Allow restoring of apps that rotated key (313d225c) · Commits · e / os / android_frameworks_base

core/java/android/content/pm/PackageManagerInternal.java

+12 −0

Original line number	Diff line number	Diff line
		@@ -539,4 +539,16 @@ public abstract class PackageManagerInternal {
		/** Updates the flags for the given permission. */
		public abstract void updatePermissionFlagsTEMP(@NonNull String permName,
		@NonNull String packageName, int flagMask, int flagValues, int userId);

		/**
		* Returns true if it's still safe to restore data backed up from this app's version
		* that was signed with restoringFromSigHash.
		*/
		public abstract boolean isDataRestoreSafe(byte[] restoringFromSigHash, String packageName);

		/**
		* Returns true if it's still safe to restore data backed up from this app's version
		* that was signed with restoringFromSig.
		*/
		public abstract boolean isDataRestoreSafe(Signature restoringFromSig, String packageName);
		}

services/backup/java/com/android/server/backup/PackageManagerBackupAgent.java

+5 −2

Original line number	Diff line number	Diff line
		@@ -23,6 +23,7 @@ import android.content.ComponentName;
		import android.content.pm.ApplicationInfo;
		import android.content.pm.PackageInfo;
		import android.content.pm.PackageManager;
		import android.content.pm.PackageManagerInternal;
		import android.content.pm.ResolveInfo;
		import android.content.pm.PackageManager.NameNotFoundException;
		import android.content.pm.Signature;
		@@ -30,6 +31,7 @@ import android.os.Build;
		import android.os.ParcelFileDescriptor;
		import android.util.Slog;

		import com.android.server.LocalServices;
		import com.android.server.backup.utils.AppBackupUtils;

		import java.io.BufferedInputStream;
		@@ -235,7 +237,7 @@ public class PackageManagerBackupAgent extends BackupAgent {
		if (home != null) {
		try {
		homeInfo = mPackageManager.getPackageInfo(home.getPackageName(),
		PackageManager.GET_SIGNATURES);
		PackageManager.GET_SIGNING_CERTIFICATES);
		homeInstaller = mPackageManager.getInstallerPackageName(home.getPackageName());
		homeVersion = homeInfo.getLongVersionCode();
		homeSigHashes = BackupUtils.hashSignatureArray(homeInfo.signatures);
		@@ -252,10 +254,11 @@ public class PackageManagerBackupAgent extends BackupAgent {
		// 2. the home app [or absence] we now use differs from the prior state,
		// OR 3. it looks like we use the same home app + version as before, but
		// the signatures don't match so we treat them as different apps.
		PackageManagerInternal pmi = LocalServices.getService(PackageManagerInternal.class);
		final boolean needHomeBackup = (homeVersion != mStoredHomeVersion)
		\|\| !Objects.equals(home, mStoredHomeComponent)
		\|\| (home != null
		&& !BackupUtils.signaturesMatch(mStoredHomeSigHashes, homeInfo));
		&& !BackupUtils.signaturesMatch(mStoredHomeSigHashes, homeInfo, pmi));
		if (needHomeBackup) {
		if (DEBUG) {
		Slog.i(TAG, "Home preference changed; backing up new state " + home);

services/backup/java/com/android/server/backup/restore/FullRestoreEngine.java

+6 −1

Original line number	Diff line number	Diff line
		@@ -36,11 +36,13 @@ import android.app.backup.IFullBackupRestoreObserver;
		import android.content.pm.ApplicationInfo;
		import android.content.pm.PackageInfo;
		import android.content.pm.PackageManager.NameNotFoundException;
		import android.content.pm.PackageManagerInternal;
		import android.content.pm.Signature;
		import android.os.ParcelFileDescriptor;
		import android.os.RemoteException;
		import android.util.Slog;

		import com.android.server.LocalServices;
		import com.android.server.backup.BackupRestoreTask;
		import com.android.server.backup.FileMetadata;
		import com.android.server.backup.KeyValueAdbRestoreEngine;
		@@ -207,8 +209,11 @@ public class FullRestoreEngine extends RestoreEngine {
		if (info.path.equals(BACKUP_MANIFEST_FILENAME)) {
		Signature[] signatures = tarBackupReader.readAppManifestAndReturnSignatures(
		info);
		PackageManagerInternal pmi = LocalServices.getService(
		PackageManagerInternal.class);
		RestorePolicy restorePolicy = tarBackupReader.chooseRestorePolicy(
		mBackupManagerService.getPackageManager(), allowApks, info, signatures);
		mBackupManagerService.getPackageManager(), allowApks, info, signatures,
		pmi);
		mManifestSignatures.put(info.packageName, signatures);
		mPackagePolicies.put(pkg, restorePolicy);
		mPackageInstallers.put(pkg, info.installerPackageName);

services/backup/java/com/android/server/backup/restore/PerformAdbRestoreTask.java

+5 −1

Original line number	Diff line number	Diff line
		@@ -40,6 +40,7 @@ import android.app.backup.IFullBackupRestoreObserver;
		import android.content.pm.ApplicationInfo;
		import android.content.pm.PackageInfo;
		import android.content.pm.PackageManager.NameNotFoundException;
		import android.content.pm.PackageManagerInternal;
		import android.content.pm.Signature;
		import android.os.Environment;
		import android.os.ParcelFileDescriptor;
		@@ -47,6 +48,7 @@ import android.os.RemoteException;
		import android.util.Slog;

		import com.android.internal.annotations.VisibleForTesting;
		import com.android.server.LocalServices;
		import com.android.server.backup.BackupManagerService;
		import com.android.server.backup.FileMetadata;
		import com.android.server.backup.KeyValueAdbRestoreEngine;
		@@ -470,9 +472,11 @@ public class PerformAdbRestoreTask implements Runnable {
		if (info.path.equals(BACKUP_MANIFEST_FILENAME)) {
		Signature[] signatures = tarBackupReader.readAppManifestAndReturnSignatures(
		info);
		PackageManagerInternal pmi = LocalServices.getService(
		PackageManagerInternal.class);
		RestorePolicy restorePolicy = tarBackupReader.chooseRestorePolicy(
		mBackupManagerService.getPackageManager(), allowApks,
		info, signatures);
		info, signatures, pmi);
		mManifestSignatures.put(info.packageName, signatures);
		mPackagePolicies.put(pkg, restorePolicy);
		mPackageInstallers.put(pkg, info.installerPackageName);

services/backup/java/com/android/server/backup/restore/PerformUnifiedRestoreTask.java

+5 −2

Original line number	Diff line number	Diff line
		@@ -42,6 +42,7 @@ import android.app.backup.RestoreDescription;
		import android.content.pm.ApplicationInfo;
		import android.content.pm.PackageInfo;
		import android.content.pm.PackageManager;
		import android.content.pm.PackageManagerInternal;
		import android.content.pm.PackageManager.NameNotFoundException;
		import android.os.Bundle;
		import android.os.Message;
		@@ -56,6 +57,7 @@ import android.util.Slog;
		import com.android.internal.backup.IBackupTransport;
		import com.android.server.AppWidgetBackupBridge;
		import com.android.server.EventLogTags;
		import com.android.server.LocalServices;
		import com.android.server.backup.BackupRestoreTask;
		import com.android.server.backup.BackupUtils;
		import com.android.server.backup.PackageManagerBackupAgent;
		@@ -497,7 +499,7 @@ public class PerformUnifiedRestoreTask implements BackupRestoreTask {

		try {
		mCurrentPackage = backupManagerService.getPackageManager().getPackageInfo(
		pkgName, PackageManager.GET_SIGNATURES);
		pkgName, PackageManager.GET_SIGNING_CERTIFICATES);
		} catch (NameNotFoundException e) {
		// Whoops, we thought we could restore this package but it
		// turns out not to be present. Skip it.
		@@ -612,7 +614,8 @@ public class PerformUnifiedRestoreTask implements BackupRestoreTask {
		}

		Metadata metaInfo = mPmAgent.getRestoredMetadata(packageName);
		if (!BackupUtils.signaturesMatch(metaInfo.sigHashes, mCurrentPackage)) {
		PackageManagerInternal pmi = LocalServices.getService(PackageManagerInternal.class);
		if (!BackupUtils.signaturesMatch(metaInfo.sigHashes, mCurrentPackage, pmi)) {
		Slog.w(TAG, "Signature mismatch restoring " + packageName);
		mMonitor = BackupManagerMonitorUtils.monitorEvent(mMonitor,
		BackupManagerMonitor.LOG_EVENT_ID_SIGNATURE_MISMATCH, mCurrentPackage,