[Multi-user] Properly check for system apps in multi-user context

            // The agent was running with a stub Application object, so shut it down.

            // !!! We hardcode the confirmation UI's package name here rather than use a

            //     manifest flag!  TODO something less direct.

            if (app.uid >= Process.FIRST_APPLICATION_UID

            if (!UserHandle.isCore(app.uid)

                    && !app.packageName.equals("com.android.backupconfirm")) {

                if (MORE_DEBUG) Slog.d(TAG, "Killing agent host process");

                mActivityManager.killApplicationProcess(app.processName, app.uid);

import android.os.Bundle;

import android.os.Message;

import android.os.ParcelFileDescriptor;

import android.os.Process;

import android.os.RemoteException;

import android.os.SystemClock;

import android.os.UserHandle;

import android.util.EventLog;

import android.util.Slog;

                //     b. the app does not state android:killAfterRestore="false" in its manifest

                final int appFlags = mCurrentPackage.applicationInfo.flags;

                final boolean killAfterRestore =

                        (mCurrentPackage.applicationInfo.uid >= Process.FIRST_APPLICATION_UID)

                        !UserHandle.isCore(mCurrentPackage.applicationInfo.uid)

                                && ((mRestoreDescription.getDataType()

                                == RestoreDescription.TYPE_FULL_STREAM)

                                || ((appFlags & ApplicationInfo.FLAG_KILL_AFTER_RESTORE) != 0));

import android.content.pm.PackageManagerInternal;

import android.content.pm.Signature;

import android.content.pm.SigningInfo;

import android.os.Process;

import android.os.RemoteException;

import android.os.UserHandle;

import android.util.Slog;

        }

        // 2. they run as a system-level uid

        if ((app.uid < Process.FIRST_APPLICATION_UID)) {

        if (UserHandle.isCore(app.uid)) {

            // and the backup is happening for non-system user

            if (userId != UserHandle.USER_SYSTEM && !app.packageName.equals(

                    PACKAGE_MANAGER_SENTINEL)) {

import android.content.pm.Signature;

import android.os.Bundle;

import android.os.IBinder;

import android.os.Process;

import android.os.UserHandle;

import android.util.Slog;

import com.android.internal.annotations.GuardedBy;

                            if (AppBackupUtils.signaturesMatch(sigs, pkg, pmi)) {

                                // If this is a system-uid app without a declared backup agent,

                                // don't restore any of the file data.

                                if ((pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID)

                                if (UserHandle.isCore(pkg.applicationInfo.uid)

                                        && (pkg.applicationInfo.backupAgentName == null)) {

                                    Slog.w(TAG, "Installed app " + info.packageName

                                            + " has restricted uid and no agent");

import android.content.pm.PackageManagerInternal;

import android.content.pm.Signature;

import android.os.Bundle;

import android.os.Process;

import android.os.UserHandle;

import android.util.Slog;

import com.android.server.backup.FileMetadata;

            if ((flags & ApplicationInfo.FLAG_ALLOW_BACKUP) != 0) {

                // Restore system-uid-space packages only if they have

                // defined a custom backup agent

                if ((pkgInfo.applicationInfo.uid

                        >= Process.FIRST_APPLICATION_UID)

                if (!UserHandle.isCore(pkgInfo.applicationInfo.uid)

                        || (pkgInfo.applicationInfo.backupAgentName != null)) {

                    // Verify signatures against any installed version; if they

                    // don't match, then we fall though and ignore the data.  The