Update PermissionManagerService to handle pre-created users

Pre-created users are not being returned by the call to
UserManagerService.getUserIds(). This is causing PermissionManager to
ignore recording pre-grants when a new pre-created user is created.

This CL fixes the issue by using a user ID set that contians pre-created
users.  Presumably the call to getUserIds() was previously done for
performance reasons.  I have added some system tracing to see if
performance is a bottle neck here with the new API call.

I ran the test 5 times on an automotive emulator:
[1] Start system trace
[2] adb shell pm -create-user --pre-create-only
[3] Stop system trace

Average time to getUsers() before changes: .389ms
Average time to getUsers() after changes: 1.82ms

Given that this is an infrequent operation and less than 5ms change,
performance hit looks negligible.

Bug: b/160901158
Test: Manually. Run `adb shell pm -create-user --pre-create-only`.
Create a new user and check to see that Assistant has pre-granted
permissions via `adb shell dumpsys package
com.google.android.carassistant`

Change-Id: I52caeb3a71e560d09fcbc167b46becebf779fc3a
Merged-In: I52caeb3a71e560d09fcbc167b46becebf779fc3a
(cherry picked from commit 432a0377250246632927252c9d2b92411717be52)

1 files changed, 30 insertions, 9 deletions

diff --git a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
index bc7554c54eb0..a4e8b1c01620 100644
--- a/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
+++ b/services/core/java/com/android/server/pm/permission/PermissionManagerService.java
@@ -83,6 +83,7 @@ import android.content.pm.PackageParser;
 import android.content.pm.ParceledListSlice;
 import android.content.pm.PermissionGroupInfo;
 import android.content.pm.PermissionInfo;
+import android.content.pm.UserInfo;
 import android.content.pm.parsing.component.ParsedPermission;
 import android.content.pm.parsing.component.ParsedPermissionGroup;
 import android.content.pm.permission.SplitPermissionInfoParcelable;
@@ -120,6 +121,7 @@ import android.util.Log;
 import android.util.Slog;
 import android.util.SparseArray;
 import android.util.SparseBooleanArray;
+import android.util.TimingsTraceLog;
 
 import com.android.internal.annotations.GuardedBy;
 import com.android.internal.annotations.VisibleForTesting;
@@ -2516,12 +2518,12 @@ public class PermissionManagerService extends IPermissionManager.Stub {
 
         final PermissionsState permissionsState = ps.getPermissionsState();
 
-        final int[] currentUserIds = UserManagerService.getInstance().getUserIds();
+        final int[] userIds = getAllUserIds();
 
         boolean runtimePermissionsRevoked = false;
         int[] updatedUserIds = EMPTY_INT_ARRAY;
 
-        for (int userId : currentUserIds) {
+        for (int userId : userIds) {
             if (permissionsState.isMissing(userId)) {
                 Collection<String> requestedPermissions;
                 int targetSdkVersion;
@@ -2587,7 +2589,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
                 // runtime and revocation of a runtime from a shared user.
                 synchronized (mLock) {
                     updatedUserIds = revokeUnusedSharedUserPermissionsLocked(
-                            ps.getSharedUser(), UserManagerService.getInstance().getUserIds());
+                            ps.getSharedUser(), userIds);
                     if (!ArrayUtils.isEmpty(updatedUserIds)) {
                         runtimePermissionsRevoked = true;
                     }
@@ -2740,7 +2742,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
                             // a runtime permission being downgraded to an install one.
                             // Also in permission review mode we keep dangerous permissions
                             // for legacy apps
-                            for (int userId : UserManagerService.getInstance().getUserIds()) {
+                            for (int userId : userIds) {
                                 if (origPermissions.getRuntimePermissionState(
                                         perm, userId) != null) {
                                     // Revoke the runtime permission and clear the flags.
@@ -2763,7 +2765,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
                             boolean hardRestricted = bp.isHardRestricted();
                             boolean softRestricted = bp.isSoftRestricted();
 
-                            for (int userId : currentUserIds) {
+                            for (int userId : userIds) {
                                 // If permission policy is not ready we don't deal with restricted
                                 // permissions as the policy may whitelist some permissions. Once
                                 // the policy is initialized we would re-evaluate permissions.
@@ -2902,7 +2904,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
                             boolean hardRestricted = bp.isHardRestricted();
                             boolean softRestricted = bp.isSoftRestricted();
 
-                            for (int userId : currentUserIds) {
+                            for (int userId : userIds) {
                                 // If permission policy is not ready we don't deal with restricted
                                 // permissions as the policy may whitelist some permissions. Once
                                 // the policy is initialized we would re-evaluate permissions.
@@ -3071,6 +3073,25 @@ public class PermissionManagerService extends IPermissionManager.Stub {
     }
 
     /**
+     * Returns all relevant user ids.  This list include the current set of created user ids as well
+     * as pre-created user ids.
+     * @return user ids for created users and pre-created users
+     */
+    private int[] getAllUserIds() {
+        final TimingsTraceLog t = new TimingsTraceLog(TAG, Trace.TRACE_TAG_SYSTEM_SERVER);
+        t.traceBegin("getAllUserIds");
+        List<UserInfo> users = UserManagerService.getInstance().getUsers(
+                /*excludePartial=*/ true, /*excludeDying=*/ true, /*excludePreCreated=*/ false);
+        int size = users.size();
+        final int[] userIds = new int[size];
+        for (int i = 0; i < size; i++) {
+            userIds[i] = users.get(i).id;
+        }
+        t.traceEnd();
+        return userIds;
+    }
+
+    /**
      * Revoke permissions that are not implicit anymore and that have
      * {@link PackageManager#FLAG_PERMISSION_REVOKE_WHEN_REQUESTED} set.
      *
@@ -3088,7 +3109,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
         boolean supportsRuntimePermissions = pkg.getTargetSdkVersion()
                 >= Build.VERSION_CODES.M;
 
-        int[] users = UserManagerService.getInstance().getUserIds();
+        int[] users = getAllUserIds();
         int numUsers = users.length;
         for (int i = 0; i < numUsers; i++) {
             int userId = users[i];
@@ -3197,7 +3218,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
         if (replace && pkg.isRequestLegacyExternalStorage() && (
                 pkg.getRequestedPermissions().contains(READ_EXTERNAL_STORAGE)
                         || pkg.getRequestedPermissions().contains(WRITE_EXTERNAL_STORAGE))) {
-            return UserManagerService.getInstance().getUserIds();
+            return getAllUserIds();
         }
 
         return updatedUserIds;
@@ -3251,7 +3272,7 @@ public class PermissionManagerService extends IPermissionManager.Stub {
                 if (!ps.hasInstallPermission(newPerm)) {
                     BasePermission bp = mSettings.getPermissionLocked(newPerm);
 
-                    int[] users = UserManagerService.getInstance().getUserIds();
+                    int[] users = getAllUserIds();
                     int numUsers = users.length;
                     for (int userNum = 0; userNum < numUsers; userNum++) {
                         int userId = users[userNum];