Merge "Properly fix revokePermissionsNoLongerImplicitLocked() for shared UIDs." am: adf939b3

            }

        }

        synchronized (mLock) {

            for (final int userId : userIds) {

                final UserPermissionState userState = mState.getOrCreateUserState(userId);

                final UidPermissionState uidState = userState.getOrCreateUidState(ps.getAppId());

                if (uidState.isMissing()) {

        Collection<String> uidRequestedPermissions;

                    int targetSdkVersion;

        Collection<String> uidImplicitPermissions;

        int uidTargetSdkVersion;

        if (!ps.isSharedUser()) {

            uidRequestedPermissions = pkg.getRequestedPermissions();

                        targetSdkVersion = pkg.getTargetSdkVersion();

            uidImplicitPermissions = pkg.getImplicitPermissions();

            uidTargetSdkVersion = pkg.getTargetSdkVersion();

        } else {

            uidRequestedPermissions = new ArraySet<>();

                        targetSdkVersion = Build.VERSION_CODES.CUR_DEVELOPMENT;

            uidImplicitPermissions = new ArraySet<>();

            uidTargetSdkVersion = Build.VERSION_CODES.CUR_DEVELOPMENT;

            List<AndroidPackage> packages = ps.getSharedUser().getPackages();

            int packagesSize = packages.size();

            for (int i = 0; i < packagesSize; i++) {

                AndroidPackage sharedUserPackage = packages.get(i);

                uidRequestedPermissions.addAll(

                        sharedUserPackage.getRequestedPermissions());

                            targetSdkVersion = Math.min(targetSdkVersion,

                uidImplicitPermissions.addAll(

                        sharedUserPackage.getImplicitPermissions());

                uidTargetSdkVersion = Math.min(uidTargetSdkVersion,

                        sharedUserPackage.getTargetSdkVersion());

            }

        }

        synchronized (mLock) {

            for (final int userId : userIds) {

                final UserPermissionState userState = mState.getOrCreateUserState(userId);

                final UidPermissionState uidState = userState.getOrCreateUidState(ps.getAppId());

                if (uidState.isMissing()) {

                    for (String permissionName : uidRequestedPermissions) {

                        Permission permission = mRegistry.getPermission(permissionName);

                        if (permission == null) {

                                        FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT,

                                        FLAG_PERMISSION_RESTRICTION_UPGRADE_EXEMPT);

                            }

                            if (targetSdkVersion < Build.VERSION_CODES.M) {

                            if (uidTargetSdkVersion < Build.VERSION_CODES.M) {

                                uidState.updatePermissionFlags(permission,

                                        PackageManager.FLAG_PERMISSION_REVIEW_REQUIRED

                                                | PackageManager.FLAG_PERMISSION_REVOKED_COMPAT,

                    userState.setInstallPermissionsFixed(ps.name, true);

                }

                updatedUserIds = revokePermissionsNoLongerImplicitLocked(uidState, pkg,

                        userId, updatedUserIds);

                updatedUserIds = revokePermissionsNoLongerImplicitLocked(uidState,

                        pkg.getPackageName(), uidImplicitPermissions, uidTargetSdkVersion, userId,

                        updatedUserIds);

                updatedUserIds = setInitialGrantForNewImplicitPermissionsLocked(origState,

                        uidState, pkg, newImplicitPermissions, userId, updatedUserIds);

            }

     * {@link PackageManager#FLAG_PERMISSION_REVOKE_WHEN_REQUESTED} set.

     *

     * @param ps The state of the permissions of the package

     * @param pkg The package that is currently looked at

     * @param packageName The name of the package

     * @param uidImplicitPermissions The implicit permissions of all packages in the UID

     * @param uidTargetSdkVersion The lowest target SDK version of all packages in the UID

     * @param userIds All user IDs in the system, must be passed in because this method is locked

     * @param updatedUserIds a list of user ids that needs to be amended if the permission state

     *                       for a user is changed.

     */

    @GuardedBy("mLock")

    private @NonNull int[] revokePermissionsNoLongerImplicitLocked(@NonNull UidPermissionState ps,

            @NonNull AndroidPackage pkg, int userId, @NonNull int[] updatedUserIds) {

        String pkgName = pkg.getPackageName();

        boolean supportsRuntimePermissions = pkg.getTargetSdkVersion()

                >= Build.VERSION_CODES.M;

            @NonNull String packageName, @NonNull Collection<String> uidImplicitPermissions,

            int uidTargetSdkVersion, int userId, @NonNull int[] updatedUserIds) {

        boolean supportsRuntimePermissions = uidTargetSdkVersion >= Build.VERSION_CODES.M;

        for (String permission : ps.getGrantedPermissions()) {

            if (pkg.getRequestedPermissions().contains(permission)

                    && !pkg.getImplicitPermissions().contains(permission)) {

            if (!uidImplicitPermissions.contains(permission)) {

                Permission bp = mRegistry.getPermission(permission);

                if (bp != null && bp.isRuntime()) {

                    int flags = ps.getPermissionFlags(permission);

                            if (ps.revokePermission(bp)) {

                                if (DEBUG_PERMISSIONS) {

                                    Slog.i(TAG, "Revoking runtime permission "

                                            + permission + " for " + pkgName

                                            + permission + " for " + packageName

                                            + " as it is now requested");

                                }

                            }