DO NOT MERGE: Don't trust callers to supply app info to bindBackupAgent() (d85a4ed2) · Commits · e / os / android_frameworks_base

core/java/android/app/ActivityManagerNative.java

+6 −4

Original line number	Diff line number	Diff line
		@@ -1434,9 +1434,10 @@ public abstract class ActivityManagerNative extends Binder implements IActivityM

		case START_BACKUP_AGENT_TRANSACTION: {
		data.enforceInterface(IActivityManager.descriptor);
		ApplicationInfo info = ApplicationInfo.CREATOR.createFromParcel(data);
		String packageName = data.readString();
		int backupRestoreMode = data.readInt();
		boolean success = bindBackupAgent(info, backupRestoreMode);
		int userId = data.readInt();
		boolean success = bindBackupAgent(packageName, backupRestoreMode, userId);
		reply.writeNoException();
		reply.writeInt(success ? 1 : 0);
		return true;
		@@ -3125,13 +3126,14 @@ class ActivityManagerProxy implements IActivityManager
		return binder;
		}

		public boolean bindBackupAgent(ApplicationInfo app, int backupRestoreMode)
		public boolean bindBackupAgent(String packageName, int backupRestoreMode, int userId)
		throws RemoteException {
		Parcel data = Parcel.obtain();
		Parcel reply = Parcel.obtain();
		data.writeInterfaceToken(IActivityManager.descriptor);
		app.writeToParcel(data, 0);
		data.writeString(packageName);
		data.writeInt(backupRestoreMode);
		data.writeInt(userId);
		mRemote.transact(START_BACKUP_AGENT_TRANSACTION, data, reply, 0);
		reply.readException();
		boolean success = reply.readInt() != 0;

+1 −1

Original line number	Diff line number	Diff line
		@@ -163,7 +163,7 @@ public interface IActivityManager extends IInterface {
		int res) throws RemoteException;
		public IBinder peekService(Intent service, String resolvedType) throws RemoteException;

		public boolean bindBackupAgent(ApplicationInfo appInfo, int backupRestoreMode)
		public boolean bindBackupAgent(String packageName, int backupRestoreMode, int userId)
		throws RemoteException;
		public void clearPendingBackup() throws RemoteException;
		public void backupAgentCreated(String packageName, IBinder agent) throws RemoteException;

+2 −1

Original line number	Diff line number	Diff line
		@@ -1780,7 +1780,8 @@ class BackupManagerService extends IBackupManager.Stub {
		mConnecting = true;
		mConnectedAgent = null;
		try {
		if (mActivityManager.bindBackupAgent(app, mode)) {
		if (mActivityManager.bindBackupAgent(app.packageName, mode,
		UserHandle.USER_OWNER)) {
		Slog.d(TAG, "awaiting agent for " + app);

		// success; wait for the agent to arrive

+14 −2

Original line number	Diff line number	Diff line
		@@ -12823,10 +12823,22 @@ public final class ActivityManagerService extends ActivityManagerNative
		// Cause the target app to be launched if necessary and its backup agent
		// instantiated. The backup agent will invoke backupAgentCreated() on the
		// activity manager to announce its creation.
		public boolean bindBackupAgent(ApplicationInfo app, int backupMode) {
		if (DEBUG_BACKUP) Slog.v(TAG, "bindBackupAgent: app=" + app + " mode=" + backupMode);
		public boolean bindBackupAgent(String packageName, int backupMode, int userId) {
		if (DEBUG_BACKUP) Slog.v(TAG, "bindBackupAgent: app=" + packageName + " mode=" + backupMode);
		enforceCallingPermission("android.permission.CONFIRM_FULL_BACKUP", "bindBackupAgent");

		IPackageManager pm = AppGlobals.getPackageManager();
		ApplicationInfo app = null;
		try {
		app = pm.getApplicationInfo(packageName, 0, userId);
		} catch (RemoteException e) {
		// can't happen; package manager is process-local
		}
		if (app == null) {
		Slog.w(TAG, "Unable to bind backup agent for " + packageName);
		return false;
		}

		synchronized(this) {
		// !!! TODO: currently no check here that we're already bound
		BatteryStatsImpl.Uid.Pkg.Serv ss = null;