Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a37769cc authored by Ling Ma's avatar Ling Ma
Browse files

Gate isForAllProfiles with permission 

When caller calls getActiveSubscriptionInfoList or getActiveSubscriptionInfoCount with isForAllProfiles param, the server will throw exception unless the caller has one of INTERACT_ACROSS_USERS, INTERACT_ACROSS_USERS_FULL, INTERACT_ACROSS_PROFILES permissions.

Fix: 318484172
Test: voice call + data browsing
Change-Id: If7ad333b674df120381de9df8f35f9c0725fa7d9
parent 3cb9b30c

src/java/com/android/internal/telephony/subscription/SubscriptionManagerService.java

+9 −11
Original line number Diff line number Diff line
@@ -1969,10 +1969,8 @@ public class SubscriptionManagerService extends ISub.Stub { 


        enforceTelephonyFeatureWithException(callingPackage, "getActiveSubscriptionInfoList");



        if (isForAllProfiles && !hasAcrossAllUsersPermission()) {

            //TODO(b/308809058 to determine whether the permission enforcement is needed)

            loge("getActiveSubscriptionInfoList: "

                    + callingPackage + " has no appropriate permission.");

        if (isForAllProfiles) {

            enforcePermissionAccessAllUserProfiles();

        }

        return getSubscriptionInfoStreamAsUser(isForAllProfiles

                ? UserHandle.ALL : BINDER_WRAPPER.getCallingUserHandle())
@@ -2013,10 +2011,8 @@ public class SubscriptionManagerService extends ISub.Stub { 
            throw new SecurityException("Need READ_PHONE_STATE, READ_PRIVILEGED_PHONE_STATE, or "

                    + "carrier privilege");

        }

        if (isForAllProfiles && !hasAcrossAllUsersPermission()) {

            //TODO(b/308809058 to determine whether the permission enforcement is needed)

            loge("getActiveSubInfoCount: "

                    + callingPackage + " has no appropriate permission.");

        if (isForAllProfiles) {

            enforcePermissionAccessAllUserProfiles();

        }



        enforceTelephonyFeatureWithException(callingPackage, "getActiveSubInfoCount");
@@ -2025,9 +2021,11 @@ public class SubscriptionManagerService extends ISub.Stub { 
                ? UserHandle.ALL : BINDER_WRAPPER.getCallingUserHandle()).length;

    }



    /**@return {@code true} if the caller is permitted to see all subscriptions. */

    private boolean hasAcrossAllUsersPermission() {

        return hasPermissions(Manifest.permission.INTERACT_ACROSS_USERS,

    /** @throws SecurityException if caller doesn't have one of the requested permissions. */

    private void enforcePermissionAccessAllUserProfiles() {

        if (!mFeatureFlags.enforceSubscriptionUserFilter()) return;

        enforcePermissions("To access across profiles",

                Manifest.permission.INTERACT_ACROSS_USERS,

                Manifest.permission.INTERACT_ACROSS_USERS_FULL,

                Manifest.permission.INTERACT_ACROSS_PROFILES);

    }

tests/telephonytests/src/com/android/internal/telephony/subscription/SubscriptionManagerServiceTest.java

+40 −6
Original line number Diff line number Diff line
@@ -63,7 +63,6 @@ import static org.mockito.Mockito.doReturn; 
import static org.mockito.Mockito.never;

import static org.mockito.Mockito.times;

import static org.mockito.Mockito.verify;

import static org.mockito.Mockito.when;



import android.Manifest;

import android.annotation.NonNull;
@@ -79,7 +78,6 @@ import android.os.Bundle; 
import android.os.Handler;

import android.os.Looper;

import android.os.ParcelUuid;

import android.os.SystemProperties;

import android.os.UserHandle;

import android.provider.Settings;

import android.provider.Telephony;
@@ -1328,9 +1326,17 @@ public class SubscriptionManagerServiceTest extends TelephonyTest { 
        // Test getActiveSubIdList, System

        assertThat(mSubscriptionManagerServiceUT.getActiveSubIdList(false/*visible only*/))

                .isEqualTo(new int[]{subId1, subId2});

        // Test get getActiveSubInfoCount

        // Test get getActiveSubInfoCount - forAllProfiles: false

        assertThat(mSubscriptionManagerServiceUT.getActiveSubInfoCount(

                CALLING_PACKAGE, CALLING_FEATURE, false)).isEqualTo(1);

        // Test get getActiveSubInfoCount - forAllProfiles: true

        assertThrows(SecurityException.class,

                () -> mSubscriptionManagerServiceUT.getActiveSubInfoCount(

                        CALLING_PACKAGE, CALLING_FEATURE, true));

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);

        assertThat(mSubscriptionManagerServiceUT.getActiveSubInfoCount(

                CALLING_PACKAGE, CALLING_FEATURE, true)).isEqualTo(2);

        mContextFixture.removeCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);

        // Test getActiveSubscriptionInfo

        assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfo(

                subId1, CALLING_PACKAGE, CALLING_FEATURE).getSubscriptionId()).isEqualTo(subId1);
@@ -1350,11 +1356,21 @@ public class SubscriptionManagerServiceTest extends TelephonyTest { 
        assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoForSimSlotIndex(

                1, CALLING_PACKAGE, CALLING_FEATURE).getSubscriptionId())

                .isEqualTo(subId2);

        // Test getActiveSubscriptionInfoList

        // Test getActiveSubscriptionInfoList - forAllProfiles: false

        assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(

                CALLING_PACKAGE, CALLING_FEATURE, false)

                .stream().map(SubscriptionInfo::getSubscriptionId)

                .toList()).isEqualTo(List.of(subId1));

        // Test getActiveSubscriptionInfoList - forAllProfiles: true

        assertThrows(SecurityException.class,

                () -> mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(

                        CALLING_PACKAGE, CALLING_FEATURE, true));

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);

        assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(

                        CALLING_PACKAGE, CALLING_FEATURE, true)

                .stream().map(SubscriptionInfo::getSubscriptionId)

                .toList()).isEqualTo(List.of(subId1, subId2));

        mContextFixture.removeCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);

        // Test getAllSubInfoList

        assertThat(mSubscriptionManagerServiceUT.getAllSubInfoList(CALLING_PACKAGE,

                CALLING_FEATURE).stream().map(SubscriptionInfo::getSubscriptionId).toList())
@@ -1446,9 +1462,17 @@ public class SubscriptionManagerServiceTest extends TelephonyTest { 
        // Test getActiveSubIdList, System

        assertThat(mSubscriptionManagerServiceUT.getActiveSubIdList(false/*visible only*/))

                .isEqualTo(new int[]{subId1, subId2});

        // Test get getActiveSubInfoCount

        // Test get getActiveSubInfoCount- forAllProfiles: false

        assertThat(mSubscriptionManagerServiceUT.getActiveSubInfoCount(

                CALLING_PACKAGE, CALLING_FEATURE, false)).isEqualTo(1);

        // Test get getActiveSubInfoCount - forAllProfiles: true

        assertThrows(SecurityException.class,

                () -> mSubscriptionManagerServiceUT.getActiveSubInfoCount(

                        CALLING_PACKAGE, CALLING_FEATURE, true));

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);

        assertThat(mSubscriptionManagerServiceUT.getActiveSubInfoCount(

                CALLING_PACKAGE, CALLING_FEATURE, true)).isEqualTo(2);

        mContextFixture.removeCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);

        // Test getActiveSubscriptionInfo

        assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfo(

                subId1, CALLING_PACKAGE, CALLING_FEATURE).getSubscriptionId()).isEqualTo(subId1);
@@ -1468,11 +1492,21 @@ public class SubscriptionManagerServiceTest extends TelephonyTest { 
        assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoForSimSlotIndex(

                1, CALLING_PACKAGE, CALLING_FEATURE).getSubscriptionId())

                .isEqualTo(subId2);

        // Test getActiveSubscriptionInfoList

        // Test getActiveSubscriptionInfoList - forAllProfiles: false

        assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(

                        CALLING_PACKAGE, CALLING_FEATURE, false).stream()

                .map(SubscriptionInfo::getSubscriptionId)

                .toList()).isEqualTo(List.of(subId1));

        // Test getActiveSubscriptionInfoList - forAllProfiles: true

        assertThrows(SecurityException.class,

                () -> mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(

                        CALLING_PACKAGE, CALLING_FEATURE, true));

        mContextFixture.addCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);

        assertThat(mSubscriptionManagerServiceUT.getActiveSubscriptionInfoList(

                        CALLING_PACKAGE, CALLING_FEATURE, true)

                .stream().map(SubscriptionInfo::getSubscriptionId)

                .toList()).isEqualTo(List.of(subId1, subId2));

        mContextFixture.removeCallingOrSelfPermission(Manifest.permission.INTERACT_ACROSS_PROFILES);

        // Test getAllSubInfoList

        assertThat(mSubscriptionManagerServiceUT.getAllSubInfoList(CALLING_PACKAGE,

                CALLING_FEATURE).stream().map(SubscriptionInfo::getSubscriptionId).toList())