Fix requestRestore() of an app's own package

The BACKUP permission check was being applied over-zealously. Bug 19336200 Change-Id: Ia52b5c5cc0fd8d19b74ee624be85113d1b8dca7e
author: Christopher Tate <ctate@google.com> 2015-05-06 12:31:46 -0700
committer: Christopher Tate <ctate@google.com> 2015-05-06 12:31:46 -0700
commit: 5aba226d8ac28cbac5200ee3715a174683b1faa0 (patch)
tree: 5aae050fad88a7ae90f8ac230b6a48bfc44c4c18 /services/backup/java/com/android
parent: 261208e002775fe9a9f4e79e9f70b41852cfbe60 (diff)
download: frameworks_base-5aba226d8ac28cbac5200ee3715a174683b1faa0.zip
frameworks_base-5aba226d8ac28cbac5200ee3715a174683b1faa0.tar.gz
frameworks_base-5aba226d8ac28cbac5200ee3715a174683b1faa0.tar.bz2
1 files changed, 37 insertions, 34 deletions
diff --git a/services/backup/java/com/android/server/backup/BackupManagerService.java b/services/backup/java/com/android/server/backup/BackupManagerService.java
index bfe8b5c..6c1023c 100644
--- a/services/backup/java/com/android/server/backup/BackupManagerService.java
+++ b/services/backup/java/com/android/server/backup/BackupManagerService.java
@@ -9368,44 +9368,47 @@ if (MORE_DEBUG) Slog.v(TAG, "   + got " + nRead + "; now wanting " + (size - soF
                 throw new SecurityException("No permission to restore other packages");
             }
 
-            // So far so good; we're allowed to try to restore this package.  Now
-            // check whether there is data for it in the current dataset, falling back
-            // to the ancestral dataset if not.
-            long token = getAvailableRestoreToken(packageName);
-            if (DEBUG) Slog.v(TAG, "restorePackage pkg=" + packageName
-                    + " token=" + Long.toHexString(token));
-
-            // If we didn't come up with a place to look -- no ancestral dataset and
-            // the app has never been backed up from this device -- there's nothing
-            // to do but return failure.
-            if (token == 0) {
-                if (DEBUG) Slog.w(TAG, "No data available for this package; not restoring");
-                return -1;
-            }
-
-            String dirName;
+            // So far so good; we're allowed to try to restore this package.
+            long oldId = Binder.clearCallingIdentity();
             try {
-                dirName = mRestoreTransport.transportDirName();
-            } catch (RemoteException e) {
-                // Transport went AWOL; fail.
-                Slog.e(TAG, "Unable to contact transport for restore");
-                return -1;
-            }
+                // Check whether there is data for it in the current dataset, falling back
+                // to the ancestral dataset if not.
+                long token = getAvailableRestoreToken(packageName);
+                if (DEBUG) Slog.v(TAG, "restorePackage pkg=" + packageName
+                        + " token=" + Long.toHexString(token));
+
+                // If we didn't come up with a place to look -- no ancestral dataset and
+                // the app has never been backed up from this device -- there's nothing
+                // to do but return failure.
+                if (token == 0) {
+                    if (DEBUG) Slog.w(TAG, "No data available for this package; not restoring");
+                    return -1;
+                }
 
-            // Stop the session timeout until we finalize the restore
-            mBackupHandler.removeMessages(MSG_RESTORE_TIMEOUT);
+                String dirName;
+                try {
+                    dirName = mRestoreTransport.transportDirName();
+                } catch (RemoteException e) {
+                    // Transport went AWOL; fail.
+                    Slog.e(TAG, "Unable to contact transport for restore");
+                    return -1;
+                }
 
-            // Ready to go:  enqueue the restore request and claim success
-            long oldId = Binder.clearCallingIdentity();
-            mWakelock.acquire();
-            if (MORE_DEBUG) {
-                Slog.d(TAG, "restorePackage() : " + packageName);
+                // Stop the session timeout until we finalize the restore
+                mBackupHandler.removeMessages(MSG_RESTORE_TIMEOUT);
+
+                // Ready to go:  enqueue the restore request and claim success
+                mWakelock.acquire();
+                if (MORE_DEBUG) {
+                    Slog.d(TAG, "restorePackage() : " + packageName);
+                }
+                Message msg = mBackupHandler.obtainMessage(MSG_RUN_RESTORE);
+                msg.obj = new RestoreParams(mRestoreTransport, dirName,
+                        observer, token, app, 0);
+                mBackupHandler.sendMessage(msg);
+            } finally {
+                Binder.restoreCallingIdentity(oldId);
             }
-            Message msg = mBackupHandler.obtainMessage(MSG_RUN_RESTORE);
-            msg.obj = new RestoreParams(mRestoreTransport, dirName,
-                    observer, token, app, 0);
-            mBackupHandler.sendMessage(msg);
-            Binder.restoreCallingIdentity(oldId);
             return 0;
         }
author	Christopher Tate <ctate@google.com>	2015-05-06 12:31:46 -0700
committer	Christopher Tate <ctate@google.com>	2015-05-06 12:31:46 -0700
commit	5aba226d8ac28cbac5200ee3715a174683b1faa0 (patch)
tree	5aae050fad88a7ae90f8ac230b6a48bfc44c4c18 /services/backup/java/com/android
parent	261208e002775fe9a9f4e79e9f70b41852cfbe60 (diff)
download	frameworks_base-5aba226d8ac28cbac5200ee3715a174683b1faa0.zip frameworks_base-5aba226d8ac28cbac5200ee3715a174683b1faa0.tar.gz frameworks_base-5aba226d8ac28cbac5200ee3715a174683b1faa0.tar.bz2