Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b6a27a1b authored by Michael Groover's avatar Michael Groover
Browse files

Remove redundant SubInfo list identifier access checks 

To determine if identifiers should be removed from the resulting list
in SubscriptionController#getSubscriptionInfoListFromCacheHelper a
READ_PHONE_STATE and identifier access check is performed up front to
determine if the cached list can be returned as is. However most apps
will fail the identifier access check since a valid subscription ID
cannot be provided up front. This failure adds additional overhead
to the majority of calls and the log entry for the failure can be
confusing as to why a carrier privileged app would fail this check.
These up front checks are removed and the existing READ_PHONE_STATE
and identifier access checks using the subId of the SubscriptionInfo
object are used to build the list and strip out any identifiers if the
caller does not meet the access requirements.

Bug: 152117976
Test: SubscriptionControllerTest
Change-Id: Id8343019a347d2d797851b14555a5c00f2a02f7f
parent f5787d69

src/java/com/android/internal/telephony/SubscriptionController.java

+1 −24
Original line number Diff line number Diff line
@@ -3462,7 +3462,7 @@ public class SubscriptionController extends ISub.Stub { 
                    callingPackage, callingFeatureId, "getSubscriptionsInGroup")

                    || info.canManageSubscription(mContext, callingPackage);

        }).map(subscriptionInfo -> conditionallyRemoveIdentifiers(subscriptionInfo,

                callingPackage, callingFeatureId, "getSubscriptionInfoList"))

                callingPackage, callingFeatureId, "getSubscriptionsInGroup"))

        .collect(Collectors.toList());



    }
@@ -3731,30 +3731,7 @@ public class SubscriptionController extends ISub.Stub { 
    // They are doing similar things except operating on different cache.

    private List<SubscriptionInfo> getSubscriptionInfoListFromCacheHelper(

            String callingPackage, String callingFeatureId, List<SubscriptionInfo> cacheSubList) {

        boolean canReadAllPhoneState;

        try {

            canReadAllPhoneState = TelephonyPermissions.checkReadPhoneState(mContext,

                    SubscriptionManager.INVALID_SUBSCRIPTION_ID, Binder.getCallingPid(),

                    Binder.getCallingUid(), callingPackage, callingFeatureId,

                    "getSubscriptionInfoList");

            // If the calling package has the READ_PHONE_STATE permission then check if the caller

            // also has access to subscriber identifiers to ensure that the ICC ID and any other

            // unique identifiers are removed if the caller should not have access.

            if (canReadAllPhoneState) {

                canReadAllPhoneState = hasSubscriberIdentifierAccess(

                        SubscriptionManager.INVALID_SUBSCRIPTION_ID, callingPackage,

                        callingFeatureId, "getSubscriptionInfoList");

            }

        } catch (SecurityException e) {

            canReadAllPhoneState = false;

        }



        synchronized (mSubInfoListLock) {

            // If the caller can read all phone state, just return the full list.

            if (canReadAllPhoneState) {

                return new ArrayList<>(cacheSubList);

            }



            // Filter the list to only include subscriptions which the caller can manage.

            return cacheSubList.stream()

                    .filter(subscriptionInfo -> {