Loading telephony/java/android/telephony/TelephonyManager.java +10 −9 Original line number Diff line number Diff line Loading @@ -1692,8 +1692,8 @@ public class TelephonyManager { * * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, for the calling app to be the device or * profile owner and have the READ_PHONE_STATE permission, or that the calling app has carrier * privileges (see {@link #hasCarrierPrivileges}). The profile owner is an app that owns a * managed profile on the device; for more details see <a * privileges (see {@link #hasCarrierPrivileges}) on any active subscription. The profile owner * is an app that owns a managed profile on the device; for more details see <a * href="https://developer.android.com/work/managed-profiles">Work profiles</a>. Profile owner * access is deprecated and will be removed in a future release. * Loading Loading @@ -1733,8 +1733,8 @@ public class TelephonyManager { * * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, for the calling app to be the device or * profile owner and have the READ_PHONE_STATE permission, or that the calling app has carrier * privileges (see {@link #hasCarrierPrivileges}). The profile owner is an app that owns a * managed profile on the device; for more details see <a * privileges (see {@link #hasCarrierPrivileges}) on any active subscription. The profile owner * is an app that owns a managed profile on the device; for more details see <a * href="https://developer.android.com/work/managed-profiles">Work profiles</a>. Profile owner * access is deprecated and will be removed in a future release. * Loading Loading @@ -1793,7 +1793,8 @@ public class TelephonyManager { * <li>The caller holds the READ_PRIVILEGED_PHONE_STATE permission.</li> * <li>If the caller is the device or profile owner, the caller holds the * {@link Manifest.permission#READ_PHONE_STATE} permission.</li> * <li>The caller has carrier privileges (see {@link #hasCarrierPrivileges()}.</li> * <li>The caller has carrier privileges (see {@link #hasCarrierPrivileges()} on any * active subscription.</li> * <li>The caller is the default SMS app for the device.</li> * </ul> * <p>The profile owner is an app that owns a managed profile on the device; for more details Loading Loading @@ -1862,8 +1863,8 @@ public class TelephonyManager { * * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, for the calling app to be the device or * profile owner and have the READ_PHONE_STATE permission, or that the calling app has carrier * privileges (see {@link #hasCarrierPrivileges}). The profile owner is an app that owns a * managed profile on the device; for more details see <a * privileges (see {@link #hasCarrierPrivileges}) on any active subscription. The profile owner * is an app that owns a managed profile on the device; for more details see <a * href="https://developer.android.com/work/managed-profiles">Work profiles</a>. Profile owner * access is deprecated and will be removed in a future release. * Loading @@ -1889,8 +1890,8 @@ public class TelephonyManager { * * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, for the calling app to be the device or * profile owner and have the READ_PHONE_STATE permission, or that the calling app has carrier * privileges (see {@link #hasCarrierPrivileges}). The profile owner is an app that owns a * managed profile on the device; for more details see <a * privileges (see {@link #hasCarrierPrivileges}) on any active subscription. The profile owner * is an app that owns a managed profile on the device; for more details see <a * href="https://developer.android.com/work/managed-profiles">Work profiles</a>. Profile owner * access is deprecated and will be removed in a future release. * Loading telephony/java/com/android/internal/telephony/TelephonyPermissions.java +40 −20 Original line number Diff line number Diff line Loading @@ -237,9 +237,10 @@ public final class TelephonyPermissions { * <ul> * <li>return true: if the caller has the READ_PRIVILEGED_PHONE_STATE permission, the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier * access check, or the calling package has carrier privileges. * access check, or the calling package has carrier privileges on any active subscription. * <li>throw SecurityException: if the caller does not meet any of the requirements and is * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission. * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission * or carrier privileges of any active subscription. * <li>return false: if the caller is targeting pre-Q and does have the READ_PHONE_STATE * permission. In this case the caller would expect to have access to the device * identifiers so false is returned instead of throwing a SecurityException to indicate Loading @@ -259,10 +260,10 @@ public final class TelephonyPermissions { * <ul> * <li>return true: if the caller has the READ_PRIVILEGED_PHONE_STATE permission, the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier * access check, or the calling package has carrier privileges. * access check, or the calling package has carrier privileges on any active subscription. * <li>throw SecurityException: if the caller does not meet any of the requirements and is * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission * or carrier privileges. * or carrier privileges of any active subscription. * <li>return false: if the caller is targeting pre-Q and does have the READ_PHONE_STATE * permission or carrier privileges. In this case the caller would expect to have access * to the device identifiers so false is returned instead of throwing a SecurityException Loading @@ -271,8 +272,8 @@ public final class TelephonyPermissions { */ public static boolean checkCallingOrSelfReadDeviceIdentifiers(Context context, int subId, String callingPackage, String message) { return checkReadDeviceIdentifiers(context, TELEPHONY_SUPPLIER, subId, Binder.getCallingPid(), Binder.getCallingUid(), callingPackage, message); return checkPrivilegedReadPermissionOrCarrierPrivilegePermission( context, subId, callingPackage, message, true); } /** Loading @@ -282,7 +283,7 @@ public final class TelephonyPermissions { * <ul> * <li>return true: if the caller has the READ_PRIVILEGED_PHONE_STATE permission, the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier * access check, or the calling package has carrier privileges. * access check, or the calling package has carrier privileges on specified subscription. * <li>throw SecurityException: if the caller does not meet any of the requirements and is * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission. * <li>return false: if the caller is targeting pre-Q and does have the READ_PHONE_STATE Loading @@ -293,21 +294,33 @@ public final class TelephonyPermissions { */ public static boolean checkCallingOrSelfReadSubscriberIdentifiers(Context context, int subId, String callingPackage, String message) { return checkReadDeviceIdentifiers(context, TELEPHONY_SUPPLIER, subId, Binder.getCallingPid(), Binder.getCallingUid(), callingPackage, message); return checkPrivilegedReadPermissionOrCarrierPrivilegePermission( context, subId, callingPackage, message, false); } /** * Checks whether the app with the given pid/uid can read device identifiers. * * @returns true if the caller has the READ_PRIVILEGED_PHONE_STATE permission or the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier access * check. * <p>This method behaves in one of the following ways: * <ul> * <li>return true: if the caller has the READ_PRIVILEGED_PHONE_STATE permission, the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier * access check; or the calling package has carrier privileges on the specified * subscription; or allowCarrierPrivilegeOnAnySub is true and has carrier privilege on * any active subscription. * <li>throw SecurityException: if the caller does not meet any of the requirements and is * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission. * <li>return false: if the caller is targeting pre-Q and does have the READ_PHONE_STATE * permission. In this case the caller would expect to have access to the device * identifiers so false is returned instead of throwing a SecurityException to indicate * the calling function should return dummy data. * </ul> */ @VisibleForTesting public static boolean checkReadDeviceIdentifiers(Context context, Supplier<ITelephony> telephonySupplier, int subId, int pid, int uid, String callingPackage, String message) { private static boolean checkPrivilegedReadPermissionOrCarrierPrivilegePermission( Context context, int subId, String callingPackage, String message, boolean allowCarrierPrivilegeOnAnySub) { int uid = Binder.getCallingUid(); int pid = Binder.getCallingPid(); // Allow system and root access to the device identifiers. final int appId = UserHandle.getAppId(uid); if (appId == Process.SYSTEM_UID || appId == Process.ROOT_UID) { Loading @@ -318,10 +331,17 @@ public final class TelephonyPermissions { uid) == PackageManager.PERMISSION_GRANTED) { return true; } // If the calling package has carrier privileges for any subscription then allow access. if (checkCarrierPrivilegeForAnySubId(context, telephonySupplier, uid)) { // If the calling package has carrier privileges for specified sub, then allow access. if (checkCarrierPrivilegeForSubId(subId)) return true; // If the calling package has carrier privileges for any subscription // and allowCarrierPrivilegeOnAnySub is set true, then allow access. if (allowCarrierPrivilegeOnAnySub && checkCarrierPrivilegeForAnySubId( context, TELEPHONY_SUPPLIER, uid)) { return true; } // if the calling package is not null then perform the DevicePolicyManager device / // profile owner and Appop checks. if (callingPackage != null) { Loading Loading
telephony/java/android/telephony/TelephonyManager.java +10 −9 Original line number Diff line number Diff line Loading @@ -1692,8 +1692,8 @@ public class TelephonyManager { * * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, for the calling app to be the device or * profile owner and have the READ_PHONE_STATE permission, or that the calling app has carrier * privileges (see {@link #hasCarrierPrivileges}). The profile owner is an app that owns a * managed profile on the device; for more details see <a * privileges (see {@link #hasCarrierPrivileges}) on any active subscription. The profile owner * is an app that owns a managed profile on the device; for more details see <a * href="https://developer.android.com/work/managed-profiles">Work profiles</a>. Profile owner * access is deprecated and will be removed in a future release. * Loading Loading @@ -1733,8 +1733,8 @@ public class TelephonyManager { * * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, for the calling app to be the device or * profile owner and have the READ_PHONE_STATE permission, or that the calling app has carrier * privileges (see {@link #hasCarrierPrivileges}). The profile owner is an app that owns a * managed profile on the device; for more details see <a * privileges (see {@link #hasCarrierPrivileges}) on any active subscription. The profile owner * is an app that owns a managed profile on the device; for more details see <a * href="https://developer.android.com/work/managed-profiles">Work profiles</a>. Profile owner * access is deprecated and will be removed in a future release. * Loading Loading @@ -1793,7 +1793,8 @@ public class TelephonyManager { * <li>The caller holds the READ_PRIVILEGED_PHONE_STATE permission.</li> * <li>If the caller is the device or profile owner, the caller holds the * {@link Manifest.permission#READ_PHONE_STATE} permission.</li> * <li>The caller has carrier privileges (see {@link #hasCarrierPrivileges()}.</li> * <li>The caller has carrier privileges (see {@link #hasCarrierPrivileges()} on any * active subscription.</li> * <li>The caller is the default SMS app for the device.</li> * </ul> * <p>The profile owner is an app that owns a managed profile on the device; for more details Loading Loading @@ -1862,8 +1863,8 @@ public class TelephonyManager { * * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, for the calling app to be the device or * profile owner and have the READ_PHONE_STATE permission, or that the calling app has carrier * privileges (see {@link #hasCarrierPrivileges}). The profile owner is an app that owns a * managed profile on the device; for more details see <a * privileges (see {@link #hasCarrierPrivileges}) on any active subscription. The profile owner * is an app that owns a managed profile on the device; for more details see <a * href="https://developer.android.com/work/managed-profiles">Work profiles</a>. Profile owner * access is deprecated and will be removed in a future release. * Loading @@ -1889,8 +1890,8 @@ public class TelephonyManager { * * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, for the calling app to be the device or * profile owner and have the READ_PHONE_STATE permission, or that the calling app has carrier * privileges (see {@link #hasCarrierPrivileges}). The profile owner is an app that owns a * managed profile on the device; for more details see <a * privileges (see {@link #hasCarrierPrivileges}) on any active subscription. The profile owner * is an app that owns a managed profile on the device; for more details see <a * href="https://developer.android.com/work/managed-profiles">Work profiles</a>. Profile owner * access is deprecated and will be removed in a future release. * Loading
telephony/java/com/android/internal/telephony/TelephonyPermissions.java +40 −20 Original line number Diff line number Diff line Loading @@ -237,9 +237,10 @@ public final class TelephonyPermissions { * <ul> * <li>return true: if the caller has the READ_PRIVILEGED_PHONE_STATE permission, the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier * access check, or the calling package has carrier privileges. * access check, or the calling package has carrier privileges on any active subscription. * <li>throw SecurityException: if the caller does not meet any of the requirements and is * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission. * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission * or carrier privileges of any active subscription. * <li>return false: if the caller is targeting pre-Q and does have the READ_PHONE_STATE * permission. In this case the caller would expect to have access to the device * identifiers so false is returned instead of throwing a SecurityException to indicate Loading @@ -259,10 +260,10 @@ public final class TelephonyPermissions { * <ul> * <li>return true: if the caller has the READ_PRIVILEGED_PHONE_STATE permission, the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier * access check, or the calling package has carrier privileges. * access check, or the calling package has carrier privileges on any active subscription. * <li>throw SecurityException: if the caller does not meet any of the requirements and is * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission * or carrier privileges. * or carrier privileges of any active subscription. * <li>return false: if the caller is targeting pre-Q and does have the READ_PHONE_STATE * permission or carrier privileges. In this case the caller would expect to have access * to the device identifiers so false is returned instead of throwing a SecurityException Loading @@ -271,8 +272,8 @@ public final class TelephonyPermissions { */ public static boolean checkCallingOrSelfReadDeviceIdentifiers(Context context, int subId, String callingPackage, String message) { return checkReadDeviceIdentifiers(context, TELEPHONY_SUPPLIER, subId, Binder.getCallingPid(), Binder.getCallingUid(), callingPackage, message); return checkPrivilegedReadPermissionOrCarrierPrivilegePermission( context, subId, callingPackage, message, true); } /** Loading @@ -282,7 +283,7 @@ public final class TelephonyPermissions { * <ul> * <li>return true: if the caller has the READ_PRIVILEGED_PHONE_STATE permission, the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier * access check, or the calling package has carrier privileges. * access check, or the calling package has carrier privileges on specified subscription. * <li>throw SecurityException: if the caller does not meet any of the requirements and is * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission. * <li>return false: if the caller is targeting pre-Q and does have the READ_PHONE_STATE Loading @@ -293,21 +294,33 @@ public final class TelephonyPermissions { */ public static boolean checkCallingOrSelfReadSubscriberIdentifiers(Context context, int subId, String callingPackage, String message) { return checkReadDeviceIdentifiers(context, TELEPHONY_SUPPLIER, subId, Binder.getCallingPid(), Binder.getCallingUid(), callingPackage, message); return checkPrivilegedReadPermissionOrCarrierPrivilegePermission( context, subId, callingPackage, message, false); } /** * Checks whether the app with the given pid/uid can read device identifiers. * * @returns true if the caller has the READ_PRIVILEGED_PHONE_STATE permission or the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier access * check. * <p>This method behaves in one of the following ways: * <ul> * <li>return true: if the caller has the READ_PRIVILEGED_PHONE_STATE permission, the calling * package passes a DevicePolicyManager Device Owner / Profile Owner device identifier * access check; or the calling package has carrier privileges on the specified * subscription; or allowCarrierPrivilegeOnAnySub is true and has carrier privilege on * any active subscription. * <li>throw SecurityException: if the caller does not meet any of the requirements and is * targeting Q or is targeting pre-Q and does not have the READ_PHONE_STATE permission. * <li>return false: if the caller is targeting pre-Q and does have the READ_PHONE_STATE * permission. In this case the caller would expect to have access to the device * identifiers so false is returned instead of throwing a SecurityException to indicate * the calling function should return dummy data. * </ul> */ @VisibleForTesting public static boolean checkReadDeviceIdentifiers(Context context, Supplier<ITelephony> telephonySupplier, int subId, int pid, int uid, String callingPackage, String message) { private static boolean checkPrivilegedReadPermissionOrCarrierPrivilegePermission( Context context, int subId, String callingPackage, String message, boolean allowCarrierPrivilegeOnAnySub) { int uid = Binder.getCallingUid(); int pid = Binder.getCallingPid(); // Allow system and root access to the device identifiers. final int appId = UserHandle.getAppId(uid); if (appId == Process.SYSTEM_UID || appId == Process.ROOT_UID) { Loading @@ -318,10 +331,17 @@ public final class TelephonyPermissions { uid) == PackageManager.PERMISSION_GRANTED) { return true; } // If the calling package has carrier privileges for any subscription then allow access. if (checkCarrierPrivilegeForAnySubId(context, telephonySupplier, uid)) { // If the calling package has carrier privileges for specified sub, then allow access. if (checkCarrierPrivilegeForSubId(subId)) return true; // If the calling package has carrier privileges for any subscription // and allowCarrierPrivilegeOnAnySub is set true, then allow access. if (allowCarrierPrivilegeOnAnySub && checkCarrierPrivilegeForAnySubId( context, TELEPHONY_SUPPLIER, uid)) { return true; } // if the calling package is not null then perform the DevicePolicyManager device / // profile owner and Appop checks. if (callingPackage != null) { Loading
