Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 61dd5feb authored by Kevin F. Haggerty's avatar Kevin F. Haggerty
Browse files

Merge tag 'android-security-10.0.0_r68' of... 

Merge tag 'android-security-10.0.0_r68' of https://android.googlesource.com/platform/frameworks/opt/telephony into staging/lineage-17.1_merge_android-security-10.0.0_r68

Android security 10.0.0 release 68

* tag 'android-security-10.0.0_r68' of https://android.googlesource.com/platform/frameworks/opt/telephony:
  Enforce privileged phone state for getSubscriptionProperty(GROUP_UUID)

Change-Id: Ia131fd374a9472883c87744e1651d95faaea4153
parents 32ac4d37 b92a331a

src/java/com/android/internal/telephony/SubscriptionController.java

+13 −3
Original line number Diff line number Diff line
@@ -2733,10 +2733,20 @@ public class SubscriptionController extends ISub.Stub { 
     */

    @Override

    public String getSubscriptionProperty(int subId, String propKey, String callingPackage) {

        if (!TelephonyPermissions.checkCallingOrSelfReadPhoneState(

                mContext, subId, callingPackage, "getSubscriptionProperty")) {

        switch (propKey) {

            case SubscriptionManager.GROUP_UUID:

                if (mContext.checkCallingOrSelfPermission(

                        Manifest.permission.READ_PRIVILEGED_PHONE_STATE) != PERMISSION_GRANTED) {

                    EventLog.writeEvent(0x534e4554, "213457638", Binder.getCallingUid());

                    return null;

                }

                break;

            default:

                if (!TelephonyPermissions.checkCallingOrSelfReadPhoneState(mContext, subId,

                        callingPackage, "getSubscriptionProperty")) {

                    return null;

                }

        }



        final long identity = Binder.clearCallingIdentity();

        try {

tests/telephonytests/src/com/android/internal/telephony/SubscriptionControllerTest.java

+30 −0
Original line number Diff line number Diff line
@@ -673,6 +673,36 @@ public class SubscriptionControllerTest extends TelephonyTest { 
        assertNotEquals(groupId, newGroupId);

    }



    @Test

    @SmallTest

    public void testGetSubscriptionProperty() throws Exception {

        testInsertSim();

        ContentValues values = new ContentValues();

        values.put(SubscriptionManager.GROUP_UUID, 1);

        mFakeTelephonyProvider.update(SubscriptionManager.CONTENT_URI, values,

                SubscriptionManager.UNIQUE_KEY_SUBSCRIPTION_ID + "=" + 1, null);



        mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL);

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE);



        // should succeed with read phone state permission

        String prop = mSubscriptionControllerUT.getSubscriptionProperty(1,

                SubscriptionManager.CB_EXTREME_THREAT_ALERT, mContext.getOpPackageName());



        assertNotEquals(null, prop);



        // group UUID requires privileged phone state permission

        prop = mSubscriptionControllerUT.getSubscriptionProperty(1, SubscriptionManager.GROUP_UUID,

                    mContext.getOpPackageName());

        assertEquals(null, prop);



        // group UUID should succeed once privileged phone state permission is granted

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PRIVILEGED_PHONE_STATE);

        prop = mSubscriptionControllerUT.getSubscriptionProperty(1, SubscriptionManager.GROUP_UUID,

                mContext.getOpPackageName());

        assertNotEquals(null, prop);

    }



    @Test

    @SmallTest

    public void testCreateSubscriptionGroupWithCarrierPrivilegePermission() throws Exception {