Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ef89d7a5 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Automerger Merge Worker
Browse files

Merge "Fix security issue that app can query which applications are installed... 

Merge "Fix security issue that app can query which applications are installed on the device without requiring QUERY_ALL_PACKAGES in `getDeviceId` method of `PhoneSubInfoController` class" into sc-dev am: fb8c4eb4 am: 0fbb038f am: 07d81067

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/opt/telephony/+/14513742

Change-Id: Ide9d8dca61fc75e60401ba2cda793d280e188e8f
parents b01b1c9e 07d81067

src/java/com/android/internal/telephony/PhoneSubInfoController.java

+14 −0
Original line number Diff line number Diff line
@@ -23,6 +23,7 @@ import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE; 


import android.annotation.NonNull;

import android.annotation.Nullable;

import android.app.AppOpsManager;

import android.compat.annotation.UnsupportedAppUsage;

import android.content.Context;

import android.content.pm.PackageManager;
@@ -35,6 +36,7 @@ import android.telephony.ImsiEncryptionInfo; 
import android.telephony.PhoneNumberUtils;

import android.telephony.SubscriptionManager;

import android.telephony.TelephonyFrameworkInitializer;

import android.util.EventLog;



import com.android.internal.telephony.uicc.IsimRecords;

import com.android.internal.telephony.uicc.UiccCard;
@@ -48,6 +50,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 


    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)

    private final Context mContext;

    private AppOpsManager mAppOps;



    public PhoneSubInfoController(Context context) {

        ServiceRegisterer phoneSubServiceRegisterer = TelephonyFrameworkInitializer
@@ -56,6 +59,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 
        if (phoneSubServiceRegisterer.get() == null) {

            phoneSubServiceRegisterer.register(this);

        }

        mAppOps = context.getSystemService(AppOpsManager.class);

        mContext = context;

    }
@@ -71,6 +75,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 


    public String getDeviceIdForPhone(int phoneId, String callingPackage,

            String callingFeatureId) {

        enforceCallingPackageUidMatched(callingPackage);

        return callPhoneMethodForPhoneIdWithReadDeviceIdentifiersCheck(phoneId, callingPackage,

                callingFeatureId, "getDeviceId", (phone) -> phone.getDeviceId());

    }
@@ -265,6 +270,15 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 
        return PhoneFactory.getPhone(phoneId);

    }



    private void enforceCallingPackageUidMatched(String callingPackage) {

        try {

            mAppOps.checkPackage(Binder.getCallingUid(), callingPackage);

        } catch (SecurityException se) {

            EventLog.writeEvent(0x534e4554, "188677422", Binder.getCallingUid());

            throw se;

        }

    }



    private boolean enforceIccSimChallengeResponsePermission(Context context, int subId,

            String callingPackage, String callingFeatureId, String message) {

        if (TelephonyPermissions.checkCallingOrSelfUseIccAuthWithDeviceIdentifier(context,