Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Add checks for READ_PRIVILEGED_PHONE_STATE." into mnc-dev

Browse Source
This commit is contained in:
Amit Mahajan
2015-07-14 17:59:17 +00:00
committed by Android (Google) Code Review
parent fe03a84bc6 7c5befa4a7
commit 51b4e97ae4
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
services/core/java/com/android/server/net/NetworkPolicyManagerService.java
View File

@@ -22,6 +22,7 @@ import static android.Manifest.permission.DUMP;
import static android.Manifest.permission.MANAGE_NETWORK_POLICY; import static android.Manifest.permission.MANAGE_NETWORK_POLICY;
import static android.Manifest.permission.READ_NETWORK_USAGE_HISTORY; import static android.Manifest.permission.READ_NETWORK_USAGE_HISTORY;
import static android.Manifest.permission.READ_PHONE_STATE; import static android.Manifest.permission.READ_PHONE_STATE;
import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE;
import static android.content.Intent.ACTION_PACKAGE_ADDED; import static android.content.Intent.ACTION_PACKAGE_ADDED;
import static android.content.Intent.ACTION_UID_REMOVED; import static android.content.Intent.ACTION_UID_REMOVED;
import static android.content.Intent.ACTION_USER_ADDED; import static android.content.Intent.ACTION_USER_ADDED;
@@ -1651,11 +1652,16 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
@Override @Override
public NetworkPolicy[] getNetworkPolicies(String callingPackage) { public NetworkPolicy[] getNetworkPolicies(String callingPackage) {
mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG); mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, TAG); try {
mContext.enforceCallingPermission(READ_PRIVILEGED_PHONE_STATE, TAG);
// SKIP checking run-time OP_READ_PHONE_STATE since using PRIVILEGED
} catch (SecurityException e) {
mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, TAG);
if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(), if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),
callingPackage) != AppOpsManager.MODE_ALLOWED) { callingPackage) != AppOpsManager.MODE_ALLOWED) {
return new NetworkPolicy[0]; return new NetworkPolicy[0];
}
} }
synchronized (mRulesLock) { synchronized (mRulesLock) {