Ensure storage permission revoke happens for all users

When revoking storage permissions due to storage escalation, ensure the
revoke happens for all users

Fixes: 186034260
Bug: 171430330
Test: atest --user-type secondary_user StorageEscalationTest
Merged-In: Ieb8bb9cde1576e9eee131338d393b8a3528341ec
Change-Id: Ieb8bb9cde1576e9eee131338d393b8a3528341ec

services/core/java/com/android/server/pm/permission/PermissionManagerService.java

@@ -2293,23 +2293,30 @@ public class PermissionManagerService extends IPermissionManager.Stub {
         }
 
         final int callingUid = Binder.getCallingUid();
-        final int userId = UserHandle.getUserId(newPackage.getUid());
+        for (int userId: mUserManagerInt.getUserIds()) {
-        int numRequestedPermissions = newPackage.getRequestedPermissions().size();
+            int numRequestedPermissions = newPackage.getRequestedPermissions().size();
-        for (int i = 0; i < numRequestedPermissions; i++) {
+            for (int i = 0; i < numRequestedPermissions; i++) {
-            PermissionInfo permInfo = getPermissionInfo(newPackage.getRequestedPermissions().get(i),
+                PermissionInfo permInfo = getPermissionInfo(
-                    newPackage.getPackageName(), 0);
+                        newPackage.getRequestedPermissions().get(i),
-            if (permInfo == null || !STORAGE_PERMISSIONS.contains(permInfo.name)) {
+                        newPackage.getPackageName(), 0);
-                continue;
+                if (permInfo == null || !STORAGE_PERMISSIONS.contains(permInfo.name)) {
+                    continue;
+                }
+
+                EventLog.writeEvent(0x534e4554, "171430330", newPackage.getUid(),
+                        "Revoking permission " + permInfo.name + " from package "
+                                + newPackage.getPackageName() + " as either the sdk downgraded "
+                                + downgradedSdk + " or newly requested legacy full storage "
+                                + newlyRequestsLegacy);
+
+                try {
+                    revokeRuntimePermissionInternal(permInfo.name, newPackage.getPackageName(),
+                            false, callingUid, userId, null, permissionCallback);
+                } catch (IllegalStateException | SecurityException e) {
+                    Log.e(TAG, "unable to revoke " + permInfo.name + " for "
+                            + newPackage.getPackageName() + " user " + userId, e);
+                }
             }
-
-            EventLog.writeEvent(0x534e4554, "171430330", newPackage.getUid(),
-                    "Revoking permission " + permInfo.name + " from package "
-                            + newPackage.getPackageName() + " as either the sdk downgraded "
-                            + downgradedSdk + " or newly requested legacy full storage "
-                            + newlyRequestsLegacy);
-
-            revokeRuntimePermissionInternal(permInfo.name, newPackage.getPackageName(),
-                    false, callingUid, userId, null, permissionCallback);
         }
 
     }