From 5aba226d8ac28cbac5200ee3715a174683b1faa0 Mon Sep 17 00:00:00 2001 From: Christopher Tate Date: Wed, 6 May 2015 12:31:46 -0700 Subject: Fix requestRestore() of an app's own package The BACKUP permission check was being applied over-zealously. Bug 19336200 Change-Id: Ia52b5c5cc0fd8d19b74ee624be85113d1b8dca7e --- .../server/backup/BackupManagerService.java | 71 +++++++++++----------- 1 file changed, 37 insertions(+), 34 deletions(-) (limited to 'services/backup/java/com/android') diff --git a/services/backup/java/com/android/server/backup/BackupManagerService.java b/services/backup/java/com/android/server/backup/BackupManagerService.java index bfe8b5c..6c1023c 100644 --- a/services/backup/java/com/android/server/backup/BackupManagerService.java +++ b/services/backup/java/com/android/server/backup/BackupManagerService.java @@ -9368,44 +9368,47 @@ if (MORE_DEBUG) Slog.v(TAG, " + got " + nRead + "; now wanting " + (size - soF throw new SecurityException("No permission to restore other packages"); } - // So far so good; we're allowed to try to restore this package. Now - // check whether there is data for it in the current dataset, falling back - // to the ancestral dataset if not. - long token = getAvailableRestoreToken(packageName); - if (DEBUG) Slog.v(TAG, "restorePackage pkg=" + packageName - + " token=" + Long.toHexString(token)); - - // If we didn't come up with a place to look -- no ancestral dataset and - // the app has never been backed up from this device -- there's nothing - // to do but return failure. - if (token == 0) { - if (DEBUG) Slog.w(TAG, "No data available for this package; not restoring"); - return -1; - } - - String dirName; + // So far so good; we're allowed to try to restore this package. + long oldId = Binder.clearCallingIdentity(); try { - dirName = mRestoreTransport.transportDirName(); - } catch (RemoteException e) { - // Transport went AWOL; fail. - Slog.e(TAG, "Unable to contact transport for restore"); - return -1; - } + // Check whether there is data for it in the current dataset, falling back + // to the ancestral dataset if not. + long token = getAvailableRestoreToken(packageName); + if (DEBUG) Slog.v(TAG, "restorePackage pkg=" + packageName + + " token=" + Long.toHexString(token)); + + // If we didn't come up with a place to look -- no ancestral dataset and + // the app has never been backed up from this device -- there's nothing + // to do but return failure. + if (token == 0) { + if (DEBUG) Slog.w(TAG, "No data available for this package; not restoring"); + return -1; + } - // Stop the session timeout until we finalize the restore - mBackupHandler.removeMessages(MSG_RESTORE_TIMEOUT); + String dirName; + try { + dirName = mRestoreTransport.transportDirName(); + } catch (RemoteException e) { + // Transport went AWOL; fail. + Slog.e(TAG, "Unable to contact transport for restore"); + return -1; + } - // Ready to go: enqueue the restore request and claim success - long oldId = Binder.clearCallingIdentity(); - mWakelock.acquire(); - if (MORE_DEBUG) { - Slog.d(TAG, "restorePackage() : " + packageName); + // Stop the session timeout until we finalize the restore + mBackupHandler.removeMessages(MSG_RESTORE_TIMEOUT); + + // Ready to go: enqueue the restore request and claim success + mWakelock.acquire(); + if (MORE_DEBUG) { + Slog.d(TAG, "restorePackage() : " + packageName); + } + Message msg = mBackupHandler.obtainMessage(MSG_RUN_RESTORE); + msg.obj = new RestoreParams(mRestoreTransport, dirName, + observer, token, app, 0); + mBackupHandler.sendMessage(msg); + } finally { + Binder.restoreCallingIdentity(oldId); } - Message msg = mBackupHandler.obtainMessage(MSG_RUN_RESTORE); - msg.obj = new RestoreParams(mRestoreTransport, dirName, - observer, token, app, 0); - mBackupHandler.sendMessage(msg); - Binder.restoreCallingIdentity(oldId); return 0; } -- cgit v1.1