Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Reorder TelephonyPermissions calls for carrier privileges" into rvc-dev am: f07d289b51

Browse Source 
Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/11937063

Change-Id: Iac8619566944573fcd1aa2d3f1f57b042c1ba0ab
This commit is contained in:
Michael Groover
2020-06-22 19:31:08 +00:00
committed by Automerger Merge Worker
parent 66563da34e f07d289b51
commit ddd636ce01
1 changed files with 21 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
telephony/common/com/android/internal/telephony/TelephonyPermissions.java
View File

@@ -303,12 +303,6 @@ public final class TelephonyPermissions {
String message, boolean allowCarrierPrivilegeOnAnySub) {
int uid = Binder.getCallingUid();
int pid = Binder.getCallingPid();
PermissionManager permissionManager = (PermissionManager) context.getSystemService(
Context.PERMISSION_SERVICE);
if (permissionManager.checkDeviceIdentifierAccess(callingPackage, message, callingFeatureId,
pid, uid) == PackageManager.PERMISSION_GRANTED) {
return true;
}
// If the calling package has carrier privileges for specified sub, then allow access.
if (checkCarrierPrivilegeForSubId(context, subId)) return true;
@@ -319,6 +313,13 @@ public final class TelephonyPermissions {
return true;
}
PermissionManager permissionManager = (PermissionManager) context.getSystemService(
Context.PERMISSION_SERVICE);
if (permissionManager.checkDeviceIdentifierAccess(callingPackage, message, callingFeatureId,
pid, uid) == PackageManager.PERMISSION_GRANTED) {
return true;
}
return reportAccessDeniedToReadIdentifiers(context, subId, pid, uid, callingPackage,
message);
}
@@ -433,16 +434,6 @@ public final class TelephonyPermissions {
public static boolean checkReadPhoneNumber(
Context context, int subId, int pid, int uid,
String callingPackage, @Nullable String callingFeatureId, String message) {
// Default SMS app can always read it.
AppOpsManager appOps = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
if (appOps.noteOp(AppOpsManager.OPSTR_WRITE_SMS, uid, callingPackage, callingFeatureId,
null) == AppOpsManager.MODE_ALLOWED) {
return true;
}
// NOTE(b/73308711): If an app has one of the following AppOps bits explicitly revoked, they
// will be denied access, even if they have another permission and AppOps bit if needed.
// First, check if the SDK version is below R
boolean preR = false;
try {
@@ -477,21 +468,29 @@ public final class TelephonyPermissions {
}
}
// Default SMS app can always read it.
AppOpsManager appOps = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
if (appOps.noteOp(AppOpsManager.OPSTR_WRITE_SMS, uid, callingPackage, callingFeatureId,
null) == AppOpsManager.MODE_ALLOWED) {
return true;
}
// Can be read with READ_SMS too.
try {
context.enforcePermission(android.Manifest.permission.READ_SMS, pid, uid, message);
return appOps.noteOp(AppOpsManager.OPSTR_READ_SMS, uid, callingPackage,
callingFeatureId, null) == AppOpsManager.MODE_ALLOWED;
if (appOps.noteOp(AppOpsManager.OPSTR_READ_SMS, uid, callingPackage,
callingFeatureId, null) == AppOpsManager.MODE_ALLOWED) {
return true;
}
} catch (SecurityException readSmsSecurityException) {
}
// Can be read with READ_PHONE_NUMBERS too.
try {
context.enforcePermission(android.Manifest.permission.READ_PHONE_NUMBERS, pid, uid,
message);
return appOps.noteOp(AppOpsManager.OPSTR_READ_PHONE_NUMBERS, uid, callingPackage,
callingFeatureId, null) == AppOpsManager.MODE_ALLOWED;
if (appOps.noteOp(AppOpsManager.OPSTR_READ_PHONE_NUMBERS, uid, callingPackage,
callingFeatureId, null) == AppOpsManager.MODE_ALLOWED) {
return true;
}
} catch (SecurityException readPhoneNumberSecurityException) {
}