Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3ec197b7 authored by Michael Groover's avatar Michael Groover
Browse files

Temporarily relax the privileged device identifier access check 

Access to device identifiers was moved from a runtime permission to a
privileged permission; this change broke some first party apps that query for
these identifiers. This change introduces a flag in TelephonyPermissions that
will allow the privileged check to be relaxed so that dummy data is returned
(null for TelephonyManager methods and Build.UNKNOWN for Build#getSerial)
regardless of target SDK instead of throwing a SecurityException to prevent
app breakage. This flag will be changed back to the default false once all of
the first party apps have the privileged permission granted or their own
unique ID.

Bug: 117611604
Test: cts-tradefed run cts-dev -m CtsTelephony3TestCases
Change-Id: I294455e4c7e589def21d0c437ec1ef398bd44731
parent dcd0b0ab

telephony/java/com/android/internal/telephony/TelephonyPermissions.java

+36 −21
Original line number Diff line number Diff line
@@ -32,6 +32,7 @@ import android.os.UserHandle; 
import android.telephony.Rlog;

import android.telephony.SubscriptionManager;

import android.telephony.TelephonyManager;

import android.util.Log;



import com.android.internal.annotations.VisibleForTesting;
@@ -43,6 +44,10 @@ public final class TelephonyPermissions { 


    private static final boolean DBG = false;



    // When set to true this flag will treat all apps that fail the device identifier check as

    // though they are targeting pre-Q and return dummy data instead of throwing a SecurityException

    private static final boolean RELAX_DEVICE_IDENTIFIER_CHECK = true;



    private static final Supplier<ITelephony> TELEPHONY_SUPPLIER = () ->

            ITelephony.Stub.asInterface(ServiceManager.getService(Context.TELEPHONY_SERVICE));
@@ -275,15 +280,24 @@ public final class TelephonyPermissions { 
     */

    private static boolean reportAccessDeniedToReadIdentifiers(Context context, int subId, int pid,

            int uid, String callingPackage, String message) {

        // if the device identifier check is relaxed then just return false to return dummy data to

        // the caller instead of throwing a SecurityException for apps targeting Q+.

        if (RELAX_DEVICE_IDENTIFIER_CHECK) {

            Log.wtf(LOG_TAG,

                    "reportAccessDeniedToReadIdentifiers:" + callingPackage + ":" + message);

            return false;

        } else {

            if (callingPackage != null) {

                try {

                    // if the target SDK is pre-Q then check if the calling package would have

                    // previously had access to device identifiers.

                ApplicationInfo callingPackageInfo = context.getPackageManager().getApplicationInfo(

                    ApplicationInfo callingPackageInfo =

                            context.getPackageManager().getApplicationInfo(

                                    callingPackage, 0);

                    if (callingPackageInfo != null

                            && callingPackageInfo.targetSdkVersion < Build.VERSION_CODES.Q) {

                    if (context.checkPermission(android.Manifest.permission.READ_PHONE_STATE, pid,

                        if (context.checkPermission(android.Manifest.permission.READ_PHONE_STATE,

                                pid,

                                uid) == PackageManager.PERMISSION_GRANTED) {

                            return false;

                        }
@@ -294,13 +308,14 @@ public final class TelephonyPermissions { 
                        }

                    }

                } catch (PackageManager.NameNotFoundException e) {

                // If the application info for the calling package could not be found then default

                // to throwing the SecurityException.

                    // If the application info for the calling package could not be found then

                    // default to throwing the SecurityException.

                }

            }

            throw new SecurityException(message + ": The user " + uid + " does not have the "

                    + "READ_PRIVILEGED_PHONE_STATE permission to access the device identifiers");

        }

    }



    /**

     * Check whether the app with the given pid/uid can read the call log.