Merge "Only revoke ownerless grants when unprivileged." into lmp-dev

        // Does the caller have this permission on the URI?

        if (!checkHoldingPermissionsLocked(pm, pi, grantUri, callingUid, modeFlags)) {

            // Have they don't have direct access to the URI, then revoke any URI

            // permissions that have been granted to them.

            // If they don't have direct access to the URI, then revoke any

            // ownerless URI permissions that have been granted to them.

            final ArrayMap<GrantUri, UriPermission> perms = mGrantedUriPermissions.get(callingUid);

            if (perms != null) {

                boolean persistChanged = false;

                    if (perm.uri.sourceUserId == grantUri.sourceUserId

                            && perm.uri.uri.isPathPrefixMatch(grantUri.uri)) {

                        if (DEBUG_URI_PERMISSION)

                            Slog.v(TAG,

                                    "Revoking " + perm.targetUid + " permission to " + perm.uri);

                            Slog.v(TAG, "Revoking non-owned " + perm.targetUid +

                                    " permission to " + perm.uri);

                        persistChanged |= perm.revokeModes(

                                modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION);

                                modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, false);

                        if (perm.modeFlags == 0) {

                            it.remove();

                        }

                        Slog.v(TAG,

                                "Revoking " + perm.targetUid + " permission to " + perm.uri);

                    persistChanged |= perm.revokeModes(

                            modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION);

                            modeFlags | Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, true);

                    if (perm.modeFlags == 0) {

                        it.remove();

                    }

                    // Only inspect grants matching package

                    if (packageName == null || perm.sourcePkg.equals(packageName)

                            || perm.targetPkg.equals(packageName)) {

                        persistChanged |= perm.revokeModes(

                                persistable ? ~0 : ~Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION);

                        persistChanged |= perm.revokeModes(persistable

                                ? ~0 : ~Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION, true);

                        // Only remove when no modes remain; any persisted grants

                        // will keep this alive.

    /**

     * @return if mode changes should trigger persisting.

     */

    boolean revokeModes(int modeFlags) {

    boolean revokeModes(int modeFlags, boolean includingOwners) {

        final boolean persistable = (modeFlags & Intent.FLAG_GRANT_PERSISTABLE_URI_PERMISSION) != 0;

        modeFlags &= (Intent.FLAG_GRANT_READ_URI_PERMISSION

                | Intent.FLAG_GRANT_WRITE_URI_PERMISSION);

                persistedModeFlags &= ~Intent.FLAG_GRANT_READ_URI_PERMISSION;

            }

            globalModeFlags &= ~Intent.FLAG_GRANT_READ_URI_PERMISSION;

            if (mReadOwners != null) {

            if (mReadOwners != null && includingOwners) {

                ownedModeFlags &= ~Intent.FLAG_GRANT_READ_URI_PERMISSION;

                for (UriPermissionOwner r : mReadOwners) {

                    r.removeReadPermission(this);

                persistedModeFlags &= ~Intent.FLAG_GRANT_WRITE_URI_PERMISSION;

            }

            globalModeFlags &= ~Intent.FLAG_GRANT_WRITE_URI_PERMISSION;

            if (mWriteOwners != null) {

            if (mWriteOwners != null && includingOwners) {

                ownedModeFlags &= ~Intent.FLAG_GRANT_WRITE_URI_PERMISSION;

                for (UriPermissionOwner r : mWriteOwners) {

                    r.removeWritePermission(this);