Don't back up / restore non-primary users' data (aac71ff4) · Commits · e / os / android_frameworks_base

core/java/android/os/UserId.java

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -33,6 +33,8 @@ public final class UserId {
	/** A user id to indicate the currently active user */		/** A user id to indicate the currently active user */
	public static final int USER_CURRENT = -2;		public static final int USER_CURRENT = -2;

			/** A user id constant to indicate the "owner" user of the device */
			public static final int USER_OWNER = 0;

	/**		/**
	* Enable multi-user related side effects. Set this to false if there are problems with single		* Enable multi-user related side effects. Set this to false if there are problems with single

services/java/com/android/server/BackupManagerService.java

+23 −0

Original line number	Original line	Diff line number	Diff line
	@@ -65,6 +65,7 @@ import android.os.Process;
	import android.os.RemoteException;		import android.os.RemoteException;
	import android.os.ServiceManager;		import android.os.ServiceManager;
	import android.os.SystemClock;		import android.os.SystemClock;
			import android.os.UserId;
	import android.os.WorkSource;		import android.os.WorkSource;
	import android.os.storage.IMountService;		import android.os.storage.IMountService;
	import android.provider.Settings;		import android.provider.Settings;
	@@ -4845,6 +4846,18 @@ class BackupManagerService extends IBackupManager.Stub {
	// ----- IBackupManager binder interface -----		// ----- IBackupManager binder interface -----

	public void dataChanged(final String packageName) {		public void dataChanged(final String packageName) {
			final int callingUserHandle = UserId.getCallingUserId();
			if (callingUserHandle != UserId.USER_OWNER) {
			// App is running under a non-owner user profile. For now, we do not back
			// up data from secondary user profiles.
			// TODO: backups for all user profiles.
			if (MORE_DEBUG) {
			Slog.v(TAG, "dataChanged(" + packageName + ") ignored because it's user "
			+ callingUserHandle);
			}
			return;
			}

	final HashSet<String> targets = dataChangedTargets(packageName);		final HashSet<String> targets = dataChangedTargets(packageName);
	if (targets == null) {		if (targets == null) {
	Slog.w(TAG, "dataChanged but no participant pkg='" + packageName + "'"		Slog.w(TAG, "dataChanged but no participant pkg='" + packageName + "'"
	@@ -4937,6 +4950,11 @@ class BackupManagerService extends IBackupManager.Stub {
	boolean doAllApps, boolean includeSystem, String[] pkgList) {		boolean doAllApps, boolean includeSystem, String[] pkgList) {
	mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullBackup");		mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullBackup");

			final int callingUserHandle = UserId.getCallingUserId();
			if (callingUserHandle != UserId.USER_OWNER) {
			throw new IllegalStateException("Backup supported only for the device owner");
			}

	// Validate		// Validate
	if (!doAllApps) {		if (!doAllApps) {
	if (!includeShared) {		if (!includeShared) {
	@@ -5001,6 +5019,11 @@ class BackupManagerService extends IBackupManager.Stub {
	public void fullRestore(ParcelFileDescriptor fd) {		public void fullRestore(ParcelFileDescriptor fd) {
	mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullRestore");		mContext.enforceCallingPermission(android.Manifest.permission.BACKUP, "fullRestore");

			final int callingUserHandle = UserId.getCallingUserId();
			if (callingUserHandle != UserId.USER_OWNER) {
			throw new IllegalStateException("Restore supported only for the device owner");
			}

	long oldId = Binder.clearCallingIdentity();		long oldId = Binder.clearCallingIdentity();

	try {		try {