Loading core/java/android/app/AppOpsManager.java +13 −1 Original line number Original line Diff line number Diff line Loading @@ -823,9 +823,11 @@ public class AppOpsManager { public static final int OP_LEGACY_STORAGE = 87; public static final int OP_LEGACY_STORAGE = 87; /** @hide Accessing accessibility features */ /** @hide Accessing accessibility features */ public static final int OP_ACCESS_ACCESSIBILITY = 88; public static final int OP_ACCESS_ACCESSIBILITY = 88; /** @hide Read the device identifiers (IMEI / MEID, IMSI, SIM / Build serial) */ public static final int OP_READ_DEVICE_IDENTIFIERS = 89; /** @hide */ /** @hide */ @UnsupportedAppUsage @UnsupportedAppUsage public static final int _NUM_OP = 89; public static final int _NUM_OP = 90; /** Access to coarse location information. */ /** Access to coarse location information. */ public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; Loading Loading @@ -1099,6 +1101,8 @@ public class AppOpsManager { /** @hide Interact with accessibility. */ /** @hide Interact with accessibility. */ @SystemApi @SystemApi public static final String OPSTR_ACCESS_ACCESSIBILITY = "android:access_accessibility"; public static final String OPSTR_ACCESS_ACCESSIBILITY = "android:access_accessibility"; /** @hide Read device identifiers */ public static final String OPSTR_READ_DEVICE_IDENTIFIERS = "android:read_device_identifiers"; // Warning: If an permission is added here it also has to be added to // Warning: If an permission is added here it also has to be added to // com.android.packageinstaller.permission.utils.EventLogger // com.android.packageinstaller.permission.utils.EventLogger Loading Loading @@ -1259,6 +1263,7 @@ public class AppOpsManager { OP_WRITE_MEDIA_IMAGES, // WRITE_MEDIA_IMAGES OP_WRITE_MEDIA_IMAGES, // WRITE_MEDIA_IMAGES OP_LEGACY_STORAGE, // LEGACY_STORAGE OP_LEGACY_STORAGE, // LEGACY_STORAGE OP_ACCESS_ACCESSIBILITY, // ACCESS_ACCESSIBILITY OP_ACCESS_ACCESSIBILITY, // ACCESS_ACCESSIBILITY OP_READ_DEVICE_IDENTIFIERS, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1354,6 +1359,7 @@ public class AppOpsManager { OPSTR_WRITE_MEDIA_IMAGES, OPSTR_WRITE_MEDIA_IMAGES, OPSTR_LEGACY_STORAGE, OPSTR_LEGACY_STORAGE, OPSTR_ACCESS_ACCESSIBILITY, OPSTR_ACCESS_ACCESSIBILITY, OPSTR_READ_DEVICE_IDENTIFIERS, }; }; /** /** Loading Loading @@ -1450,6 +1456,7 @@ public class AppOpsManager { "WRITE_MEDIA_IMAGES", "WRITE_MEDIA_IMAGES", "LEGACY_STORAGE", "LEGACY_STORAGE", "ACCESS_ACCESSIBILITY", "ACCESS_ACCESSIBILITY", "READ_DEVICE_IDENTIFIERS", }; }; /** /** Loading Loading @@ -1547,6 +1554,7 @@ public class AppOpsManager { null, // no permission for OP_WRITE_MEDIA_IMAGES null, // no permission for OP_WRITE_MEDIA_IMAGES null, // no permission for OP_LEGACY_STORAGE null, // no permission for OP_LEGACY_STORAGE null, // no permission for OP_ACCESS_ACCESSIBILITY null, // no permission for OP_ACCESS_ACCESSIBILITY null, // no direct permission for OP_READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1644,6 +1652,7 @@ public class AppOpsManager { null, // WRITE_MEDIA_IMAGES null, // WRITE_MEDIA_IMAGES null, // LEGACY_STORAGE null, // LEGACY_STORAGE null, // ACCESS_ACCESSIBILITY null, // ACCESS_ACCESSIBILITY null, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1740,6 +1749,7 @@ public class AppOpsManager { false, // WRITE_MEDIA_IMAGES false, // WRITE_MEDIA_IMAGES false, // LEGACY_STORAGE false, // LEGACY_STORAGE false, // ACCESS_ACCESSIBILITY false, // ACCESS_ACCESSIBILITY false, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1835,6 +1845,7 @@ public class AppOpsManager { AppOpsManager.MODE_ERRORED, // WRITE_MEDIA_IMAGES AppOpsManager.MODE_ERRORED, // WRITE_MEDIA_IMAGES AppOpsManager.MODE_DEFAULT, // LEGACY_STORAGE AppOpsManager.MODE_DEFAULT, // LEGACY_STORAGE AppOpsManager.MODE_ALLOWED, // ACCESS_ACCESSIBILITY AppOpsManager.MODE_ALLOWED, // ACCESS_ACCESSIBILITY AppOpsManager.MODE_ERRORED, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1934,6 +1945,7 @@ public class AppOpsManager { false, // WRITE_MEDIA_IMAGES false, // WRITE_MEDIA_IMAGES false, // LEGACY_STORAGE false, // LEGACY_STORAGE false, // ACCESS_ACCESSIBILITY false, // ACCESS_ACCESSIBILITY false, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading telephony/java/com/android/internal/telephony/TelephonyPermissions.java +13 −1 Original line number Original line Diff line number Diff line Loading @@ -344,10 +344,22 @@ public final class TelephonyPermissions { return true; return true; } } // if the calling package is null then return now as there's no way to perform the // if the calling package is null then return now as there's no way to perform the // DevicePolicyManager device / profile owner checks. // DevicePolicyManager device / profile owner and AppOp checks if (callingPackage == null) { if (callingPackage == null) { return false; return false; } } // Allow access to an app that has been granted the READ_DEVICE_IDENTIFIERS app op. long token = Binder.clearCallingIdentity(); AppOpsManager appOpsManager = (AppOpsManager) context.getSystemService( Context.APP_OPS_SERVICE); try { if (appOpsManager.noteOpNoThrow(AppOpsManager.OPSTR_READ_DEVICE_IDENTIFIERS, uid, callingPackage) == AppOpsManager.MODE_ALLOWED) { return true; } } finally { Binder.restoreCallingIdentity(token); } // Allow access to a device / profile owner app. // Allow access to a device / profile owner app. DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService( DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService( Context.DEVICE_POLICY_SERVICE); Context.DEVICE_POLICY_SERVICE); Loading Loading
core/java/android/app/AppOpsManager.java +13 −1 Original line number Original line Diff line number Diff line Loading @@ -823,9 +823,11 @@ public class AppOpsManager { public static final int OP_LEGACY_STORAGE = 87; public static final int OP_LEGACY_STORAGE = 87; /** @hide Accessing accessibility features */ /** @hide Accessing accessibility features */ public static final int OP_ACCESS_ACCESSIBILITY = 88; public static final int OP_ACCESS_ACCESSIBILITY = 88; /** @hide Read the device identifiers (IMEI / MEID, IMSI, SIM / Build serial) */ public static final int OP_READ_DEVICE_IDENTIFIERS = 89; /** @hide */ /** @hide */ @UnsupportedAppUsage @UnsupportedAppUsage public static final int _NUM_OP = 89; public static final int _NUM_OP = 90; /** Access to coarse location information. */ /** Access to coarse location information. */ public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; public static final String OPSTR_COARSE_LOCATION = "android:coarse_location"; Loading Loading @@ -1099,6 +1101,8 @@ public class AppOpsManager { /** @hide Interact with accessibility. */ /** @hide Interact with accessibility. */ @SystemApi @SystemApi public static final String OPSTR_ACCESS_ACCESSIBILITY = "android:access_accessibility"; public static final String OPSTR_ACCESS_ACCESSIBILITY = "android:access_accessibility"; /** @hide Read device identifiers */ public static final String OPSTR_READ_DEVICE_IDENTIFIERS = "android:read_device_identifiers"; // Warning: If an permission is added here it also has to be added to // Warning: If an permission is added here it also has to be added to // com.android.packageinstaller.permission.utils.EventLogger // com.android.packageinstaller.permission.utils.EventLogger Loading Loading @@ -1259,6 +1263,7 @@ public class AppOpsManager { OP_WRITE_MEDIA_IMAGES, // WRITE_MEDIA_IMAGES OP_WRITE_MEDIA_IMAGES, // WRITE_MEDIA_IMAGES OP_LEGACY_STORAGE, // LEGACY_STORAGE OP_LEGACY_STORAGE, // LEGACY_STORAGE OP_ACCESS_ACCESSIBILITY, // ACCESS_ACCESSIBILITY OP_ACCESS_ACCESSIBILITY, // ACCESS_ACCESSIBILITY OP_READ_DEVICE_IDENTIFIERS, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1354,6 +1359,7 @@ public class AppOpsManager { OPSTR_WRITE_MEDIA_IMAGES, OPSTR_WRITE_MEDIA_IMAGES, OPSTR_LEGACY_STORAGE, OPSTR_LEGACY_STORAGE, OPSTR_ACCESS_ACCESSIBILITY, OPSTR_ACCESS_ACCESSIBILITY, OPSTR_READ_DEVICE_IDENTIFIERS, }; }; /** /** Loading Loading @@ -1450,6 +1456,7 @@ public class AppOpsManager { "WRITE_MEDIA_IMAGES", "WRITE_MEDIA_IMAGES", "LEGACY_STORAGE", "LEGACY_STORAGE", "ACCESS_ACCESSIBILITY", "ACCESS_ACCESSIBILITY", "READ_DEVICE_IDENTIFIERS", }; }; /** /** Loading Loading @@ -1547,6 +1554,7 @@ public class AppOpsManager { null, // no permission for OP_WRITE_MEDIA_IMAGES null, // no permission for OP_WRITE_MEDIA_IMAGES null, // no permission for OP_LEGACY_STORAGE null, // no permission for OP_LEGACY_STORAGE null, // no permission for OP_ACCESS_ACCESSIBILITY null, // no permission for OP_ACCESS_ACCESSIBILITY null, // no direct permission for OP_READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1644,6 +1652,7 @@ public class AppOpsManager { null, // WRITE_MEDIA_IMAGES null, // WRITE_MEDIA_IMAGES null, // LEGACY_STORAGE null, // LEGACY_STORAGE null, // ACCESS_ACCESSIBILITY null, // ACCESS_ACCESSIBILITY null, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1740,6 +1749,7 @@ public class AppOpsManager { false, // WRITE_MEDIA_IMAGES false, // WRITE_MEDIA_IMAGES false, // LEGACY_STORAGE false, // LEGACY_STORAGE false, // ACCESS_ACCESSIBILITY false, // ACCESS_ACCESSIBILITY false, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1835,6 +1845,7 @@ public class AppOpsManager { AppOpsManager.MODE_ERRORED, // WRITE_MEDIA_IMAGES AppOpsManager.MODE_ERRORED, // WRITE_MEDIA_IMAGES AppOpsManager.MODE_DEFAULT, // LEGACY_STORAGE AppOpsManager.MODE_DEFAULT, // LEGACY_STORAGE AppOpsManager.MODE_ALLOWED, // ACCESS_ACCESSIBILITY AppOpsManager.MODE_ALLOWED, // ACCESS_ACCESSIBILITY AppOpsManager.MODE_ERRORED, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading Loading @@ -1934,6 +1945,7 @@ public class AppOpsManager { false, // WRITE_MEDIA_IMAGES false, // WRITE_MEDIA_IMAGES false, // LEGACY_STORAGE false, // LEGACY_STORAGE false, // ACCESS_ACCESSIBILITY false, // ACCESS_ACCESSIBILITY false, // READ_DEVICE_IDENTIFIERS }; }; /** /** Loading
telephony/java/com/android/internal/telephony/TelephonyPermissions.java +13 −1 Original line number Original line Diff line number Diff line Loading @@ -344,10 +344,22 @@ public final class TelephonyPermissions { return true; return true; } } // if the calling package is null then return now as there's no way to perform the // if the calling package is null then return now as there's no way to perform the // DevicePolicyManager device / profile owner checks. // DevicePolicyManager device / profile owner and AppOp checks if (callingPackage == null) { if (callingPackage == null) { return false; return false; } } // Allow access to an app that has been granted the READ_DEVICE_IDENTIFIERS app op. long token = Binder.clearCallingIdentity(); AppOpsManager appOpsManager = (AppOpsManager) context.getSystemService( Context.APP_OPS_SERVICE); try { if (appOpsManager.noteOpNoThrow(AppOpsManager.OPSTR_READ_DEVICE_IDENTIFIERS, uid, callingPackage) == AppOpsManager.MODE_ALLOWED) { return true; } } finally { Binder.restoreCallingIdentity(token); } // Allow access to a device / profile owner app. // Allow access to a device / profile owner app. DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService( DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService( Context.DEVICE_POLICY_SERVICE); Context.DEVICE_POLICY_SERVICE); Loading
