diff options
| author | Christopher Tate <ctate@google.com> | 2012-09-28 11:32:15 -0700 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2012-09-28 11:32:15 -0700 |
| commit | ad8bda219e9d9b18144ace7853997c536bb2f1fc (patch) | |
| tree | ddb3258752535875a784b2f289563589d9c6b250 /services/java | |
| parent | 46cc524a6c45d169750290f06672ee6343af51d7 (diff) | |
| parent | 64d1f3efd759b70462aecb6cf1d8c733872a8911 (diff) | |
| download | frameworks_base-ad8bda219e9d9b18144ace7853997c536bb2f1fc.zip frameworks_base-ad8bda219e9d9b18144ace7853997c536bb2f1fc.tar.gz frameworks_base-ad8bda219e9d9b18144ace7853997c536bb2f1fc.tar.bz2 | |
am 64d1f3ef: DO NOT MERGE - Full (local) restore security changes
* commit '64d1f3efd759b70462aecb6cf1d8c733872a8911':
DO NOT MERGE - Full (local) restore security changes
Diffstat (limited to 'services/java')
| -rw-r--r-- | services/java/com/android/server/BackupManagerService.java | 63 |
1 files changed, 43 insertions, 20 deletions
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java index 2167c49..1f3f172 100644 --- a/services/java/com/android/server/BackupManagerService.java +++ b/services/java/com/android/server/BackupManagerService.java @@ -2450,6 +2450,21 @@ class BackupManagerService extends IBackupManager.Stub { } } + // Cull any packages that run as system-domain uids but do not define their + // own backup agents + for (int i = 0; i < packagesToBackup.size(); ) { + PackageInfo pkg = packagesToBackup.get(i); + if ((pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID) + && (pkg.applicationInfo.backupAgentName == null)) { + if (MORE_DEBUG) { + Slog.i(TAG, "... ignoring non-agent system package " + pkg.packageName); + } + packagesToBackup.remove(i); + } else { + i++; + } + } + FileOutputStream ofstream = new FileOutputStream(mOutputFile.getFileDescriptor()); OutputStream out = null; @@ -3664,29 +3679,37 @@ class BackupManagerService extends IBackupManager.Stub { // Fall through to IGNORE if the app explicitly disallows backup final int flags = pkgInfo.applicationInfo.flags; if ((flags & ApplicationInfo.FLAG_ALLOW_BACKUP) != 0) { - // Verify signatures against any installed version; if they - // don't match, then we fall though and ignore the data. The - // signatureMatch() method explicitly ignores the signature - // check for packages installed on the system partition, because - // such packages are signed with the platform cert instead of - // the app developer's cert, so they're different on every - // device. - if (signaturesMatch(sigs, pkgInfo)) { - if (pkgInfo.versionCode >= version) { - Slog.i(TAG, "Sig + version match; taking data"); - policy = RestorePolicy.ACCEPT; + // Restore system-uid-space packages only if they have + // defined a custom backup agent + if ((pkgInfo.applicationInfo.uid >= Process.FIRST_APPLICATION_UID) + || (pkgInfo.applicationInfo.backupAgentName != null)) { + // Verify signatures against any installed version; if they + // don't match, then we fall though and ignore the data. The + // signatureMatch() method explicitly ignores the signature + // check for packages installed on the system partition, because + // such packages are signed with the platform cert instead of + // the app developer's cert, so they're different on every + // device. + if (signaturesMatch(sigs, pkgInfo)) { + if (pkgInfo.versionCode >= version) { + Slog.i(TAG, "Sig + version match; taking data"); + policy = RestorePolicy.ACCEPT; + } else { + // The data is from a newer version of the app than + // is presently installed. That means we can only + // use it if the matching apk is also supplied. + Slog.d(TAG, "Data version " + version + + " is newer than installed version " + + pkgInfo.versionCode + " - requiring apk"); + policy = RestorePolicy.ACCEPT_IF_APK; + } } else { - // The data is from a newer version of the app than - // is presently installed. That means we can only - // use it if the matching apk is also supplied. - Slog.d(TAG, "Data version " + version - + " is newer than installed version " - + pkgInfo.versionCode + " - requiring apk"); - policy = RestorePolicy.ACCEPT_IF_APK; + Slog.w(TAG, "Restore manifest signatures do not match " + + "installed application for " + info.packageName); } } else { - Slog.w(TAG, "Restore manifest signatures do not match " - + "installed application for " + info.packageName); + Slog.w(TAG, "Package " + info.packageName + + " is system level with no agent"); } } else { if (DEBUG) Slog.i(TAG, "Restore manifest from " |