Merge "Fix security issue that app can query which applications are installed... (ad059a24) · Commits · e / os / android_frameworks_opt_telephony

src/java/com/android/internal/telephony/PhoneSubInfoController.java

+14 −0

Original line number	Original line	Diff line number	Diff line
	@@ -23,6 +23,7 @@ import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE;

	import android.annotation.NonNull;		import android.annotation.NonNull;
	import android.annotation.Nullable;		import android.annotation.Nullable;
			import android.app.AppOpsManager;
	import android.compat.annotation.UnsupportedAppUsage;		import android.compat.annotation.UnsupportedAppUsage;
	import android.content.Context;		import android.content.Context;
	import android.content.pm.PackageManager;		import android.content.pm.PackageManager;
	@@ -35,6 +36,7 @@ import android.telephony.ImsiEncryptionInfo;
	import android.telephony.PhoneNumberUtils;		import android.telephony.PhoneNumberUtils;
	import android.telephony.SubscriptionManager;		import android.telephony.SubscriptionManager;
	import android.telephony.TelephonyFrameworkInitializer;		import android.telephony.TelephonyFrameworkInitializer;
			import android.util.EventLog;

	import com.android.internal.telephony.uicc.IsimRecords;		import com.android.internal.telephony.uicc.IsimRecords;
	import com.android.internal.telephony.uicc.UiccCard;		import com.android.internal.telephony.uicc.UiccCard;
	@@ -48,6 +50,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub {

	@UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)		@UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
	private final Context mContext;		private final Context mContext;
			private AppOpsManager mAppOps;

	public PhoneSubInfoController(Context context) {		public PhoneSubInfoController(Context context) {
	ServiceRegisterer phoneSubServiceRegisterer = TelephonyFrameworkInitializer		ServiceRegisterer phoneSubServiceRegisterer = TelephonyFrameworkInitializer
	@@ -56,6 +59,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub {
	if (phoneSubServiceRegisterer.get() == null) {		if (phoneSubServiceRegisterer.get() == null) {
	phoneSubServiceRegisterer.register(this);		phoneSubServiceRegisterer.register(this);
	}		}
			mAppOps = context.getSystemService(AppOpsManager.class);
	mContext = context;		mContext = context;
	}		}

	@@ -71,6 +75,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub {

	public String getDeviceIdForPhone(int phoneId, String callingPackage,		public String getDeviceIdForPhone(int phoneId, String callingPackage,
	String callingFeatureId) {		String callingFeatureId) {
			enforceCallingPackageUidMatched(callingPackage);
	return callPhoneMethodForPhoneIdWithReadDeviceIdentifiersCheck(phoneId, callingPackage,		return callPhoneMethodForPhoneIdWithReadDeviceIdentifiersCheck(phoneId, callingPackage,
	callingFeatureId, "getDeviceId", (phone) -> phone.getDeviceId());		callingFeatureId, "getDeviceId", (phone) -> phone.getDeviceId());
	}		}
	@@ -265,6 +270,15 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub {
	return PhoneFactory.getPhone(phoneId);		return PhoneFactory.getPhone(phoneId);
	}		}

			private void enforceCallingPackageUidMatched(String callingPackage) {
			try {
			mAppOps.checkPackage(Binder.getCallingUid(), callingPackage);
			} catch (SecurityException se) {
			EventLog.writeEvent(0x534e4554, "188677422", Binder.getCallingUid());
			throw se;
			}
			}

	private boolean enforceIccSimChallengeResponsePermission(Context context, int subId,		private boolean enforceIccSimChallengeResponsePermission(Context context, int subId,
	String callingPackage, String callingFeatureId, String message) {		String callingPackage, String callingFeatureId, String message) {
	if (TelephonyPermissions.checkCallingOrSelfUseIccAuthWithDeviceIdentifier(context,		if (TelephonyPermissions.checkCallingOrSelfUseIccAuthWithDeviceIdentifier(context,