am 66eb1ad1: am 53e5ba22: Merge "Do not check runtime READ_PHONE_STATE if... (67091577) · Commits · e / os / android_frameworks_base

packages/SystemUI/AndroidManifest.xml

+0 −1

Original line number	Original line	Diff line number	Diff line
	@@ -51,7 +51,6 @@
	<uses-permission android:name="android.permission.BLUETOOTH_PRIVILEGED" />		<uses-permission android:name="android.permission.BLUETOOTH_PRIVILEGED" />
	<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />		<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
	<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />		<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
	<uses-permission android:name="android.permission.READ_PHONE_STATE" />
	<uses-permission android:name="android.permission.READ_PRIVILEGED_PHONE_STATE" />		<uses-permission android:name="android.permission.READ_PRIVILEGED_PHONE_STATE" />
	<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />		<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
	<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />		<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />

services/core/java/com/android/server/TelephonyRegistry.java

+41 −10

Original line number	Original line	Diff line number	Diff line
	@@ -16,6 +16,7 @@

	package com.android.server;		package com.android.server;

			import android.Manifest;
	import android.app.ActivityManager;		import android.app.ActivityManager;
	import android.app.AppOpsManager;		import android.app.AppOpsManager;
	import android.content.BroadcastReceiver;		import android.content.BroadcastReceiver;
	@@ -360,13 +361,21 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
	+ " callback.asBinder=" + callback.asBinder());		+ " callback.asBinder=" + callback.asBinder());
	}		}

			try {
			mContext.enforceCallingPermission(
			android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE,
			"addOnSubscriptionsChangedListener");
			// SKIP checking for run-time permission since obtained PRIVILEGED
			} catch (SecurityException e) {
	mContext.enforceCallingOrSelfPermission(		mContext.enforceCallingOrSelfPermission(
	android.Manifest.permission.READ_PHONE_STATE, null);		android.Manifest.permission.READ_PHONE_STATE,
			"addOnSubscriptionsChangedListener");

	if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),		if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),
	callingPackage) != AppOpsManager.MODE_ALLOWED) {		callingPackage) != AppOpsManager.MODE_ALLOWED) {
	return;		return;
	}		}
			}

	Record r;		Record r;

	@@ -471,11 +480,17 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
	checkListenerPermission(events);		checkListenerPermission(events);

	if ((events & ENFORCE_PHONE_STATE_PERMISSION_MASK) != 0) {		if ((events & ENFORCE_PHONE_STATE_PERMISSION_MASK) != 0) {
			try {
			mContext.enforceCallingPermission(
			android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE, null);
			// SKIP checking for run-time permission since obtained PRIVILEGED
			} catch (SecurityException e) {
	if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),		if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),
	callingPackage) != AppOpsManager.MODE_ALLOWED) {		callingPackage) != AppOpsManager.MODE_ALLOWED) {
	return;		return;
	}		}
	}		}
			}

	synchronized (mRecords) {		synchronized (mRecords) {
	// register		// register
	@@ -646,6 +661,12 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
	}		}

	private boolean canReadPhoneState(String callingPackage) {		private boolean canReadPhoneState(String callingPackage) {
			if (mContext.checkCallingPermission(
			android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE) ==
			PackageManager.PERMISSION_GRANTED) {
			// SKIP checking for run-time permission since obtained PRIVILEGED
			return true;
			}
	boolean canReadPhoneState = mContext.checkCallingOrSelfPermission(		boolean canReadPhoneState = mContext.checkCallingOrSelfPermission(
	android.Manifest.permission.READ_PHONE_STATE) == PackageManager.PERMISSION_GRANTED;		android.Manifest.permission.READ_PHONE_STATE) == PackageManager.PERMISSION_GRANTED;
	if (canReadPhoneState &&		if (canReadPhoneState &&
	@@ -1432,6 +1453,10 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
	intent.putExtra(PhoneConstants.SUBSCRIPTION_KEY, subId);		intent.putExtra(PhoneConstants.SUBSCRIPTION_KEY, subId);
	}		}

			// Send broadcast twice, once for apps that have PRIVILEGED permission and once for those
			// that have the runtime one
			mContext.sendBroadcastAsUser(intent, UserHandle.ALL,
			android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE);
	mContext.sendBroadcastAsUser(intent, UserHandle.ALL,		mContext.sendBroadcastAsUser(intent, UserHandle.ALL,
	android.Manifest.permission.READ_PHONE_STATE,		android.Manifest.permission.READ_PHONE_STATE,
	AppOpsManager.OP_READ_PHONE_STATE);		AppOpsManager.OP_READ_PHONE_STATE);
	@@ -1563,9 +1588,15 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
	}		}

	if ((events & ENFORCE_PHONE_STATE_PERMISSION_MASK) != 0) {		if ((events & ENFORCE_PHONE_STATE_PERMISSION_MASK) != 0) {
			try {
			mContext.enforceCallingPermission(
			android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE, null);
			// SKIP checking for run-time permission since obtained PRIVILEGED
			} catch (SecurityException e) {
	mContext.enforceCallingOrSelfPermission(		mContext.enforceCallingOrSelfPermission(
	android.Manifest.permission.READ_PHONE_STATE, null);		android.Manifest.permission.READ_PHONE_STATE, null);
	}		}
			}

	if ((events & PRECISE_PHONE_STATE_PERMISSION_MASK) != 0) {		if ((events & PRECISE_PHONE_STATE_PERMISSION_MASK) != 0) {
	mContext.enforceCallingOrSelfPermission(		mContext.enforceCallingOrSelfPermission(