe68101c2107454bbe5de (diff) | |
download | frameworks_base-bbe23b31dcd0eec8af5b5198970de7ff2a9ef79a.zip frameworks_base-bbe23b31dcd0eec8af5b5198970de7ff2a9ef79a.tar.gz frameworks_base-bbe23b31dcd0eec8af5b5198970de7ff2a9ef79a.tar.bz2 |
Enable runtime turndown of backup/restore services
The heavy implementation of the backup manager service is now sitting
behind a lightweight trampoline that actually provides the binder
call interface. The indirection allows us now to tear down the
implementation on the fly without breaking callers who have cached
binder references to the backup services: these callers will simply
see their future invocations failing benignly.
In addition there is now an API for suitably privileged callers such
as device policy management to effect this turndown.
Finally, there is now a static system property, "ro.backup.disable",
that a product can use to outright remove backup/restore operation
from the system's operation. The public APIs will continue to be
safely usable on such products but no data will be moved to or
from the device.
Bug 17367491
Change-Id: I8108e386ef3b5c967938fae483366d6978fe4e04
Diffstat (limited to 'services/backup/java/com/android/server/backup/BackupManagerService.java')
-rw-r--r-- | services/backup/java/com/android/server/backup/BackupManagerService.java | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/services/backup/java/com/android/server/backup/BackupManagerService.java b/services/backup/java/com/android/server/backup/BackupManagerService.java index fea1a7a..6c2681b 100644 --- a/services/backup/java/com/android/server/backup/BackupManagerService.java +++ b/services/backup/java/com/android/server/backup/BackupManagerService.java @@ -153,7 +153,7 @@ import javax.crypto.spec.SecretKeySpec; import libcore.io.IoUtils; -public class BackupManagerService extends IBackupManager.Stub { +public class BackupManagerService { private static final String TAG = "BackupManagerService"; private static final boolean DEBUG = true; @@ -322,8 +322,12 @@ public class BackupManagerService extends IBackupManager.Stub { // Watch the device provisioning operation during setup ContentObserver mProvisionedObserver; - static BackupManagerService sInstance; - static BackupManagerService getInstance() { + // The published binder is actually to a singleton trampoline object that calls + // through to the proper code. This indirection lets us turn down the heavy + // implementation object on the fly without disturbing binders that have been + // cached elsewhere in the system. + static Trampoline sInstance; + static Trampoline getInstance() { // Always constructed during system bringup, so no need to lazy-init return sInstance; } @@ -332,7 +336,7 @@ public class BackupManagerService extends IBackupManager.Stub { public Lifecycle(Context context) { super(context); - sInstance = new BackupManagerService(context); + sInstance = new Trampoline(context); } @Override @@ -342,11 +346,17 @@ public class BackupManagerService extends IBackupManager.Stub { @Override public void onBootPhase(int phase) { - if (phase == PHASE_THIRD_PARTY_APPS_CAN_START) { + if (phase == PHASE_SYSTEM_SERVICES_READY) { + sInstance.initialize(UserHandle.USER_OWNER); + } else if (phase == PHASE_THIRD_PARTY_APPS_CAN_START) { ContentResolver r = sInstance.mContext.getContentResolver(); boolean areEnabled = Settings.Secure.getInt(r, Settings.Secure.BACKUP_ENABLED, 0) != 0; - sInstance.setBackupEnabled(areEnabled); + try { + sInstance.setBackupEnabled(areEnabled); + } catch (RemoteException e) { + // can't happen; it's a local object + } } } } @@ -934,7 +944,7 @@ public class BackupManagerService extends IBackupManager.Stub { // ----- Main service implementation ----- - public BackupManagerService(Context context) { + public BackupManagerService(Context context, Trampoline parent) { mContext = context; mPackageManager = context.getPackageManager(); mPackageManagerBinder = AppGlobals.getPackageManager(); @@ -944,7 +954,7 @@ public class BackupManagerService extends IBackupManager.Stub { mPowerManager = (PowerManager) context.getSystemService(Context.POWER_SERVICE); mMountService = IMountService.Stub.asInterface(ServiceManager.getService("mount")); - mBackupManagerBinder = asInterface(asBinder()); + mBackupManagerBinder = Trampoline.asInterface(parent.asBinder()); // spin up the backup/restore handler thread mHandlerThread = new HandlerThread("backup", Process.THREAD_PRIORITY_BACKGROUND); @@ -1451,7 +1461,6 @@ public class BackupManagerService extends IBackupManager.Stub { return false; } - @Override public boolean setBackupPassword(String currentPw, String newPw) { mContext.enforceCallingOrSelfPermission(android.Manifest.permission.BACKUP, "setBackupPassword"); @@ -1532,7 +1541,6 @@ public class BackupManagerService extends IBackupManager.Stub { return false; } - @Override public boolean hasBackupPassword() { mContext.enforceCallingOrSelfPermission(android.Manifest.permission.BACKUP, "hasBackupPassword"); @@ -8145,7 +8153,6 @@ if (MORE_DEBUG) Slog.v(TAG, " + got " + nRead + "; now wanting " + (size - soF // // This is the variant used by 'adb backup'; it requires on-screen confirmation // by the user because it can be used to offload data over untrusted USB. - @Override public void fullBackup(ParcelFileDescriptor fd, boolean includeApks, boolean includeObbs, boolean includeShared, boolean doWidgets, boolean doAllApps, boolean includeSystem, boolean compress, String[] pkgList) { @@ -8217,7 +8224,6 @@ if (MORE_DEBUG) Slog.v(TAG, " + got " + nRead + "; now wanting " + (size - soF } } - @Override public void fullTransportBackup(String[] pkgNames) { mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullTransportBackup"); @@ -8247,7 +8253,6 @@ if (MORE_DEBUG) Slog.v(TAG, " + got " + nRead + "; now wanting " + (size - soF } } - @Override public void fullRestore(ParcelFileDescriptor fd) { mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullRestore"); @@ -8343,7 +8348,6 @@ if (MORE_DEBUG) Slog.v(TAG, " + got " + nRead + "; now wanting " + (size - soF // Confirm that the previously-requested full backup/restore operation can proceed. This // is used to require a user-facing disclosure about the operation. - @Override public void acknowledgeFullBackupOrRestore(int token, boolean allow, String curPassword, String encPpassword, IFullBackupRestoreObserver observer) { if (DEBUG) Slog.d(TAG, "acknowledgeFullBackupOrRestore : token=" + token @@ -8391,8 +8395,7 @@ if (MORE_DEBUG) Slog.v(TAG, " + got " + nRead + "; now wanting " + (size - soF } } - // Enable/disable the backup service - @Override + // Enable/disable backups public void setBackupEnabled(boolean enable) { mContext.enforceCallingOrSelfPermission(android.Manifest.permission.BACKUP, "setBackupEnabled"); @@ -8798,7 +8801,6 @@ if (MORE_DEBUG) Slog.v(TAG, " + got " + nRead + "; now wanting " + (size - soF // Note that a currently-active backup agent has notified us that it has // completed the given outstanding asynchronous backup/restore operation. - @Override public void opComplete(int token) { if (MORE_DEBUG) Slog.v(TAG, "opComplete: " + Integer.toHexString(token)); Operation op = null; @@ -9147,7 +9149,6 @@ if (MORE_DEBUG) Slog.v(TAG, " + got " + nRead + "; now wanting " + (size - soF } } - @Override public void dump(FileDescriptor fd, PrintWriter pw, String[] args) { mContext.enforceCallingOrSelfPermission(android.Manifest.permission.DUMP, TAG); |