Merge "Remove retailDemo protection flag implemenetation in the new subsystem." into main

package com.android.server.permission.access

import android.app.admin.DevicePolicyManagerInternal

import android.content.Context

import android.content.pm.PackageManager

import android.content.pm.PackageManagerInternal

        val userIds = MutableIntSet(userManagerService.userIdsIncludingPreCreated)

        val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates

        val knownPackages = packageManagerInternal.getKnownPackages(packageStates)

        val knownPackages = packageManagerInternal.knownPackages

        val isLeanback = systemConfig.isLeanback

        val configPermissions = systemConfig.permissions

        val privilegedPermissionAllowlistPackages =

        isSystemUpdated: Boolean

    ) {

        val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates

        val knownPackages = packageManagerInternal.getKnownPackages(packageStates)

        val knownPackages = packageManagerInternal.knownPackages

        mutateState {

            with(policy) {

                onStorageVolumeMounted(

    internal fun onPackageAdded(packageName: String) {

        val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates

        val knownPackages = packageManagerInternal.getKnownPackages(packageStates)

        val knownPackages = packageManagerInternal.knownPackages

        mutateState {

            with(policy) {

                onPackageAdded(

    internal fun onPackageRemoved(packageName: String, appId: Int) {

        val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates

        val knownPackages = packageManagerInternal.getKnownPackages(packageStates)

        val knownPackages = packageManagerInternal.knownPackages

        mutateState {

            with(policy) {

                onPackageRemoved(

    internal fun onPackageInstalled(packageName: String, userId: Int) {

        val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates

        val knownPackages = packageManagerInternal.getKnownPackages(packageStates)

        val knownPackages = packageManagerInternal.knownPackages

        mutateState {

            with(policy) {

                onPackageInstalled(

    internal fun onPackageUninstalled(packageName: String, appId: Int, userId: Int) {

        val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates

        val knownPackages = packageManagerInternal.getKnownPackages(packageStates)

        val knownPackages = packageManagerInternal.knownPackages

        mutateState {

            with(policy) {

                onPackageUninstalled(

    }

    internal fun onSystemReady() {

        val (packageStates, disabledSystemPackageStates) = packageManagerLocal.allPackageStates

        val knownPackages = packageManagerInternal.getKnownPackages(packageStates)

        mutateState {

            with(policy) {

                onSystemReady(packageStates, disabledSystemPackageStates, knownPackages)

            }

        }

        mutateState { with(policy) { onSystemReady() } }

    }

    private val PackageManagerLocal.allPackageStates:

        Pair<Map<String, PackageState>, Map<String, PackageState>>

        get() = withUnfilteredSnapshot().use { it.packageStates to it.disabledSystemPackageStates }

    private fun PackageManagerInternal.getKnownPackages(

        packageStates: Map<String, PackageState>

    ): IntMap<Array<String>> =

    private val PackageManagerInternal.knownPackages: IntMap<Array<String>>

        get() =

            MutableIntMap<Array<String>>().apply {

            this[KnownPackages.PACKAGE_INSTALLER] =

                getKnownPackageNames(KnownPackages.PACKAGE_INSTALLER, UserHandle.USER_SYSTEM)

            this[KnownPackages.PACKAGE_PERMISSION_CONTROLLER] =

                getKnownPackageNames(

                    KnownPackages.PACKAGE_PERMISSION_CONTROLLER,

                    UserHandle.USER_SYSTEM

                this[KnownPackages.PACKAGE_INSTALLER] = getKnownPackageNames(

                    KnownPackages.PACKAGE_INSTALLER, UserHandle.USER_SYSTEM

                )

            this[KnownPackages.PACKAGE_VERIFIER] =

                getKnownPackageNames(KnownPackages.PACKAGE_VERIFIER, UserHandle.USER_SYSTEM)

            this[KnownPackages.PACKAGE_SETUP_WIZARD] =

                getKnownPackageNames(KnownPackages.PACKAGE_SETUP_WIZARD, UserHandle.USER_SYSTEM)

            this[KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER] =

                getKnownPackageNames(

                    KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER,

                    UserHandle.USER_SYSTEM

                this[KnownPackages.PACKAGE_PERMISSION_CONTROLLER] = getKnownPackageNames(

                    KnownPackages.PACKAGE_PERMISSION_CONTROLLER, UserHandle.USER_SYSTEM

                )

            this[KnownPackages.PACKAGE_CONFIGURATOR] =

                getKnownPackageNames(KnownPackages.PACKAGE_CONFIGURATOR, UserHandle.USER_SYSTEM)

            this[KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER] =

                getKnownPackageNames(

                    KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER,

                    UserHandle.USER_SYSTEM

                this[KnownPackages.PACKAGE_VERIFIER] = getKnownPackageNames(

                    KnownPackages.PACKAGE_VERIFIER, UserHandle.USER_SYSTEM

                )

                this[KnownPackages.PACKAGE_SETUP_WIZARD] = getKnownPackageNames(

                    KnownPackages.PACKAGE_SETUP_WIZARD, UserHandle.USER_SYSTEM

                )

                this[KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER] = getKnownPackageNames(

                    KnownPackages.PACKAGE_SYSTEM_TEXT_CLASSIFIER, UserHandle.USER_SYSTEM

                )

                this[KnownPackages.PACKAGE_CONFIGURATOR] = getKnownPackageNames(

                    KnownPackages.PACKAGE_CONFIGURATOR, UserHandle.USER_SYSTEM

                )

                this[KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER] = getKnownPackageNames(

                    KnownPackages.PACKAGE_INCIDENT_REPORT_APPROVER, UserHandle.USER_SYSTEM

                )

                this[KnownPackages.PACKAGE_APP_PREDICTOR] = getKnownPackageNames(

                    KnownPackages.PACKAGE_APP_PREDICTOR, UserHandle.USER_SYSTEM

                )

                this[KnownPackages.PACKAGE_COMPANION] = getKnownPackageNames(

                    KnownPackages.PACKAGE_COMPANION, UserHandle.USER_SYSTEM

                )

                this[KnownPackages.PACKAGE_RETAIL_DEMO] = getKnownPackageNames(

                    KnownPackages.PACKAGE_RETAIL_DEMO, UserHandle.USER_SYSTEM

                )

                this[KnownPackages.PACKAGE_RECENTS] = getKnownPackageNames(

                    KnownPackages.PACKAGE_RECENTS, UserHandle.USER_SYSTEM

                )

            this[KnownPackages.PACKAGE_APP_PREDICTOR] =

                getKnownPackageNames(KnownPackages.PACKAGE_APP_PREDICTOR, UserHandle.USER_SYSTEM)

            this[KnownPackages.PACKAGE_COMPANION] =

                getKnownPackageNames(KnownPackages.PACKAGE_COMPANION, UserHandle.USER_SYSTEM)

            this[KnownPackages.PACKAGE_RETAIL_DEMO] =

                getKnownPackageNames(KnownPackages.PACKAGE_RETAIL_DEMO, UserHandle.USER_SYSTEM)

                    .filter { isProfileOwner(it, packageStates) }

                    .toTypedArray()

            this[KnownPackages.PACKAGE_RECENTS] =

                getKnownPackageNames(KnownPackages.PACKAGE_RECENTS, UserHandle.USER_SYSTEM)

        }

    private fun isProfileOwner(

        packageName: String,

        packageStates: Map<String, PackageState>

    ): Boolean {

        val appId = packageStates[packageName]?.appId ?: return false

        val devicePolicyManagerInternal =

            LocalServices.getService(DevicePolicyManagerInternal::class.java) ?: return false

        // TODO(b/169395065): Figure out if this flow makes sense in Device Owner mode.

        return devicePolicyManagerInternal.isActiveProfileOwner(appId) ||

            devicePolicyManagerInternal.isActiveDeviceOwner(appId)

            }

    @OptIn(ExperimentalContracts::class)

        forEachSchemePolicy { with(it) { onPackageUninstalled(packageName, appId, userId) } }

    }

    fun MutateStateScope.onSystemReady(

        packageStates: Map<String, PackageState>,

        disabledSystemPackageStates: Map<String, PackageState>,

        knownPackages: IntMap<Array<String>>

    ) {

        newState.mutateExternalState().apply {

            setPackageStates(packageStates)

            setDisabledSystemPackageStates(disabledSystemPackageStates)

            setKnownPackages(knownPackages)

            setSystemReady(true)

        }

    fun MutateStateScope.onSystemReady() {

        newState.mutateExternalState().setSystemReady(true)

        forEachSchemePolicy { with(it) { onSystemReady() } }

    }

            // Special permissions for the system companion device manager.

            return true

        }

        if (

            permission.isRetailDemo &&

                packageName in knownPackages[KnownPackages.PACKAGE_RETAIL_DEMO]!!

        ) {

            // Special permission granted only to the OEM specified retail demo app.

            // Note that the original code was passing app ID as UID, so this behavior is kept

            // unchanged.

            return true

        }

        if (permission.isRecents && packageName in knownPackages[KnownPackages.PACKAGE_RECENTS]!!) {

            // Special permission for the recents app.

            return true

    }

    override fun MutateStateScope.onSystemReady() {

        // HACK: PACKAGE_USAGE_STATS is the only permission with the retailDemo protection flag,

        // and we have to wait until DevicePolicyManagerService is started to know whether the

        // retail demo package is a profile owner so that it can have the permission.

        // Since there's no simple callback for profile owner change, and we are deprecating and

        // removing the retailDemo protection flag in favor of a proper role soon, we can just

        // re-evaluate the permission here, which is also how the old implementation has been

        // working.

        // TODO: Partially revert ag/22690114 once we can remove support for the retailDemo

        //  protection flag.

        val externalState = newState.externalState

        for (packageName in externalState.knownPackages[KnownPackages.PACKAGE_RETAIL_DEMO]!!) {

            val appId = externalState.packageStates[packageName]?.appId ?: continue

            newState.userStates.forEachIndexed { _, userId, _ ->

                evaluatePermissionState(

                    appId,

                    userId,

                    Manifest.permission.PACKAGE_USAGE_STATS,

                    null

                )

            }

        }

        if (!privilegedPermissionAllowlistViolations.isEmpty()) {

            throw IllegalStateException(

                "Signature|privileged permissions not in privileged" +