Merge "Delay update of all apps' user sensitive state" into rvc-dev am: eb84f960 am: 8d72cb0a

import static android.content.pm.PackageManager.FLAG_PERMISSION_AUTO_REVOKED;

import static android.content.pm.PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED;

import static android.content.pm.PackageManager.FLAG_PERMISSION_REVOKED_COMPAT;

import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED;

import static android.content.pm.PackageManager.FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED;

import static android.content.pm.PackageManager.GET_PERMISSIONS;

import static android.content.pm.PackageManager.MATCH_ALL;

import android.content.pm.PackageManagerInternal.PackageListObserver;

import android.content.pm.PermissionInfo;

import android.os.Build;

import android.os.Handler;

import android.os.Process;

import android.os.RemoteException;

import android.os.ServiceManager;

import android.telecom.TelecomManager;

import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.Log;

import android.util.LongSparseLongArray;

import android.util.Pair;

import android.util.Slog;

public final class PermissionPolicyService extends SystemService {

    private static final String LOG_TAG = PermissionPolicyService.class.getSimpleName();

    private static final boolean DEBUG = false;

    private static final long USER_SENSITIVE_UPDATE_DELAY_MS = 10000;

    private final Object mLock = new Object();

     * TODO ntmyren: Remove once propagated, and state is repaired

     */

    private void restoreReadPhoneStatePermissions(int userId) {

        PermissionControllerManager manager = new PermissionControllerManager(this.getContext(),

                Handler.getMain());

        PackageManager pm = getContext().getPackageManager();

        List<PackageInfo> packageInfos = pm.getInstalledPackagesAsUser(

                MATCH_ALL | GET_PERMISSIONS, userId);

                continue;

            }

            boolean hasReadPhoneState = false;

            UserHandle user = UserHandle.getUserHandleForUid(pI.applicationInfo.uid);

            for (int j = pI.requestedPermissions.length - 1; j >= 0; j--) {

                if (pI.requestedPermissions[j].equals(READ_PHONE_STATE)) {

                    hasReadPhoneState = true;

                }

            }

            if (!hasReadPhoneState) {

                continue;

            }

            Log.i(LOG_TAG, "Updating read phone state for " + pI.packageName + " "

                    + pI.applicationInfo.uid);

            manager.updateUserSensitiveForApp(pI.applicationInfo.uid);

            UserHandle user = UserHandle.getUserHandleForUid(pI.applicationInfo.uid);

            int permFlags = pm.getPermissionFlags(READ_PHONE_STATE, pI.packageName, user);

            if ((permFlags & FLAG_PERMISSION_AUTO_REVOKED) != 0) {

                    int flags = pm.getPermissionFlags(READ_PHONE_STATE, pI.packageName, user);

                    // If the app is auto revoked for read phone state, and is only user sensitive

                    // when granted, clear auto revoked flag.

                    if ((flags & FLAG_PERMISSION_AUTO_REVOKED) != 0

                            && (flags & FLAG_PERMISSION_USER_SENSITIVE_WHEN_GRANTED) != 0

                            && (flags & FLAG_PERMISSION_USER_SENSITIVE_WHEN_DENIED) == 0) {

                        pm.updatePermissionFlags(READ_PHONE_STATE, pI.packageName,

                                FLAG_PERMISSION_AUTO_REVOKED, 0, user);

                    }

                    break;

                }

            }

        }

    }

                throw new IllegalStateException(e);

            }

            permissionControllerManager.updateUserSensitive();

            FgThread.getHandler().postDelayed(permissionControllerManager::updateUserSensitive,

                    USER_SENSITIVE_UPDATE_DELAY_MS);

            packageManagerInternal.updateRuntimePermissionsFingerprint(userId);

        }