Adds caller check to getAllPackages()

This change enforces that only system, root or shell may call
getAllPackages(), a hidden API that shares all package names regardless
of user, instant app or package visibility rules.

The only exception is the uid of iorapd. iorapd needs the package info
to prefetch the right data.

Bug: 179618216
Bug: 174661955
Test: run iorapd and check it works well.
Change-Id: I77460ae19a4d41151577646441f11e2eddbb741a
(cherry picked from commit 8124efd57b50056d22e1b63c32c366ebdf049598)
diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java
index a4077fb..a89aefa 100644
--- a/core/java/android/os/Process.java
+++ b/core/java/android/os/Process.java
@@ -203,6 +203,12 @@
     public static final int SE_UID = 1068;
 
     /**
+     * Defines the UID/GID for the iorapd.
+     * @hide
+     */
+    public static final int IORAPD_UID = 1071;
+
+    /**
      * Defines the UID/GID for the NetworkStack app.
      * @hide
      */
diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java
index 18f2655..6b53fc5 100644
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -6169,6 +6169,10 @@
 
     @Override
     public List<String> getAllPackages() {
+        // Allow iorapd to call this method.
+        if (Binder.getCallingUid() != Process.IORAPD_UID) {
+            enforceSystemOrRootOrShell("getAllPackages is limited to privileged callers");
+        }
         final int callingUid = Binder.getCallingUid();
         final int callingUserId = UserHandle.getUserId(callingUid);
         synchronized (mLock) {