As part of bmgr activate, if the user is unlocked then we attempt to
start the backup service for them. However, as part of initialization,
AMS enforces the system uid so clear calling identity before starting
the service (as we have the shell uid).
Bug: 123572171
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest TrampolineTest
3) Manual: Unlock secondary user -> bmgr activate -> no exception thrown
and service started
Change-Id: I441491e19d9f3c9b49b5778d51ae5331230b129b
The previous check compared app uid directly to FIRST_APPLICATION_UID
which doesn't work for non-system users as uid incorporates the user id
(so system apps in non-system users would always be categorized as
non-system apps).
Bug: 122309666
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) Manual: verify system packages backed up for system user, not backed
up for non-system user.
Change-Id: I5e11b4b7c41d74d43d545e4831d09a9a3a59e5cf
All other schedule call sites for full backup and key value schedule
inline. The operation should be quick and scheduling on a separate
handler makes testing flaky.
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest ScheduledBackupHostSideTest
3) atest ProfileScheduledJobHostSideTest
Change-Id: Id6ae557080da5a98c2ac572ca6b4b7973b7a9c29
Key changes in this CL:
- Backup is now disabled by default in non-system users unless DPM
activates backup for this user AND the system user is activated. This
provides gating for the multi-user B&R feature.
- Activation is done via an 'activate' file that is per-user (but lives
in the system user directory to account for locked users).
- isBackupServiceActive() handles both locked and unlocked users.
- Added a bmgr command to expose isBackupServiceActive() for testing
purposes and enforce appropriate permissions.
Future CLs:
- Handle future migration to backup on by default for non-system users
- Change CTS tests to use the new bmgr command
Bug: 121306407
Test: 1) atest TrampolineTest
2) Start system user -> service started; run backup and restore
successfully
3) Start non-system user -> ignored;
4) adb shell bmgr --user 0 activate true -> security exception;
adb shell bmgr --user 10 activate true -> security exception (work
profile);
adb shell bmgr --user 11 activate true/false -> creates/deletes activate
file and starts/stops the service
Change-Id: Ic77db9b8b2e5170dcf89bef863dac4713730797a
Bug: 121198030
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest $(find \
frameworks/base/services/tests/servicestests/src/com/android/server/backup \
-name '*Test.java')
3) atest CtsBackupTestCases
4) atest CtsBackupHostTestCases
5) atest GtsBackupTestCases
6) atest GtsBackupHostTestCases
Manual testing:
1. Start secondary user -> verify fb-schedule file is created, full backup queue initialised
2. Verify fullbackup of 1 package for system/secondary users, [package] only exists for current user:
* bmgr --user [user-id] fullbackup [package]
* Verify in logs that backup is successful
* Uninstall/install [package]
* Verify data is restored
3. Verify fullbackup of 1 package for secondary user, [package] eixtst for user 0:
* bmgr fullbackup [package]
* bmgr --user [user-id] fullbackup [package]
* Verify in logs that backup is successful
* Uninstall/install [package] for secondary user
* bmgr --user [user-id] restore [token] [package]
* Verify the data restored is different from system user data and belongs to [user-id]
3. Verify backup of all packages for system/secondary users:
* bmgr --user [user-id] backupnow --all
* Verify system packages (android, settings, wallpaper) are skipped for secondary user
* Verify in logs that backup is successful
* Uninstall/install [package]
* Verify data is restored
Base -> Patchset 2: Update method calls to use asUser versions
Patchset 2 -> Patchset 3: Update opComplete callback to accept userId
Patchset 3 -> Patchset 4: Gate system packages from backup/restore for non-system users
Change-Id: Ic3986709ba4d46c0af9da45bb4dd682ee2aef3ce
We create a differnte suppressBackup file for each user, and gate
operations on that.
Backup still can't be toggled for other users that is not SYSTEM.
Test: atest TrampolineTest
Test: Verify backup works and restore works, just for user 0 for now.
BUG: 121198006
Change-Id: Ib4ecf48d248319e9d890515937fc087ef8f46039
Per-user CE directories are managed by vold so we don't need to
initialize or apply restorecon on them in our service.
Once the system user is migrated to the its CE directory, we can remove
the remaining restorecon and mkdirs logic.
Accompanies aosp/875352 and aosp/873133
Bug: 121197420
Test: 1) Boot device; check directories exist and labelled properly
for system user; perform backup successfully
2) Add secondary user; check directories exist and labelled properly;
perform backup succesfully
Change-Id: If848da4c9254db87b393fce6cfc4169785bfac51
1. The book-keeping needs to be per user.
2. The calls into IBackupManager need to pass in the userId.
3. convert clearPendingBackup to an internal service call.
Bug: 121197004
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest $(find \
frameworks/base/services/tests/servicestests/src/com/android/server/backup \
-name '*Test.java')
3) atest CtsBackupTestCases
4) atest CtsBackupHostTestCases
5) 'adb shell bmgr' enabled/backupnow flow
Change-Id: If49e00fc1d6aa770815c454f01b53865f6a68db4
Patchset 1: Introduce BackupJobIdManager to allocate/recycle IDs for KeyValueBackupJob and
FullBackupJob
Patchset 2: Update KeyValueBackupJob and FullBackupJob to work for multiple users — take in
userId as a parameter and use BackupJobIdManager to assign job IDs
Patchset 3: Update robo tests
The corresponding GTS ScheduledBackupHostSideTest will be updated in a separate CL with the same
topic.
Bug: 121198009
Test: 1) atest KeyValueBackupJobTest
2) atest KeyValueBackupTaskTest
Change-Id: Ifdba254b7084b3d0a1507cc6512e98399c1aad8f
Certain services were removed from being final fields in ag/5932642.
This change essentially reverts the deletions of those final fields.
Bug: 122591875
Test: atest cts.tests.app.src.android.app.cts.ActivityManagerTest#testIsAppForegroundRemoved
Change-Id: I403d214b31c964ee5587c35260138e0af12fd11e
Makes the BroadcastReceiver that receives changes to installed packages
and sdcards tied to a specific user.
Bug: 121198607
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) Manual testing with user 0 and 11:
- User started -> receiver registered for correct user;
- Package changed -> correct receiver;
- Package added -> correct receiver, updates bookkeeping for correct user;
- Package removed -> correct receiver, updates bookkeeping for correct user;
Change-Id: I68c034da6ec775a4d0489a2d09fc32854dcf11dc
Removed isAppForeground from the ActivityManager aidl and added it to
ActivityManagerInternal. Updated all of its references as well.
Bug: 119327603
Test: atest cts.tests.app.src.android.app.cts.ActivityManagerTest#testIsAppForegroundRemoved
Test: atest WifiServiceImplTest
Test: atest WifiLockManagerTest
Change-Id: I5c0fbe41df3cd00e02f8c0e1005fc9cf5832df77
Remove indirection in setting backup enabled state to call directly into
the UserBMS instance.
Bug: 121305979
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) During SUW -> backup initializes off;
Turn backup on in SUW -> backup enabled;
Subsequent boots -> backup initializes on
Change-Id: Ief688c4e1c14b443db87eda43ec0ee398282662f
1. For system user, functionality remains almost (see 2) exactly the
same.
2. Change the full backup dir which is used only to write temporary
manifest and meta dirs by the system process when doing full backup.
This is so that we dont have to worry unnecessarily about yet another dir.
Bug: 120424138
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest $(find \
frameworks/base/services/tests/servicestests/src/com/android/server/backup \
-name '*Test.java')
3) atest CtsBackupTestCases
4) atest CtsBackupHostTestCases
5) atest GtsBackupTestCases
6) atest GtsBackupHostTestCases
7) 'adb shell bmgr' enabled/backupnow flow
Change-Id: I9a33547c9595a86b62869ee731d4c75a029922e8
Use the "forUser" variation of getting/putting settings for the
following backup settings:
- backup_auto_restore
- backup_transport
- packages_to_clear_data_before_full_restore
Bug: 121305979
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) Verify default auto restore is true;
Toggle auto restore in UI -> changes UserBMS state;
Change current transport via bmgr -> changes UserBMS state;
Check settings for user 0 different from user 10;
3) Run backup pass, restore pass
Change-Id: I69e2a4f9c870dd7b5661dfa17f891384825926f5
Migrate from the global setting DEVICE_PROVISIONED to the per-user
setting USER_SETUP_COMPLETE. The logic for how the service handles
provisioned state is the same, only the setting we use to determine the
state is changed, as well as a rename to reflect this ("provisioned" ->
"setup complete").
ProvisionedObserver is now SetupObserver (move didn't persist b/c of
amount of changes to the file)
The BackupManagerMonitor log event id referencing provisioned will be
changed in a future CL as it requires an API change.
Bug: 121305979
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) Reset device, go through SUW -> not setupComplete;
Finish SUW -> setupComplete (verify logging + dumpsys) and jobs
scheduled;
Perform backup (not blocked by setupComplete);
Add new user -> setupComplete only after finishing SUW
Change-Id: Iddf9ce7853a13b2d51135047de1b270af7034c06
The original backup thread is now only used by Trampoline and BMS for
general non-user specific operations. Each UserBMS instance has its own
'backup-[user id]' thread to allow for parallelism between users. When a
user is stopped, we quit this thread.
Bug: 121305979
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) Start system user -> verify backup-0 thread created;
Start secondary user -> verify backup-10 thread created;
Stop secondary user -> verify backup-10 thread stopped;
Verify work posted to the thread is executed (register transports, bmgr
backupnow, etc.)
Change-Id: Iaa37fb3e2eb442653e27565ca13a88a0582efa9d
to one class for each.
This is to be able to see all filesystem access by backup/restore
together so as to prepare to make all these directories be per user.
Bug: 120424138
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest $(find \
frameworks/base/services/tests/servicestests/src/com/android/server/backup \
-name '*Test.java')
3) atest CtsBackupTestCases
4) atest CtsBackupHostTestCases
5) 'adb shell bmgr' enabled/backupnow flow
Change-Id: I9f30d22b9f609eaaf06d9e5a6fa5879ed1f0e653
Adds a handler for system service callbacks when a user is stopped. This
currently only unregisters the user in bookkeeping but will be used in
the future for cleanup work such as cancelling scheduled jobs, etc.
Bug: 120212806
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest TrampolineTest
3) Enable multi user + register user -> service started for user; stop
user -> user is unregistered
Change-Id: Ic712da646f961b9bb02c7d77d964a13345eca7ec
In Trampoline, initializing the BMS service and starting the service for
the system user are now handled separately. System and non-system users
now both use the same unlock callback to bring up their UserBMS instance.
Bug: 120212806
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest TrampolineTest
3) Unlock system user -> starts service for user
4) Multi-user enabled + unlock non-system user -> starts service for
user
Change-Id: Id49bb4a3834eb299be69d924b94a36794a4eb2e4
Also, a few additional small changes:
1) move getTransportWhitelist from UserBackupManagerService to
BackupManagerService since it doesn't depend on the user
2) remove setBackupProvisioned from BackupManagerService and
UserBackupManagerService since its unused and is a no-op. I'll remove
it from Trampoline and the AIDL in a future CL.
Bug: 120120742
Test: 1) atest RunBackupFrameworksServicesRoboTests
2) atest $(find \
frameworks/base/services/tests/servicestests/src/com/android/server/backup \
-name '*Test.java')
3) atest CtsBackupTestCases
4) atest CtsBackupHostTestCases
5) atest GtsBackupTestCases
6) atest GtsBackupHostTestCases
7) 'adb shell bmgr' enabled/backupnow flow
Change-Id: Iec932dac2ccd6200888e22b35a524a2aec834854
The user id will be used in methods to other system services and passed
to backup/restore subclasses.
Bug: 120212806
Test: atest RunFrameworksServicesRoboTests
Change-Id: I9aca91c3aca30ac0861438e438c4b96bb78e14ed
The BMS constructor is now only responsible for setting up the system
service. User registration logic is moved to its own helper that
Trampoline calls during a user unlock callback.
** Logic **
All IBackupManager methods that BMS implements now use bookkeeping to
get the UserBMS instance to act on. Currently the system user instance
is hardcoded in most methods as we don't pass in the user id parameter
(except for a few added in ag/5667585).
If these methods are called on a non-registered user, we log and return
a default value.
** Tests **
Each IBackupManager method now has four corresponding tests:
1) Permission denial test: No INTERACT_ACROSS_USERS_FULL permission +
non-calling user id = security exception (added in ag/5667585, only for
methods that take in an user id param currently).
2) Permission grant test: INTERACT_ACROSS_USERS_FULL permission +
non-calling user id = call forwarded.
3) Registered user test: Passing an user id that has a corresponding
UserBMS instance -> delegate call to that UserBMS instance.
4) Unknown user test: Passing an user id that has no corresponding
UserBMS instance -> no call forwarded.
These tests will be updated when more methods take in an user id param.
Bug: 120212806
Test: 1) atest RunFrameworksServicesRoboTests
2) Unlock system user -> starts service, registers transports
3) adb shell bmgr flows
4) atest TrampolineTest
5) CTS + GTS Backup test cases
6) SUW + Cloud restore; D2D
Change-Id: Ic04f754c75af905ee34c609063c08406e23671d5
Add an optional parameter -user to provide ID of the user for which to
run backup/restore operation. Add robolectric test to verify the
new parameter is proccessed correctly.
Bug: 119908153
Test: 1) atest BackupTest
2) atest BackupManagerServiceTest
3) atest TrampolineTest
4) atest GtsBackupTestCases
5) atest GtsBackupHostTestCases
6) Manual:
- Run "adb backup -all" and verify that backup is successfull
- Run "adb restore" and verify that restore is successfull
- Run "adb backup -all -user 10" and verify that backup faield as
it's only currently supported for system user
- Run "adb restore -user 10" and verify that restore failed as it's
only currently supported for system user
Change-Id: I6dbf9c87eedd5a72da0446beff7d2551f98f2654
Move per-user state initialization (directories for bookkeeping data and
transport manager) from BMS to UserBMS.
The UserBMS constructor is now private and callers should use the static
helper to create a new instance. This is primarily for three reasons:
1) Allows for extracting logic out of the constructor into helpers.
2) Allows for performing necessary user-specific setup in the future
such as data migration.
3) Allows for writing unit tests without having setters/getters
exclusively for tests.
Bug: 120212806
Test: 1) atest RunFrameworksServicesRoboTests
2) boot -> unlock user -> service started and verify transports
registered
3) adb shell bmgr backupnow [package] -> writes to /data dir
adb shell bmgr enable false -> writes to /data dir
4) adb shell bmgr backupnow --all -> writes to /cache dir
Change-Id: If88d95059951dbae0abf691629db1a05d27f743d
