This cl introduces logic to serialize restore
operations. An incoming restore operation will
wait for the currently running restore to
complete.
Bug: 29010684
Test: Tested manually by installing an app while a restore was in
progress.
Change-Id: Ic88fdf2a6dcfab64853fe460c649380eea644774
This cl is part of a group of CLs to support
some parallelism in BackupManager's operations.
Separate message ids are used for handler messages
for backup and restore operations so that both
operations can run parallely.
Bug: 29010684
Test: Manually tested by installing a test backup agent that times out.
Change-Id: I57a5d063fb4446e610af81ac6f039d3fc8414a46
If none of the requested packages are valid packages,
we'd run into this issue where PerformBackupTask#mQueue
is null but we try to iterate over it in finalizeBackup()
Fix is to use an empty queue as the default value instead
of null.
Bug: 35380067
Test: Manually tested by trying to backup a non-existent package.
Change-Id: Ibb2d03d5f8270bcb448ee083ee02964236aca92b
handleCancel was being called on an operation
while we are iterating over all operations.
This can cause issues if handleCancel modifies
the array containing all operations.
Test: Run cancelBackup GTS tests.
Change-Id: If3fbe7b5d9e61aa870f8f6e0dd1654e735c0c5b8
This CL adds more instumentation to
backup/restore operation in the BackupManager. For more details please
point to:
https://docs.google.com/document/d/1sUboR28LjkT1wRXOwVOV3tLo0qisiCvzxIGmzCVEjbI/edit#
This first Cl introduces 3 events that we sent to the monitor.
The base cl is ag/1835775
Test: TODO
BUG: 34873525
Change-Id: I127fe739a7522078eecce2ae689a4607203a98da
This is the first CL of many that will add instumentation to
backup/restore operation in the BackupManager. For more details please
point to:
https://docs.google.com/document/d/1sUboR28LjkT1wRXOwVOV3tLo0qisiCvzxIGmzCVEjbI/edit#
This first Cl introduces 3 events that we sent to the monitor.
Test: ag/1858962 (same topic)
BUG: 34873525
Change-Id: I6c338b6fd9f4d7c8670dac201897250b6b170677
The bmgr whitelist command was broken
after the selectTransport api cl. This
cl fixes it.
Bug: 34953486
Test: Verify that adb shell bmgr whitelist prints all whitelisted
transports
Change-Id: I3c3275258a45a035a0ca9404d1016ca5663cceaf
This cl adds an API to select a backup
transport by its component name and
receive a callback when BackupManager
is bound to the transport. Calling this API
will make BackupManager bind to the transport
if it isn't already bound to it.
Also fixes the issue where BackupManager would
detect only one transport per package.
Ref: go/backup-transport-switching
Bug: 33616220
Test: Manually tested. GTS tests will be put up shortly.
Change-Id: I8c23bdbb84ceb05eb1fad9b3a8b9c4441cb06c74
This cl adds a new requestBackup API to
BackupManager that takes in an int flag
to indicate whether the caller wants the
entire key value set to be passed to the
transport and not just a diff.
Change-Id: Ia225797a58c4431fe742f2f116b257d006b30cd1
Bug: 33749084
Ref: go/request-backup-api-changes
Test: GTS Test at ag/1774002
com.android.server.backup.BackupManagerService#parseLeftoverJournals
uses input stream to read UTF. The method used RandomAccessFile to
perform the operation. The change replace the RandomAccessFile with
a Buffered InputStream.
Bug: 32866032
Test: `make`
Change-Id: I6594cecc49cb6efcfdf73beb5e425688cf890722
The scheduling mechanism was properly checking for it, but the raw
data-handling engine wasn't. Now it is.
Bug 32054889
Change-Id: Id57ea12be8e2674c4f678f058278b8c14865b6fa
If writing both system + lock wallpapers winds up hitting the
transport-defined quota, the next backup operation steps back
to storing only the system wallpaper.
Also makes sure to unbind full-backup target agents following
the backup operation. In practice this usually doesn't matter
because the target gets killed following the operation, but
the wallpaper agent runs in the system process where this does
not happen, so was mistakenly being left in place and reused
for the next operation, failing to re-run the full create +
backup lifecycle.
Bug 28968107
Change-Id: I219c2ddd7e899a430ef4cf693b1259464c15eed5
Scheduling involves writing to journal file. This part can be done on the
background thread in order to speed up the unlocking. Deferring writes to
journal file should be safe, because the system will reschedule backups in
case of a crash.
Bug: 29619732
Bug: 29645167
Change-Id: I0667ac2bf159e0f40b7a5066f41ea0841df98437
We're losing the stream footer for mysterious reasons; maybe this
will help even though supposedly close() is expected to flush pending
buffered writes anyway. In particular, an explicit flush of the
compression stage will generate a SYNC_FLUSH point, which ordinary
deflate-at-close operation does not.
Bug 28056941
Change-Id: I96580411257932d7addb176c6672eae72a5ac6f7
Make sure we catch any exception thrown back from the transport,
rather than relying on it to maintain the interface surface. Some
exceptions turn out to be beyond the call-target's control to
prevent.
Bug 29761883
Change-Id: Ifafbac300e7d7dab793237b2fd47d3122751435f
* Exclude key/value-only backup participants until we have a chance to
augment the archive format with proper handling.
* Don't back up 'stopped' apps, which would un-stop them
* Fix unspecified-user bindService/startActivity invocations
* Teach adb restore about the onRestoreFinished() lifecycle method
* Implement proper app timeout handling in the adb data flows
* Backstop wallpaper backup against rare leftover-state issues
Bug 28056941
Change-Id: Ia59c71a2c74a632a2c2a527b9b7374229c440d46
Get the canonical identity and metadata about the package from the
Package Manager at time of usage rather than rely on the caller to
have gotten things right, even when the caller has the system uid.
Bug 28795098
Change-Id: I215786bc894dedf7ca28e9c80cefabd0e40ca877
Gracefully no-op if apps attempt to restore themselves while there is
a backup pass in flight.
Bug 29135379
Change-Id: I8f0b5cd9d149b703e1de7a3a0b4b54c3aff766b6
Work around nebulous lost-timeout issues by adding a backstop timeout
to "wait for result" latch operations. When we hit these, the initial
conditions will be reported as final result; so make those intial states
match the error condition that is appropriate to such a timeout.
Bug 28963707
Change-Id: I4d21a86c48e87633118b1e6eaa05c1d966efec81
Sysconfig define a whitelist of permitted backup transports
Previously any apk bundled in priv-app could insert a backup transport.
Reduce risk surface by giving the OEM explicit control over who is
allowed to handle backup data.
Bug 28406080
Backport of 494df79172 from N
Change-Id: I9f90e324169a68720d608f74754d284a7e59cf87
Sysconfig define a whitelist of permitted backup transports
Previously any apk bundled in priv-app could insert a backup transport.
Reduce risk surface by giving the OEM explicit control over who is
allowed to handle backup data.
Bug 28406080
Backport of 494df79172 from N
Change-Id: I405b49daee8c576584575c3e46877cc97632d8c6
...because the other in-VM reference to that FD means that it won't
get GC'd after we release our local reference to the containing object,
and we wind up with the feeder end blocking on write to a still-fully-
open pipe rather than being made aware that the read end has needed
to shut down.
Bug 28756668
Change-Id: I90b6aaeaabe7d912d96d7ef57c24f68d87d9d0ab
Previously any apk bundled in priv-app could insert a backup transport.
Reduce risk surface by giving the OEM explicit control over who is
allowed to handle backup data.
Bug 28406080
Change-Id: I84ed954c31b41b671825122e537971b110e00a4d
