Merge "Revert "Verify the incoming package first.""

        return mode == AppOpsManager.MODE_ALLOWED;

    }

    /**

     * Checks whether the calling package is trusted.

     *

     * The calling package is trusted if it's from system or the supposed package name matches the

     * UID making the call.

     *

     * @throws SecurityException if the package name and UID don't match.

     */

    private void verifyCallingPackage(String callingPackage) {

        final int callingUid = Binder.getCallingUid();

        // The caller is System or Shell.

        if (callingUid == SYSTEM_UID || isCallerShell()) {

            return;

        }

        // Handle the special UIDs that don't have real package (audioserver, cameraserver, etc).

        final String resolvedPackage = AppOpsManager.resolvePackageName(callingUid,

                null /* packageName */);

        if (resolvedPackage != null && resolvedPackage.equals(callingPackage)) {

            return;

        }

        final int claimedUid = getPackageManagerInternal().getPackageUid(callingPackage,

                0 /* flags */, UserHandle.getUserId(callingUid));

        if (callingUid == claimedUid) {

            return;

        }

        throw new SecurityException(

                "Claimed calling package " + callingPackage + " does not match the calling UID "

                        + Binder.getCallingUid());

    }

    private void enforceUsageStatsPermission(String callingPackage, String func) {

        verifyCallingPackage(callingPackage);

        // Since the protection level of PACKAGE_USAGE_STATS has 'appop', apps may grant this

        // permission via that way. We need to check both app-ops and permission.

    @Override

    public int getPackageProcessState(String packageName, String callingPackage) {

        if (!hasUsageStatsPermission(callingPackage)) {

            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS, func);

        }

            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,

                    "getPackageProcessState");

        }

    @Override

    public int getPackageProcessState(String packageName, String callingPackage) {

        enforceUsageStatsPermission(callingPackage, "getPackageProcessState");

        final int[] procState = {PROCESS_STATE_NONEXISTENT};

        synchronized (mProcLock) {

            mProcessList.forEachLruProcessesLOSP(false, proc -> {

    @Override

    public int getUidProcessState(int uid, String callingPackage) {

        enforceUsageStatsPermission(callingPackage, "getUidProcessState");

        if (!hasUsageStatsPermission(callingPackage)) {

            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,

                    "getUidProcessState");

        }

        synchronized (mProcLock) {

            return mProcessList.getUidProcStateLOSP(uid);

        }

    @Override

    public @ProcessCapability int getUidProcessCapabilities(int uid, String callingPackage) {

        enforceUsageStatsPermission(callingPackage, "getUidProcessCapabilities");

        if (!hasUsageStatsPermission(callingPackage)) {

            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,

                    "getUidProcessState");

        }

        synchronized (mProcLock) {

            return mProcessList.getUidProcessCapabilityLOSP(uid);

        }

    @Override

    public void registerUidObserver(IUidObserver observer, int which, int cutpoint,

            String callingPackage) {

        enforceUsageStatsPermission(callingPackage, "registerUidObserver");

        if (!hasUsageStatsPermission(callingPackage)) {

            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,

                    "registerUidObserver");

        }

        mUidObserverController.register(observer, which, cutpoint, callingPackage,

                Binder.getCallingUid());

    }

    @Override

    public boolean isUidActive(int uid, String callingPackage) {

        enforceUsageStatsPermission(callingPackage, "isUidActive");

        if (!hasUsageStatsPermission(callingPackage)) {

            enforceCallingPermission(android.Manifest.permission.PACKAGE_USAGE_STATS,

                    "isUidActive");

        }

        synchronized (mProcLock) {

            if (isUidActiveLOSP(uid)) {

                return true;

        try {

            ActivityManager.getService().registerUidObserver(mUidObserver,

                    ActivityManager.UID_OBSERVER_PROCSTATE | ActivityManager.UID_OBSERVER_GONE,

                    ActivityManager.PROCESS_STATE_UNKNOWN, mContext.getOpPackageName());

                    ActivityManager.PROCESS_STATE_UNKNOWN, null);

        } catch (RemoteException e) {

            // ignored; both services live in system_server

        }

                    | ActivityManager.UID_OBSERVER_CAPABILITY

        };

        final IUidObserver[] observers = new IUidObserver.Stub[changesToObserve.length];

        doReturn(Process.myUid()).when(sPackageManagerInternal)

                .getPackageUid(mContext.getOpPackageName(), 0 /* flags */, mContext.getUserId());

        for (int i = 0; i < observers.length; ++i) {

            observers[i] = mock(IUidObserver.Stub.class);

            when(observers[i].asBinder()).thenReturn((IBinder) observers[i]);

            mAms.registerUidObserver(observers[i], changesToObserve[i] /* which */,

                    ActivityManager.PROCESS_STATE_UNKNOWN /* cutpoint */,

                    mContext.getOpPackageName());

                    ActivityManager.PROCESS_STATE_UNKNOWN /* cutpoint */, null /* caller */);

            // When we invoke AMS.registerUidObserver, there are some interactions with observers[i]

            // mock in RemoteCallbackList class. We don't want to test those interactions and

        mockNoteOperation();

        final IUidObserver observer = mock(IUidObserver.Stub.class);

        when(observer.asBinder()).thenReturn((IBinder) observer);

        doReturn(Process.myUid()).when(sPackageManagerInternal)

                .getPackageUid(mContext.getOpPackageName(), 0 /* flags */, mContext.getUserId());

        mAms.registerUidObserver(observer, ActivityManager.UID_OBSERVER_PROCSTATE /* which */,

                ActivityManager.PROCESS_STATE_SERVICE /* cutpoint */,

                mContext.getOpPackageName());

                ActivityManager.PROCESS_STATE_SERVICE /* cutpoint */, null /* callingPackage */);

        // When we invoke AMS.registerUidObserver, there are some interactions with observer

        // mock in RemoteCallbackList class. We don't want to test those interactions and

        // at the same time, we don't want those to interfere with verifyNoMoreInteractions.

        final IUidObserver observer = mock(IUidObserver.Stub.class);

        when(observer.asBinder()).thenReturn((IBinder) observer);

        doReturn(Process.myUid()).when(sPackageManagerInternal)

                .getPackageUid(mContext.getOpPackageName(), 0 /* flags */, mContext.getUserId());

        mAms.registerUidObserver(observer, 0, 0, mContext.getOpPackageName());

        mAms.registerUidObserver(observer, 0, 0, null);

        // Verify that when observers are registered, then validateUids is correctly updated.

        addPendingUidChanges(pendingItemsForUids);

        mAms.mUidObserverController.dispatchUidsChanged();