Merge "Fix more locking issues identified by @GuardedBy."

    @GuardedBy("mLock")

    private PermissionPolicyInternal mPermissionPolicyInternal;

    /**

     * For each foreground/background permission the mapping:

     * Background permission -> foreground permissions

     */

    @GuardedBy("mLock")

    private ArrayMap<String, List<String>> mBackgroundPermissions;

    /**

     * A permission backup might contain apps that are not installed. In this case we delay the

     * restoration until the app is installed.

    @GuardedBy("mLock")

    private CheckPermissionDelegate mCheckPermissionDelegate;

    @GuardedBy("mLock")

    @NonNull

    private final OnPermissionChangeListeners mOnPermissionChangeListeners;

    @GuardedBy("mLock")

        return PackageManager.PERMISSION_DENIED;

    }

    @GuardedBy("mLock")

    private boolean checkSinglePermissionInternalLocked(@NonNull UidPermissionState uidState,

            @NonNull String permissionName, boolean isInstantApp) {

        if (!uidState.isPermissionGranted(permissionName)) {

        return PackageManager.PERMISSION_DENIED;

    }

    @GuardedBy("mLock")

    private boolean checkSingleUidPermissionInternalLocked(int uid,

            @NonNull String permissionName) {

        ArraySet<String> permissions = mSystemPermissions.get(uid);

                Manifest.permission.OBSERVE_GRANT_REVOKE_PERMISSIONS,

                "addOnPermissionsChangeListener");

        synchronized (mLock) {

            mOnPermissionChangeListeners.addListenerLocked(listener);

        }

        mOnPermissionChangeListeners.addListener(listener);

    }

    @Override

        if (mPackageManagerInt.getInstantAppPackageName(Binder.getCallingUid()) != null) {

            throw new SecurityException("Instant applications don't have access to this method");

        }

        synchronized (mLock) {

            mOnPermissionChangeListeners.removeListenerLocked(listener);

        }

        mOnPermissionChangeListeners.removeListener(listener);

    }

    @Override

     *

     * @return The updated value of the {@code updatedUserIds} parameter

     */

    @GuardedBy("mLock")

    private @NonNull int[] revokePermissionsNoLongerImplicitLocked(@NonNull UidPermissionState ps,

            @NonNull AndroidPackage pkg, int userId, @NonNull int[] updatedUserIds) {

        String pkgName = pkg.getPackageName();

     * @param ps The permission state of the package

     * @param pkg The package requesting the permissions

     */

    @GuardedBy("mLock")

    private void inheritPermissionStateToNewImplicitPermissionLocked(

            @NonNull ArraySet<String> sourcePerms, @NonNull String newPerm,

            @NonNull UidPermissionState ps, @NonNull AndroidPackage pkg) {

     *

     * @return  List of users for which the permission state has been changed

     */

    @GuardedBy("mLock")

    private @NonNull int[] setInitialGrantForNewImplicitPermissionsLocked(

            @NonNull UidPermissionState origPs, @NonNull UidPermissionState ps,

            @NonNull AndroidPackage pkg, @NonNull ArraySet<String> newImplicitPermissions,

                        + packageName + " (" + pkg.getPath()

                        + ") not in privapp-permissions whitelist");

                if (RoSystemProperties.CONTROL_PRIVAPP_PERMISSIONS_ENFORCE) {

                    synchronized (mLock) {

                        if (mPrivappPermissionsViolations == null) {

                            mPrivappPermissionsViolations = new ArraySet<>();

                        }

                    }

                }

            }

        }

        return !RoSystemProperties.CONTROL_PRIVAPP_PERMISSIONS_ENFORCE;

    }

        return affectedUserId;

    }

    @GuardedBy("mLock")

    private boolean revokeUnusedSharedUserPermissionsLocked(

            List<AndroidPackage> pkgList, UidPermissionState uidState) {

        // Collect all used permissions in the UID

        }

    }

    /**

     * Cache background->foreground permission mapping.

     *

     * <p>This is only run once.

     */

    private void cacheBackgroundToForegoundPermissionMapping() {

        synchronized (mLock) {

            if (mBackgroundPermissions == null) {

                // Cache background -> foreground permission mapping.

                // Only system declares background permissions, hence mapping does never change.

                mBackgroundPermissions = new ArrayMap<>();

                for (Permission bp : mRegistry.getPermissions()) {

                    if (bp.getBackgroundPermission() != null) {

                        String fgPerm = bp.getName();

                        String bgPerm = bp.getBackgroundPermission();

                        List<String> fgPerms = mBackgroundPermissions.get(bgPerm);

                        if (fgPerms == null) {

                            fgPerms = new ArrayList<>();

                            mBackgroundPermissions.put(bgPerm, fgPerms);

                        }

                        fgPerms.add(fgPerm);

                    }

                }

            }

        }

    }

    /**

     * Update all packages on the volume, <u>beside</u> the changing package. If the changing

     * package is set too, all packages are updated.

            flags |= UPDATE_PERMISSIONS_ALL;

        }

        cacheBackgroundToForegoundPermissionMapping();

        Trace.traceBegin(TRACE_TAG_PACKAGE_MANAGER, "restorePermissionState");

        // Now update the permissions for all packages.

        if ((flags & UPDATE_PERMISSIONS_ALL) != 0) {

                            }

                        });

                    }

                    synchronized (mLock) {

                        mRegistry.removePermission(bp.getName());

                    }

                    continue;

                }

                final AndroidPackage sourcePkg =

        return builder.toString();

    }

    @GuardedBy("mLock")

    private int calculateCurrentPermissionFootprintLocked(@NonNull Permission permissionTree) {

        int size = 0;

        for (final Permission permission : mRegistry.getPermissions()) {

        return size;

    }

    @GuardedBy("mLock")

    private void enforcePermissionCapLocked(PermissionInfo info, Permission tree) {

        // We calculate the max size of permissions defined by this uid and throw

        // if that plus the size of 'info' would exceed our stated maximum.

    private void systemReady() {

        mSystemReady = true;

        synchronized (mLock) {

            if (mPrivappPermissionsViolations != null) {

                throw new IllegalStateException("Signature|privileged permissions not in "

                        + "privapp-permissions whitelist: " + mPrivappPermissionsViolations);

            }

        }

        mPermissionControllerManager = mContext.getSystemService(PermissionControllerManager.class);

        mPermissionPolicyInternal = LocalServices.getService(PermissionPolicyInternal.class);

        mMetricsLogger.write(log);

    }

    /**

     * Get the mapping of background permissions to their foreground permissions.

     *

     * <p>Only initialized in the system server.

     *

     * @return the map <bg permission -> list<fg perm>>

     */

    public @Nullable ArrayMap<String, List<String>> getBackgroundPermissions() {

        return mBackgroundPermissions;

    }

    @GuardedBy("mLock")

    @Nullable

    private UidPermissionState getUidStateLocked(@NonNull PackageSetting ps,

            @UserIdInt int userId) {

        return getUidStateLocked(ps.getAppId(), userId);

    }

    @GuardedBy("mLock")

    @Nullable

    private UidPermissionState getUidStateLocked(@NonNull AndroidPackage pkg,

            @UserIdInt int userId) {

        return getUidStateLocked(pkg.getUid(), userId);

    }

    @GuardedBy("mLock")

    @Nullable

    private UidPermissionState getUidStateLocked(@AppIdInt int appId, @UserIdInt int userId) {

        final UserPermissionState userState = mState.getUserState(userId);

        });

    }

    @GuardedBy("mLock")

    private void readLegacyPermissionStatesLocked(@NonNull UidPermissionState uidState,

            @NonNull Collection<LegacyPermissionState.PermissionState> permissionStates) {

        for (final LegacyPermissionState.PermissionState permissionState : permissionStates) {

            }

        }

        public void addListenerLocked(IOnPermissionsChangeListener listener) {

        public void addListener(IOnPermissionsChangeListener listener) {

            mPermissionListeners.register(listener);

        }

        public void removeListenerLocked(IOnPermissionsChangeListener listener) {

        public void removeListener(IOnPermissionsChangeListener listener) {

            mPermissionListeners.unregister(listener);

        }