package com.android.server.pm.permission;

import android.app.AppOpsManager;
import android.app.admin.DevicePolicyManager;
import android.content.Context;
import android.content.PermissionChecker;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageManagerInternal;
import android.os.Binder;
import android.os.ServiceManager;
import android.os.UserHandle;
import android.permission.ILegacyPermissionManager;
import android.util.EventLog;
import android.util.Log;
import com.android.internal.annotations.VisibleForTesting;
import com.android.server.LocalServices;
import com.android.server.pm.PackageManagerServiceUtils;
import com.android.server.pm.UserManagerService;
import com.android.server.pm.permission.LegacyPermissionManagerInternal;

/* loaded from: input_file:com/android/server/pm/permission/LegacyPermissionManagerService.class */
public class LegacyPermissionManagerService extends ILegacyPermissionManager.Stub {
    private static final String TAG = "PermissionManager";
    private final Injector mInjector;
    private final Context mContext;
    private final DefaultPermissionGrantPolicy mDefaultPermissionGrantPolicy;

    @VisibleForTesting
    /* loaded from: input_file:com/android/server/pm/permission/LegacyPermissionManagerService$Injector.class */
    public static class Injector {
        private final Context mContext;
        private final PackageManagerInternal mPackageManagerInternal = (PackageManagerInternal) LocalServices.getService(PackageManagerInternal.class);

        public Injector(Context context) {
            this.mContext = context;
        }

        public int getCallingUid() {
            return Binder.getCallingUid();
        }

        public int getCallingPid() {
            return Binder.getCallingPid();
        }

        public int checkPermission(String str, int i, int i2) {
            return this.mContext.checkPermission(str, i, i2);
        }

        public long clearCallingIdentity() {
            return Binder.clearCallingIdentity();
        }

        public void restoreCallingIdentity(long j) {
            Binder.restoreCallingIdentity(j);
        }

        public Object getSystemService(String str) {
            return this.mContext.getSystemService(str);
        }

        public ApplicationInfo getApplicationInfo(String str, int i) throws PackageManager.NameNotFoundException {
            return this.mContext.getPackageManager().getApplicationInfoAsUser(str, 0, UserHandle.getUserHandleForUid(i));
        }

        public int getPackageUidForUser(String str, int i) {
            return this.mPackageManagerInternal.getPackageUid(str, 0L, i);
        }
    }

    /* loaded from: input_file:com/android/server/pm/permission/LegacyPermissionManagerService$Internal.class */
    private class Internal implements LegacyPermissionManagerInternal {
        private Internal() {
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void resetRuntimePermissions() {
            LegacyPermissionManagerService.this.mContext.enforceCallingOrSelfPermission("android.permission.REVOKE_RUNTIME_PERMISSIONS", "revokeRuntimePermission");
            int callingUid = Binder.getCallingUid();
            if (callingUid != 1000 && callingUid != 0) {
                LegacyPermissionManagerService.this.mContext.enforceCallingOrSelfPermission("android.permission.INTERACT_ACROSS_USERS_FULL", "resetRuntimePermissions");
            }
            PackageManagerInternal packageManagerInternal = (PackageManagerInternal) LocalServices.getService(PackageManagerInternal.class);
            PermissionManagerServiceInternal permissionManagerServiceInternal = (PermissionManagerServiceInternal) LocalServices.getService(PermissionManagerServiceInternal.class);
            for (int i : UserManagerService.getInstance().getUserIds()) {
                packageManagerInternal.forEachPackage(androidPackage -> {
                    permissionManagerServiceInternal.resetRuntimePermissions(androidPackage, i);
                });
            }
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void setDialerAppPackagesProvider(LegacyPermissionManagerInternal.PackagesProvider packagesProvider) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.setDialerAppPackagesProvider(packagesProvider);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void setLocationExtraPackagesProvider(LegacyPermissionManagerInternal.PackagesProvider packagesProvider) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.setLocationExtraPackagesProvider(packagesProvider);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void setLocationPackagesProvider(LegacyPermissionManagerInternal.PackagesProvider packagesProvider) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.setLocationPackagesProvider(packagesProvider);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void setSimCallManagerPackagesProvider(LegacyPermissionManagerInternal.PackagesProvider packagesProvider) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.setSimCallManagerPackagesProvider(packagesProvider);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void setSmsAppPackagesProvider(LegacyPermissionManagerInternal.PackagesProvider packagesProvider) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.setSmsAppPackagesProvider(packagesProvider);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void setSyncAdapterPackagesProvider(LegacyPermissionManagerInternal.SyncAdapterPackagesProvider syncAdapterPackagesProvider) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.setSyncAdapterPackagesProvider(syncAdapterPackagesProvider);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void setUseOpenWifiAppPackagesProvider(LegacyPermissionManagerInternal.PackagesProvider packagesProvider) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.setUseOpenWifiAppPackagesProvider(packagesProvider);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void setVoiceInteractionPackagesProvider(LegacyPermissionManagerInternal.PackagesProvider packagesProvider) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.setVoiceInteractionPackagesProvider(packagesProvider);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void grantDefaultPermissionsToDefaultSimCallManager(String str, int i) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.grantDefaultPermissionsToDefaultSimCallManager(str, i);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void grantDefaultPermissionsToDefaultUseOpenWifiApp(String str, int i) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.grantDefaultPermissionsToDefaultUseOpenWifiApp(str, i);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void grantDefaultPermissions(int i) {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.grantDefaultPermissions(i);
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public void scheduleReadDefaultPermissionExceptions() {
            LegacyPermissionManagerService.this.mDefaultPermissionGrantPolicy.scheduleReadDefaultPermissionExceptions();
        }

        @Override // com.android.server.pm.permission.LegacyPermissionManagerInternal
        public int checkSoundTriggerRecordAudioPermissionForDataDelivery(int i, String str, String str2, String str3) {
            int checkPermissionForPreflight = PermissionChecker.checkPermissionForPreflight(LegacyPermissionManagerService.this.mContext, "android.permission.RECORD_AUDIO", -1, i, str);
            if (checkPermissionForPreflight != 0) {
                return checkPermissionForPreflight;
            }
            ((AppOpsManager) LegacyPermissionManagerService.this.mContext.getSystemService(AppOpsManager.class)).noteOpNoThrow(120, i, str, str2, str3);
            return checkPermissionForPreflight;
        }
    }

    public static LegacyPermissionManagerInternal create(Context context) {
        LegacyPermissionManagerInternal legacyPermissionManagerInternal = (LegacyPermissionManagerInternal) LocalServices.getService(LegacyPermissionManagerInternal.class);
        if (legacyPermissionManagerInternal == null) {
            new LegacyPermissionManagerService(context);
            legacyPermissionManagerInternal = (LegacyPermissionManagerInternal) LocalServices.getService(LegacyPermissionManagerInternal.class);
        }
        return legacyPermissionManagerInternal;
    }

    private LegacyPermissionManagerService(Context context) {
        this(context, new Injector(context));
        LocalServices.addService(LegacyPermissionManagerInternal.class, new Internal());
        ServiceManager.addService("legacy_permission", this);
    }

    @VisibleForTesting
    LegacyPermissionManagerService(Context context, Injector injector) {
        this.mContext = context;
        this.mInjector = injector;
        this.mDefaultPermissionGrantPolicy = new DefaultPermissionGrantPolicy(context);
    }

    @Override // android.permission.ILegacyPermissionManager
    public int checkDeviceIdentifierAccess(String str, String str2, String str3, int i, int i2) {
        verifyCallerCanCheckAccess(str, str2, i, i2);
        int appId = UserHandle.getAppId(i2);
        if (appId == 1000 || appId == 0 || this.mInjector.checkPermission("android.permission.READ_PRIVILEGED_PHONE_STATE", i, i2) == 0) {
            return 0;
        }
        if (str == null) {
            return -1;
        }
        long clearCallingIdentity = this.mInjector.clearCallingIdentity();
        try {
            if (((AppOpsManager) this.mInjector.getSystemService("appops")).noteOpNoThrow("android:read_device_identifiers", i2, str, str3, str2) == 0) {
                return 0;
            }
            this.mInjector.restoreCallingIdentity(clearCallingIdentity);
            DevicePolicyManager devicePolicyManager = (DevicePolicyManager) this.mInjector.getSystemService("device_policy");
            return (devicePolicyManager == null || !devicePolicyManager.hasDeviceIdentifierAccess(str, i, i2)) ? -1 : 0;
        } finally {
            this.mInjector.restoreCallingIdentity(clearCallingIdentity);
        }
    }

    @Override // android.permission.ILegacyPermissionManager
    public int checkPhoneNumberAccess(String str, String str2, String str3, int i, int i2) {
        verifyCallerCanCheckAccess(str, str2, i, i2);
        if (this.mInjector.checkPermission("android.permission.READ_PRIVILEGED_PHONE_STATE", i, i2) == 0) {
            return 0;
        }
        if (str == null) {
            return -1;
        }
        boolean z = false;
        int i3 = -1;
        try {
            z = this.mInjector.getApplicationInfo(str, i2).targetSdkVersion <= 29;
        } catch (PackageManager.NameNotFoundException e) {
        }
        if (z) {
            i3 = checkPermissionAndAppop(str, "android.permission.READ_PHONE_STATE", "android:read_phone_state", str3, str2, i, i2);
            if (i3 == 0) {
                return i3;
            }
        }
        if (checkPermissionAndAppop(str, null, "android:write_sms", str3, str2, i, i2) == 0 || checkPermissionAndAppop(str, "android.permission.READ_PHONE_NUMBERS", "android:read_phone_numbers", str3, str2, i, i2) == 0 || checkPermissionAndAppop(str, "android.permission.READ_SMS", "android:read_sms", str3, str2, i, i2) == 0) {
            return 0;
        }
        return i3;
    }

    private void verifyCallerCanCheckAccess(String str, String str2, int i, int i2) {
        boolean z = false;
        int callingUid = this.mInjector.getCallingUid();
        int callingPid = this.mInjector.getCallingPid();
        if (UserHandle.getAppId(callingUid) >= 10000 && (callingUid != i2 || callingPid != i)) {
            z = true;
        }
        if (str != null && UserHandle.getAppId(i2) >= 10000 && i2 != this.mInjector.getPackageUidForUser(str, UserHandle.getUserId(i2))) {
            Object[] objArr = new Object[3];
            objArr[0] = "193441322";
            objArr[1] = Integer.valueOf(UserHandle.getAppId(callingUid) >= 10000 ? callingUid : i2);
            objArr[2] = "Package uid mismatch";
            EventLog.writeEvent(1397638484, objArr);
            z = true;
        }
        if (z) {
            String format = String.format("Calling uid %d, pid %d cannot access for package %s (uid=%d, pid=%d): %s", Integer.valueOf(callingUid), Integer.valueOf(callingPid), str, Integer.valueOf(i2), Integer.valueOf(i), str2);
            Log.w(TAG, format);
            throw new SecurityException(format);
        }
    }

    private int checkPermissionAndAppop(String str, String str2, String str3, String str4, String str5, int i, int i2) {
        if (str2 == null || this.mInjector.checkPermission(str2, i, i2) == 0) {
            return ((AppOpsManager) this.mInjector.getSystemService("appops")).noteOpNoThrow(str3, i2, str, str4, str5) != 0 ? 1 : 0;
        }
        return -1;
    }

    @Override // android.permission.ILegacyPermissionManager
    public void grantDefaultPermissionsToCarrierServiceApp(String str, int i) {
        PackageManagerServiceUtils.enforceSystemOrRoot("grantDefaultPermissionsForCarrierServiceApp");
        Binder.withCleanCallingIdentity(() -> {
            this.mDefaultPermissionGrantPolicy.grantDefaultPermissionsToCarrierServiceApp(str, i);
        });
    }

    @Override // android.permission.ILegacyPermissionManager
    public void grantDefaultPermissionsToActiveLuiApp(String str, int i) {
        PackageManagerServiceUtils.enforceSystemOrPhoneCaller("grantDefaultPermissionsToActiveLuiApp", Binder.getCallingUid());
        Binder.withCleanCallingIdentity(() -> {
            this.mDefaultPermissionGrantPolicy.grantDefaultPermissionsToActiveLuiApp(str, i);
        });
    }

    @Override // android.permission.ILegacyPermissionManager
    public void revokeDefaultPermissionsFromLuiApps(String[] strArr, int i) {
        PackageManagerServiceUtils.enforceSystemOrPhoneCaller("revokeDefaultPermissionsFromLuiApps", Binder.getCallingUid());
        Binder.withCleanCallingIdentity(() -> {
            this.mDefaultPermissionGrantPolicy.revokeDefaultPermissionsFromLuiApps(strArr, i);
        });
    }

    @Override // android.permission.ILegacyPermissionManager
    public void grantDefaultPermissionsToEnabledImsServices(String[] strArr, int i) {
        PackageManagerServiceUtils.enforceSystemOrPhoneCaller("grantDefaultPermissionsToEnabledImsServices", Binder.getCallingUid());
        Binder.withCleanCallingIdentity(() -> {
            this.mDefaultPermissionGrantPolicy.grantDefaultPermissionsToEnabledImsServices(strArr, i);
        });
    }

    @Override // android.permission.ILegacyPermissionManager
    public void grantDefaultPermissionsToEnabledTelephonyDataServices(String[] strArr, int i) {
        PackageManagerServiceUtils.enforceSystemOrPhoneCaller("grantDefaultPermissionsToEnabledTelephonyDataServices", Binder.getCallingUid());
        Binder.withCleanCallingIdentity(() -> {
            this.mDefaultPermissionGrantPolicy.grantDefaultPermissionsToEnabledTelephonyDataServices(strArr, i);
        });
    }

    @Override // android.permission.ILegacyPermissionManager
    public void revokeDefaultPermissionsFromDisabledTelephonyDataServices(String[] strArr, int i) {
        PackageManagerServiceUtils.enforceSystemOrPhoneCaller("revokeDefaultPermissionsFromDisabledTelephonyDataServices", Binder.getCallingUid());
        Binder.withCleanCallingIdentity(() -> {
            this.mDefaultPermissionGrantPolicy.revokeDefaultPermissionsFromDisabledTelephonyDataServices(strArr, i);
        });
    }

    @Override // android.permission.ILegacyPermissionManager
    public void grantDefaultPermissionsToEnabledCarrierApps(String[] strArr, int i) {
        PackageManagerServiceUtils.enforceSystemOrPhoneCaller("grantPermissionsToEnabledCarrierApps", Binder.getCallingUid());
        Binder.withCleanCallingIdentity(() -> {
            this.mDefaultPermissionGrantPolicy.grantDefaultPermissionsToEnabledCarrierApps(strArr, i);
        });
    }
}
