package com.huawei.permission.malicious;

import android.content.Context;
import android.content.pm.PackageManager;
import android.hwsystemmanager.HsmSecurityProxy;
import android.os.Binder;
import android.os.UserHandle;
import com.huawei.android.content.pm.PackageManagerEx;
import com.huawei.library.packagemanager.HsmPkgUtils;
import com.huawei.library.stat.base.StatConst;
import com.huawei.library.stat.client.HsmStat;
import com.huawei.permission.MaliInfoBean;
import com.huawei.permission.PermissionServiceManager;
import com.huawei.permissionmanager.db.AppInfo;
import com.huawei.permissionmanager.db.DBAdapter;
import com.huawei.permissionmanager.model.HwAppPermissions;
import com.huawei.permissionmanager.utils.HwPermissionInfo;
import com.huawei.permissionmanager.utils.ShareCfg;
import com.huawei.permissionmanager.utils.Utils;
import com.huawei.systemmanager.addviewmonitor.AddViewAppManager;
import com.huawei.systemmanager.security.util.HwLog;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;

/* loaded from: classes2.dex */
public class RestrictZone {
    public static final long ALWAYS_FORBIDDEN_PERMS = 1241191;
    public static final String[] ALWAYS_FORBIDDEN_PERM_STRS = {ShareCfg.MSG_RECORD_READ_PERMISSION, ShareCfg.SEND_SHORT_MESSAGE_PERMISSION, ShareCfg.RECEIVE_SMS_PERMISSION, ShareCfg.CALL_PHONE_PERMISSION, ShareCfg.CALL_AND_CONT_READ_PERMISSION, ShareCfg.CALL_AND_CONT_WRITE_PERMISSION, ShareCfg.CALLLOG_RECORD_READ_PERMISSION, ShareCfg.CALLLOG_RECORD_WRITE_PERMISSION, ShareCfg.RECEIVE_MMS_PERMISSION};
    private static final String INSTALLER_PKG = "com.android.packageinstaller";
    public static final int MODE_ALWAYS_FORBIDDEN = 2;
    public static final int MODE_DEFAULT_FORBIDDEN = 1;
    public static final int MODE_NOT_RESTRICTED = 0;
    private static final int NET_MODE_ACCESS = 1;
    private static final int NET_MODE_RESTRICT = 0;
    private static final int NOTI_FLAG_CLOSE = 1;
    private static final int NOTI_FLAG_OPEN = 2;
    private static final String REASON = "mali_restrict";
    private static final String RESTRICTED_RATIO = "restricted_ratio";
    private static final String RISK_TOTAL_CNT = "risk_total_cnt";
    private static final String TAG = "RestrictZone";
    private final Context mContext;
    private final MaliInfoModel mMaliInfoModel;
    private final Set<String> mRestrictCache = new HashSet();

    public RestrictZone(Context context, MaliInfoModel maliInfoModel) {
        this.mContext = context;
        this.mMaliInfoModel = maliInfoModel;
        refreshRestrictCache(false);
    }

    private void applyPolicy(String str, boolean z) {
        String[] strArr;
        if (str == null) {
            HwLog.w(TAG, "applyPolicy, pkg is null");
            return;
        }
        long clearCallingIdentity = Binder.clearCallingIdentity();
        HwAppPermissions create = HwAppPermissions.create(this.mContext, str);
        if (create == null) {
            HwLog.w(TAG, "HwAppPermissions is null : " + str);
            return;
        }
        if (z) {
            forbidAllOps(create, this.mContext);
        }
        AppInfo appInfo = create.getAppInfo();
        if (appInfo == null) {
            HwLog.w(TAG, "appInfo is null : " + str);
            return;
        }
        if (appInfo.mRequestPermissions == null) {
            HwLog.w(TAG, "appInfo.mRequestPermissions is null");
            return;
        }
        int i = appInfo.mAppUid;
        PackageManager packageManager = this.mContext.getPackageManager();
        UserHandle userHandleForUid = UserHandle.getUserHandleForUid(i);
        if (userHandleForUid != null) {
            int size = appInfo.mRequestPermissions.size();
            for (int i2 = 0; i2 < size; i2++) {
                HwPermissionInfo hwPermissionInfo = appInfo.mRequestPermissions.get(i2);
                if (hwPermissionInfo != null && getRestrictPermMode(hwPermissionInfo.mPermissionCode) == 2 && (strArr = hwPermissionInfo.mPermissionStr) != null) {
                    int length = strArr.length;
                    int i3 = 0;
                    while (true) {
                        int i4 = i3;
                        if (i4 < length) {
                            PackageManagerEx.updatePermissionFlags(packageManager, strArr[i4], str, 2, z ? 2 : 0, userHandleForUid);
                            i3 = i4 + 1;
                        }
                    }
                }
            }
            Binder.restoreCallingIdentity(clearCallingIdentity);
        }
    }

    public static void forbidAllOps(HwAppPermissions hwAppPermissions, Context context) {
        if (context == null) {
            HwLog.w(TAG, "forbidAllOps, context is null");
            return;
        }
        if (hwAppPermissions == null) {
            HwLog.w(TAG, "appPermissions is null");
            return;
        }
        AppInfo appInfo = hwAppPermissions.getAppInfo();
        if (appInfo == null) {
            HwLog.w(TAG, "appInfo is null");
            return;
        }
        int i = appInfo.mAppUid;
        String str = appInfo.mPkgName;
        AddViewAppManager.getInstance(context).setOpsMode(i, str, false);
        if (appInfo.mRequestPermissions == null) {
            HwLog.w(TAG, "appInfo.mRequestPermissions is null");
            return;
        }
        int size = appInfo.mRequestPermissions.size();
        for (int i2 = 0; i2 < size; i2++) {
            HwPermissionInfo hwPermissionInfo = appInfo.mRequestPermissions.get(i2);
            if (hwPermissionInfo != null) {
                DBAdapter.setSinglePermissionAndSyncToSys(hwAppPermissions, context, i, str, hwPermissionInfo.mPermissionCode, 2, REASON);
            }
        }
        PermissionServiceManager permissionServiceManager = PermissionServiceManager.getInstance();
        if (permissionServiceManager != null) {
            permissionServiceManager.setAppNetMode(str, 0);
            permissionServiceManager.setMaliciousAppNotification(context, str, 1);
        }
    }

    public static int getRestrictPermMode(long j) {
        return (ALWAYS_FORBIDDEN_PERMS & j) != 0 ? 2 : 1;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final /* synthetic */ boolean lambda$refreshRestrictCache$139$RestrictZone(MaliInfoBean maliInfoBean) {
        return maliInfoBean.restrictStatus == 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void refreshRestrictCache(boolean z) {
        this.mRestrictCache.clear();
        List<MaliInfoBean> queryMaliAppInfoShort = this.mMaliInfoModel.queryMaliAppInfoShort(-1);
        this.mRestrictCache.addAll((List) queryMaliAppInfoShort.stream().filter(RestrictZone$$Lambda$0.$instance).filter(RestrictZone$$Lambda$1.$instance).map(RestrictZone$$Lambda$2.$instance).filter(RestrictZone$$Lambda$3.$instance).collect(Collectors.toList()));
        if (z) {
            int size = this.mRestrictCache.size();
            int size2 = queryMaliAppInfoShort.size();
            String constructJsonParams = StatConst.constructJsonParams(RESTRICTED_RATIO, String.format("%.4f", Double.valueOf((1.0d * size) / size2)), RISK_TOTAL_CNT, "" + size2);
            HwLog.i(TAG, "statParam=" + constructJsonParams);
            HsmStat.statE(5001, constructJsonParams);
        }
    }

    public void setAppStatus(String str, boolean z) {
        if (z && Binder.getCallingUid() == HsmPkgUtils.getPackageUid("com.android.packageinstaller") && this.mMaliInfoModel.lambda$queryMaliAppInfoShort$149$MaliInfoModel(str, -1).isEmpty()) {
            MaliInfoBean maliInfoBean = new MaliInfoBean(str, MaliciousAppManager.SOURCE_ANTI_VIRUS, 1, 303, 1);
            ArrayList arrayList = new ArrayList();
            arrayList.add(maliInfoBean);
            this.mMaliInfoModel.reportMaliInfoBean(arrayList, false);
        }
        synchronized (this.mMaliInfoModel.mDBHelper) {
            refreshRestrictCache(false);
            HwLog.i(TAG, "setAppStatus : " + str + ", restricted : " + z);
            this.mRestrictCache.forEach(RestrictZone$$Lambda$4.$instance);
            if (z && !this.mRestrictCache.contains(str)) {
                HwLog.i(TAG, "restrict : " + str);
                this.mMaliInfoModel.setRestrictStatusInner(str, 0);
                this.mRestrictCache.add(str);
                applyPolicy(str, true);
                this.mMaliInfoModel.notifyDataChanged(str, 1);
                Utils.killApplication(str, this.mContext);
            } else if (!z && this.mRestrictCache.contains(str)) {
                HwLog.i(TAG, "unrestrict : " + str);
                this.mMaliInfoModel.setRestrictStatusInner(str, 1);
                this.mRestrictCache.remove(str);
                applyPolicy(str, false);
                this.mMaliInfoModel.notifyDataChanged(str, 1);
            }
        }
        int size = this.mRestrictCache.size();
        int size2 = this.mMaliInfoModel.queryMaliAppInfoShort(-1).size();
        String constructJsonParams = StatConst.constructJsonParams(RESTRICTED_RATIO, String.format("%.4f", Double.valueOf((1.0d * size) / size2)), RISK_TOTAL_CNT, "" + size2);
        HwLog.i(TAG, "statParam=" + constructJsonParams);
        HsmStat.statE(5001, constructJsonParams);
    }

    void setStartComponentBlackList() {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(this.mRestrictCache);
        HsmSecurityProxy.getInstance().setStartComponetBlackList(arrayList);
    }
}
