Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1905f3f1 authored by Michael Groover's avatar Michael Groover
Browse files

Require READ_PHONE_STATE for DO/PO dev ID access 

When device identifier access was moved from a runtime permission to a
privileged permission device and profile owner access regressed by no longer
requiring consent to access the identifiers. With this change device and
profile owners will still need to have the READ_PHONE_STATE permission to
access identifiers.

Bug: 117611604
Test: cts-tradefed run cts -m CtsDevicePolicyManagerTestCases \
      -t com.android.cts.devicepolicy.DeviceOwnerTest#testDeviceOwnerCanGetDeviceIdentifiers
Test: cts-tradefed run cts -m CtsDevicePolicyManagerTestCases \
      -t com.android.cts.devicepolicy.ManagedProfileTest#testProfileOwnerCanGetDeviceIdentifiers

Change-Id: Ib2d86440c531eab075d010de183ccfa45c2443e5
parent d2e05574

core/java/android/app/admin/DevicePolicyManager.java

+3 −1
Original line number Diff line number Diff line
@@ -51,6 +51,7 @@ import android.content.pm.UserInfo; 
import android.graphics.Bitmap;

import android.net.ProxyInfo;

import android.net.Uri;

import android.os.Binder;

import android.os.Bundle;

import android.os.Parcelable;

import android.os.PersistableBundle;
@@ -5756,7 +5757,8 @@ public class DevicePolicyManager { 
        }

        if (mService != null) {

            try {

                return mService.checkDeviceIdentifierAccess(packageName, userId);

                return mService.checkDeviceIdentifierAccess(packageName, userId,

                        Binder.getCallingPid(), Binder.getCallingUid());

            } catch (RemoteException re) {

                throw re.rethrowFromSystemServer();

            }

core/java/android/app/admin/IDevicePolicyManager.aidl

+1 −1
Original line number Diff line number Diff line
@@ -153,7 +153,7 @@ interface IDevicePolicyManager { 
    void clearProfileOwner(in ComponentName who);

    boolean hasUserSetupCompleted();



    boolean checkDeviceIdentifierAccess(in String packageName, int userHandle);

    boolean checkDeviceIdentifierAccess(in String packageName, int userHandle, int pid, int uid);



    void setDeviceOwnerLockScreenInfo(in ComponentName who, CharSequence deviceOwnerInfo);

    CharSequence getDeviceOwnerLockScreenInfo();

core/java/android/os/Build.java

+3 −3
Original line number Diff line number Diff line
@@ -130,9 +130,9 @@ public class Build { 
     * <a href="/training/articles/security-key-attestation.html">key attestation</a> to obtain

     * proof of the device's original identifiers.

     *

     * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE or for the calling package to be the

     * device or profile owner. Profile owner access is deprecated and will be removed in a future

     * release.

     * <p>Requires Permission: READ_PRIVILEGED_PHONE_STATE, or for the calling package to be the

     * device or profile owner and have the READ_PHONE_STATE permission. Profile owner access is

     * deprecated and will be removed in a future release.

     *

     * @return The serial number if specified.

     */

services/devicepolicy/java/com/android/server/devicepolicy/BaseIDevicePolicyManager.java

+2 −1
Original line number Diff line number Diff line
@@ -68,7 +68,8 @@ abstract class BaseIDevicePolicyManager extends IDevicePolicyManager.Stub { 
    }



    @Override

    public boolean checkDeviceIdentifierAccess(String packageName, int userHandle) {

    public boolean checkDeviceIdentifierAccess(String packageName, int userHandle, int pid,

            int uid) {

        return false;

    }

}

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+15 −1
Original line number Diff line number Diff line
@@ -7862,7 +7862,21 @@ public class DevicePolicyManagerService extends BaseIDevicePolicyManager { 
    }















    @Override













    public boolean checkDeviceIdentifierAccess(String packageName, int userHandle) {













    public boolean checkDeviceIdentifierAccess(String packageName, int userHandle, int pid,













            int uid) {













        // If the caller is not a system app then it should only be able to check its own device













        // identifier access.













        int callingAppId = UserHandle.getAppId(mInjector.binderGetCallingUid());













        if (callingAppId >= Process.FIRST_APPLICATION_UID













                && callingAppId != UserHandle.getAppId(uid)) {













            return false;













        }













        // A device or profile owner must also have the READ_PHONE_STATE permission to access device













        // identifiers. If the package being checked does not have this permission then deny access.













        if (mContext.checkPermission(android.Manifest.permission.READ_PHONE_STATE, pid, uid)













                != PackageManager.PERMISSION_GRANTED) {













            return false;













        }















        // Allow access to the device owner.















        ComponentName deviceOwner = getDeviceOwnerComponent(true);















        if (deviceOwner != null && deviceOwner.getPackageName().equals(packageName)) {