DO NOT MERGE Filter for package visibility in getSmsRoleHolder(). Bug: 235601770 Test: manual Change-Id: I8b60776c0bb22a1960f347f6a8cae1c6495f43f7

diff --git a/service/java/com/android/permission/util/PackageUtils.java b/service/java/com/android/permission/util/PackageUtils.java
new file mode 100644
index 0000000..91f6bcc
--- /dev/null
+++ b/service/java/com/android/permission/util/PackageUtils.java

@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.permission.util;
+
+import android.annotation.NonNull;
+import android.annotation.UserIdInt;
+import android.content.Context;
+import android.content.pm.PackageManager;
+import android.os.UserHandle;
+
+/**
+ * Utility class for dealing with packages.
+ */
+public final class PackageUtils {
+    private PackageUtils() {}
+
+    /**
+     * Returns {@code true} if the calling package is able to query for details about the package.
+     *
+     * @see PackageManager#canPackageQuery
+     */
+    public static boolean canCallingOrSelfPackageQuery(@NonNull String packageName,
+            @UserIdInt int userId, @NonNull Context context) {
+        final Context userContext = context.createContextAsUser(UserHandle.of(userId), 0);
+        final PackageManager userPackageManager = userContext.getPackageManager();
+        try {
+            userPackageManager.getPackageInfo(packageName, 0);
+            return true;
+        } catch (PackageManager.NameNotFoundException ignored) {
+            return false;
+        }
+    }
+}

diff --git a/service/java/com/android/role/RoleService.java b/service/java/com/android/role/RoleService.java
index c28dc1f..af11939 100644
--- a/service/java/com/android/role/RoleService.java
+++ b/service/java/com/android/role/RoleService.java

@@ -60,6 +60,7 @@
 import com.android.permission.util.ArrayUtils;
 import com.android.permission.util.CollectionUtils;
 import com.android.permission.util.ForegroundThread;
+import com.android.permission.util.PackageUtils;
 import com.android.permission.util.PermissionUtils;
 import com.android.permission.util.ThrottledRunnable;
 import com.android.server.LocalManagerRegistry;
@@ -705,20 +706,26 @@
 
         @Override
         public String getSmsRoleHolder(int userId) {
-            PermissionUtils.enforceCrossUserPermission(userId, false, "getSmsRoleHolder",
-                    getContext());
+            final Context context = getContext();
+            PermissionUtils.enforceCrossUserPermission(userId, false, "getSmsRoleHolder", context);
             if (!isUserExistent(userId)) {
                 Log.e(LOG_TAG, "user " + userId + " does not exist");
                 return null;
             }
 
+            final String packageName;
             final long identity = Binder.clearCallingIdentity();
             try {
-                return CollectionUtils.firstOrNull(getRoleHoldersAsUser(RoleManager.ROLE_SMS,
+                packageName = CollectionUtils.firstOrNull(getRoleHoldersAsUser(RoleManager.ROLE_SMS,
                         userId));
             } finally {
                 Binder.restoreCallingIdentity(identity);
             }
+            if (packageName != null && !PackageUtils.canCallingOrSelfPackageQuery(packageName,
+                    userId, context)) {
+                return null;
+            }
+            return packageName;
         }
 
         @Override