Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bb0b0542 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Automerger Merge Worker
Browse files

Merge "Fix security issue that app can query which applications are installed... 

Merge "Fix security issue that app can query which applications are installed on the device without requiring QUERY_ALL_PACKAGES in `getDeviceId` method of `PhoneSubInfoController` class" into sc-dev am: fb8c4eb4

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/opt/telephony/+/14513742

Change-Id: I1e0cfa323839b61d549742912938279abcd066b8
parents db74bcc5 fb8c4eb4

src/java/com/android/internal/telephony/PhoneSubInfoController.java

+14 −0
Original line number Diff line number Diff line
@@ -23,6 +23,7 @@ import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE; 


import android.annotation.NonNull;

import android.annotation.Nullable;

import android.app.AppOpsManager;

import android.compat.annotation.UnsupportedAppUsage;

import android.content.Context;

import android.content.pm.PackageManager;
@@ -35,6 +36,7 @@ import android.telephony.ImsiEncryptionInfo; 
import android.telephony.PhoneNumberUtils;

import android.telephony.SubscriptionManager;

import android.telephony.TelephonyFrameworkInitializer;

import android.util.EventLog;



import com.android.internal.telephony.uicc.IsimRecords;

import com.android.internal.telephony.uicc.UiccCard;
@@ -48,6 +50,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 


    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)

    private final Context mContext;

    private AppOpsManager mAppOps;



    public PhoneSubInfoController(Context context) {

        ServiceRegisterer phoneSubServiceRegisterer = TelephonyFrameworkInitializer
@@ -56,6 +59,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 
        if (phoneSubServiceRegisterer.get() == null) {

            phoneSubServiceRegisterer.register(this);

        }

        mAppOps = context.getSystemService(AppOpsManager.class);

        mContext = context;

    }
@@ -71,6 +75,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 


    public String getDeviceIdForPhone(int phoneId, String callingPackage,

            String callingFeatureId) {

        enforceCallingPackageUidMatched(callingPackage);

        return callPhoneMethodForPhoneIdWithReadDeviceIdentifiersCheck(phoneId, callingPackage,

                callingFeatureId, "getDeviceId", (phone) -> phone.getDeviceId());

    }
@@ -265,6 +270,15 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 
        return PhoneFactory.getPhone(phoneId);

    }



    private void enforceCallingPackageUidMatched(String callingPackage) {

        try {

            mAppOps.checkPackage(Binder.getCallingUid(), callingPackage);

        } catch (SecurityException se) {

            EventLog.writeEvent(0x534e4554, "188677422", Binder.getCallingUid());

            throw se;

        }

    }



    private boolean enforceIccSimChallengeResponsePermission(Context context, int subId,

            String callingPackage, String callingFeatureId, String message) {

        if (TelephonyPermissions.checkCallingOrSelfUseIccAuthWithDeviceIdentifier(context,