From 31c2bba5429eded7b8e997b097a65c1dac4cd52b Mon Sep 17 00:00:00 2001 From: Svetoslav Ganov Date: Wed, 5 Oct 2016 18:24:31 -0700 Subject: [PATCH] Allow holders of READ_PRIVILEGED_PHONE_STATE to access serial Change-Id: I80e56dc87b34dc8f0e9c468a3078e86258837d1f --- .../server/os/DeviceIdentifiersPolicyService.java | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/services/core/java/com/android/server/os/DeviceIdentifiersPolicyService.java b/services/core/java/com/android/server/os/DeviceIdentifiersPolicyService.java index 759030bd949ca..5f082572db58d 100644 --- a/services/core/java/com/android/server/os/DeviceIdentifiersPolicyService.java +++ b/services/core/java/com/android/server/os/DeviceIdentifiersPolicyService.java @@ -20,6 +20,7 @@ import android.Manifest; import android.annotation.NonNull; import android.annotation.Nullable; import android.content.Context; +import android.content.pm.PackageManager; import android.os.Binder; import android.os.Build; import android.os.IDeviceIdentifiersPolicyService; @@ -53,9 +54,15 @@ public final class DeviceIdentifiersPolicyService extends SystemService { @Override public @Nullable String getSerial() throws RemoteException { - if (UserHandle.getAppId(Binder.getCallingUid()) != Process.SYSTEM_UID) { - mContext.enforceCallingOrSelfPermission( - Manifest.permission.READ_PHONE_STATE, "getSerial"); + if (UserHandle.getAppId(Binder.getCallingUid()) != Process.SYSTEM_UID + && mContext.checkCallingOrSelfPermission( + Manifest.permission.READ_PHONE_STATE) + != PackageManager.PERMISSION_GRANTED + && mContext.checkCallingOrSelfPermission( + Manifest.permission.READ_PRIVILEGED_PHONE_STATE) + != PackageManager.PERMISSION_GRANTED) { + throw new SecurityException("getSerial requires READ_PHONE_STATE" + + " or READ_PRIVILEGED_PHONE_STATE permission"); } return SystemProperties.get("ro.serialno", Build.UNKNOWN); }