Ensure install-during-restore is like install-then-restoreics-mr1

When we've installed an apk from the archive, recheck whether to apply the system-uid policy restrictions around file system restores. Bug 8833099 (cherry picked from commit 2baf6dcfcf7fc1705db25e64dc0cb11fa3509d39) Change-Id: Ida5f7493694cb1d7544cd99a9b7a747f92cdb406
author: Christopher Tate <ctate@google.com> 2013-05-06 13:07:05 -0700
committer: Nick Kralevich <nnk@google.com> 2013-05-06 14:45:53 -0700
commit: d334a434a3f5f915743ce4a6f2a966c865516f0d (patch)
tree: 0a3e7e4640dc12665a6dc0ed44aedad6ffb2dbe0
parent: b67f4071f30478ddc89b798039a03ae4309b9a02 (diff)
download: base-ics-mr1.tar.gz
1 files changed, 10 insertions, 1 deletions
diff --git a/services/java/com/android/server/BackupManagerService.java b/services/java/com/android/server/BackupManagerService.java
index 07420ad60ddc..90c36a5e7aab 100644
--- a/services/java/com/android/server/BackupManagerService.java
+++ b/services/java/com/android/server/BackupManagerService.java
@@ -3515,7 +3515,16 @@ class BackupManagerService extends IBackupManager.Stub {
                             } else {
                                 // So far so good -- do the signatures match the manifest?
                                 Signature[] sigs = mManifestSignatures.get(info.packageName);
-                                if (!signaturesMatch(sigs, pkg)) {
+                                if (signaturesMatch(sigs, pkg)) {
+                                    // If this is a system-uid app without a declared backup agent,
+                                    // don't restore any of the file data.
+                                    if ((pkg.applicationInfo.uid < Process.FIRST_APPLICATION_UID)
+                                            && (pkg.applicationInfo.backupAgentName == null)) {
+                                        Slog.w(TAG, "Installed app " + info.packageName
+                                                + " has restricted uid and no agent");
+                                        okay = false;
+                                    }
+                                } else {
                                     Slog.w(TAG, "Installed app " + info.packageName
                                             + " signatures do not match restore manifest");
                                     okay = false;
author	Christopher Tate <ctate@google.com>	2013-05-06 13:07:05 -0700
committer	Nick Kralevich <nnk@google.com>	2013-05-06 14:45:53 -0700
commit	d334a434a3f5f915743ce4a6f2a966c865516f0d (patch)
tree	0a3e7e4640dc12665a6dc0ed44aedad6ffb2dbe0
parent	b67f4071f30478ddc89b798039a03ae4309b9a02 (diff)
download	base-ics-mr1.tar.gz