Package name is more commonly used than appid, so we hope to support obtaining permission and appop status based on package name.

Change-Id: I4f0e9bcb979132d99222cadaf306034bf58e092a

PermissionEntry.gids may return null when parsing legacy config trying
to work around an issue about upgrading from L platfrm. We can just
ignore such entries now.

Bug: 325137277
Bug: 322197421
Test: system boots with flag enabled
Change-Id: I71a160d53b1a1b429019bb1973a892f78ccb0a17
Merged-In: I71a160d53b1a1b429019bb1973a892f78ccb0a17
(cherry picked from commit b0b149c4)

The old subsystem creates "fake" permissions owned by the "android"
package that will contain the GIDs and be overridden by system apps,
however that approach is fragile because it depends a lot on the package
scan order since these "fake" permissions will be trimmed after we scan
the "android" package.

In contrast, it's a lot easier and straightforward to just look up the
GIDs upon scanning permission definitions, which will also fix the
package scanning order issue. It also helps with removing one type of
permission definition and the special cases we had to add for it.

This is a better version of the easier but behavior changing fix
ag/26216413.

This change is behind a bug-fix flag since it's still a new way of doing
things, despite that it's straightforward and there's no expected
behavior change except for fixing GID assignment for permissions
declared in APKs-in-APEX etc on first boot.

Fixes: 325137277
Bug: 322197421
Test: manually check the GIDs in dumpsys permissionmgr after clean flash
Change-Id: Ied24c45734e7c57ce8ed0d015121675bfcbae54f
Merged-In: Ied24c45734e7c57ce8ed0d015121675bfcbae54f
(cherry picked from commit 05b75fb4)

1. Move implementations and related utils to internal
2. Make calling SystemConfig methods from ParsingPackageUtils.Callback
   to avoid calling from the client side.
3. Move isMatch and isEnabled from ComponentParseUtils to PackageInfoUtils
4. Move string from SELinuxUtil to SeinfoUtil
5. Move some methods from AndroidPackageUtils to AndroidPackageLegacyUtils
6. Copy some methods from PackageInfoUtils to AppInfoUtils
7. Use PackageParserException instead of PackageManagerException for
   validatePackageDexMetadata method

Bug: 309596860
Test: build pass and boot to home
Test: atest PackageManagerServiceServerTests
Test: atest PackageManagerComponentOverrideTests
Test: atest PermissionServiceMockingTests
Test: atest PackageManagerServiceUnitTests
Test: atest PackageManagerPerfTests
Change-Id: I3de48d0d8adf714447823408673e07ed379f27ab

Bug: 306676648
Test: atest DevicePermissionPolicyTest
Test: atest PermissionServiceMockingTests
Change-Id: I66519b88dc29df455ede1afcd9864248acc2a905

Renaming the flag to avoid potential issues
during rollout (the flag was changed to fixed
in a follow up CL due to some errors)

Fix: 315334748
Test: build
Change-Id: I8c4b1a449917df1de879f99eac79c5662e03f6ab

Remove permissions for external devices on
removal i.e. when the external device is removed.

Bug: 283975881
Test: presubmit
Change-Id: I72983f25071d867d6f7d4b908ef76c796ed77d06

This is to allow working on b/266164193 in parallel to making app ops
tracking device-aware. The actual usage of
device id to calculate op mode will be done in that bug, however
modifying the interface at this time allows us to make AppOpsService
device-aware.

Bug: 299330771
Test: atest CtsAppOpsTestCases CtsAppOps2TestCases
Change-Id: I9edc249379474d710f45a49877389b6a94846544

include everyone in the permissions team

Test: N/A
Bug: 299330771
Change-Id: I28edfc6ef3197edbaf8b7c80b78c590bc697346f

Name device Id and persistent device Id carefully
in the classes where both ID are used.

Bug: 289355341
Test: local build
Change-Id: I7b5c2063cf60500bbcd293cc76b4979bc08bf1ee

Clients can opt-in for virtual devices
permission changes by overriding new callback.

Bug: 289355341
Bug: 302627733
Test: presubmit
Change-Id: I282eb4fabea6d36005b8eb1dc4a8c6887d3cd400

Bug: 299330771
Test: m (still builds)
Change-Id: I809a92c215371d538137f2edc90dac3fc4b9ea2f

CAMERA and MICROPHONE are the only two permissions that can be device aware at this moment. Hardcode them in the system server to
enable saving permission states for device aware permissions. Note: this is a temporary change. Once we have a formal API to return
device aware permissions, we should replace the hardcode.

Bug: 292252664
Test: Existing tests pass. Refer to tests in ag/24855864
Change-Id: If706ea1c9dc5b171a5210298dab5ad4812d6bb88

This partially reverts commit 7e8b4c01.

Reason for revert: Retail demo now has a proper role.

Bug: 294122862
Test: presubmit
Change-Id: I07ee1ed5cb8538ac62298f73777214cdcddac90f

Bug: 304347474
Test: Code format change only. Exisiting tests pass.
Change-Id: Ie2964be263484d5284cda5c563060755f8e31f0b

Add permission reset support for `reset-permissions`
shell command.

Fix: 303700254
Test: presubmit & manual
Change-Id: Iff374ac90549ca3abe1f2bbd249b7f18b9c63437

Add flag for both feature and APIs.

Bug: 274852670
Test: presubmit
Change-Id: I619be75c58eb4e32624c0b6de2970b207af26847

Bug: 283978092
Test: atest RevokeSelfPermissionTest
Test: atest OneTimePermissionTest
Test: atest DevicePermissionsTest

Change-Id: I0adef572133a288c17e43b3e1b8adcf53ff68114

For consistency in code style, and always avoiding a method call
regardless of optimizations.

Change-Id: I2c041c8ef2e5cb8e3ca6c9d3eaaec36ebb01779b

They were in the old PermissionManagerServiceImpl but missing in
ag/20684040. The new subsystem is only enabled in V+ so we can just fix
it directly.

Also added the permission check for removing despite that the old method
was only enforcing not instant app, because the removing API is
annotated with requiring the permission, and anyone currently able to
add will still remain able to remove since it's the same permission.

Bug: 263504888
Test: presubmit
Change-Id: Ie5688abdbc4d9039c3f7c42f3d253e69f7cc899d

Fixes: 290686675
Test: presubmit
Change-Id: I878ad84c4db42c40db3695c1efdc0d510b27dfed

Fix kotlin nullable errors that were exposed by setting the retention
of android.annotation.NonNull and android.annotation.Nullable to
class retention.

Bug: 294110802
Test: builds
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:6687a2caee0e1ab853c080924a5985fb5be71e28)
Merged-In: Iead08db297fa20963df7ee83b19d5ac76d0d4846
Change-Id: Iead08db297fa20963df7ee83b19d5ac76d0d4846

Fix kotlin nullable errors that were exposed by setting the retention
of android.annotation.NonNull and android.annotation.Nullable to
class retention.

Bug: 294110802
Test: builds
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8bcfcd296c80dacb4b387dada06b8303e61e520a)
Merged-In: I74b2b7570adf025cf8ec3ea105eb06ea22c7d30e
Change-Id: I74b2b7570adf025cf8ec3ea105eb06ea22c7d30e

Inherit non-runtime permissions from primary
device for virtual devices.

Fix: 282805910
Test: atest DevicePermissionsTest
Change-Id: If9af0d6abfcad61809e9b189a1f3cbb950570ee1

Fix kotlin nullable errors that were exposed by setting the retention
of android.annotation.NonNull and android.annotation.Nullable to
class retention.

Bug: 294110802
Test: builds
Merged-In: Ib3358be57d7dd401fd2014ade3e58f9fc6c2b6a7
Change-Id: I74b2b7570adf025cf8ec3ea105eb06ea22c7d30e

Revert submission 24470003-iris-perm-api-remerge

Reason for revert: potential culprit for b/297318862

Reverted changes: /q/submissionid:24470003-iris-perm-api-remerge

Change-Id: I494d8704c6c364f0dc782dda4a46a0b2754ac9ec

Bug: 280853174
Test: AppIdPermissionPolicyTest

Change-Id: I67c3c86b2ca4c0a87b05922f3a7fcc3bff04123d

Fix kotlin nullable errors that were exposed by setting the retention
of android.annotation.NonNull and android.annotation.Nullable to
class retention.

Bug: 294110802
Test: builds
Change-Id: Iead08db297fa20963df7ee83b19d5ac76d0d4846
Merged-In: Iead08db297fa20963df7ee83b19d5ac76d0d4846

Fix kotlin nullable errors that were exposed by setting the retention
of android.annotation.NonNull and android.annotation.Nullable to
class retention.

Bug: 294110802
Test: builds
Change-Id: Iead08db297fa20963df7ee83b19d5ac76d0d4846

Fix: 282805910
Test: build
Change-Id: I180718a707649daf5bfdeb2fb627f25fcfc70326

Platform_testing flaky annotation is for
host side tests and will be restricted, device
tests should use androidx annotation.

Bug: 293837621
Test: build
Change-Id: I7fe9deb19194cefe1b8e2a7e2b9ea258c1086e0f

This is a follow-up to ag/23216745 where we missed one method that is
removing elements from SparseArray. It is calling remove() instead of
removeReturnOld() because we don't need the old value and may get
slightly better performance.

Fixes: 295856715
Bug: 263504888
Test: presubmit
Change-Id: I9ce0a9cc4571b343debfc4f0cfce3ea351f2f1a7

This reverts commit 787c076b.

Reason for revert: See b/294967537

Change-Id: Ic9c33c73a478c6a611f4a691689dc7af9382e532

Fix: 282805910
Test: v2/android-xts/cts/framework/device-release (abtd)
Change-Id: I564739ac5833febe10d8453617bdf4ba0b6d94ac

In addition to the existing Immutable.md.

Bug: 285432076
Test: presubmit
Change-Id: I77529bb4782db6cbe7b8a8f96890a78661aa9fc0

The storage permissions of some system applications have been authorized by default and cannot be modified by users with SYSTEM_FIXED or POLICY_FIXED flags. Once revoked due to an self-upgrade package, the user cannot re-grant.

Bug: 292732635
Test: build
Change-Id: I055ecc6a523f680b411505ed18d90deb0252bf85

Certain tests in these test modules have a flake rate higher than 0.5%,
which means they are out-of-SLO for Project Ironwood. We've marked them
as @FlakyTest (in a separate change). But, in this change, we also
update the TEST_MAPPING files so that don't run any flaky tests
(i.e., annotated with @FlakyTest) in presubmit, but do run them in
postsubmit.

Test: Verify tests do not run in presubmit, but do in postsubmit
Bug: 290240321
Change-Id: Ia679980a0d8aa7bc9266a3f624ff7279c19a46b3

BUG: 288145890, 288146349, 288138476
Test: presubmit
Change-Id: Ie20f7d992d456db8e3f8e8b69297bcbd91bf6ead

This is a copy of the existing test mapping under pm/permission, and
does cover a number of scenarios about package updates.

Fixes: 290686675
Test: presubmit
Change-Id: I772b2b4f1bdf411675ceaa93059ce6f3e2edbdec

This reverts commit 2eaf8488.
Reason for revert: Fixed SigningDetails.equals() NPE in b/290558495

Fixes: 288515966
Test: KeySetHostTest#testUpgradeDefinerSigPerm{Gained,Lost}
Test: Reproduction steps in b/290558495
Change-Id: I694a565957576633ba7e1424c49a77d97fcdff26