Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fb8c4eb4 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Fix security issue that app can query which applications are installed... 

Merge "Fix security issue that app can query which applications are installed on the device without requiring QUERY_ALL_PACKAGES in `getDeviceId` method of `PhoneSubInfoController` class" into sc-dev
parents 647ed5a4 609ee4da

src/java/com/android/internal/telephony/PhoneSubInfoController.java

+14 −0
Original line number Diff line number Diff line
@@ -23,6 +23,7 @@ import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE; 


import android.annotation.NonNull;

import android.annotation.Nullable;

import android.app.AppOpsManager;

import android.compat.annotation.UnsupportedAppUsage;

import android.content.Context;

import android.content.pm.PackageManager;
@@ -35,6 +36,7 @@ import android.telephony.ImsiEncryptionInfo; 
import android.telephony.PhoneNumberUtils;

import android.telephony.SubscriptionManager;

import android.telephony.TelephonyFrameworkInitializer;

import android.util.EventLog;



import com.android.internal.telephony.uicc.IsimRecords;

import com.android.internal.telephony.uicc.UiccCard;
@@ -48,6 +50,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 


    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)

    private final Context mContext;

    private AppOpsManager mAppOps;



    public PhoneSubInfoController(Context context) {

        ServiceRegisterer phoneSubServiceRegisterer = TelephonyFrameworkInitializer
@@ -56,6 +59,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 
        if (phoneSubServiceRegisterer.get() == null) {

            phoneSubServiceRegisterer.register(this);

        }

        mAppOps = context.getSystemService(AppOpsManager.class);

        mContext = context;

    }
@@ -71,6 +75,7 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 


    public String getDeviceIdForPhone(int phoneId, String callingPackage,

            String callingFeatureId) {

        enforceCallingPackageUidMatched(callingPackage);

        return callPhoneMethodForPhoneIdWithReadDeviceIdentifiersCheck(phoneId, callingPackage,

                callingFeatureId, "getDeviceId", (phone) -> phone.getDeviceId());

    }
@@ -265,6 +270,15 @@ public class PhoneSubInfoController extends IPhoneSubInfo.Stub { 
        return PhoneFactory.getPhone(phoneId);

    }



    private void enforceCallingPackageUidMatched(String callingPackage) {

        try {

            mAppOps.checkPackage(Binder.getCallingUid(), callingPackage);

        } catch (SecurityException se) {

            EventLog.writeEvent(0x534e4554, "188677422", Binder.getCallingUid());

            throw se;

        }

    }



    private boolean enforceIccSimChallengeResponsePermission(Context context, int subId,

            String callingPackage, String callingFeatureId, String message) {

        if (TelephonyPermissions.checkCallingOrSelfUseIccAuthWithDeviceIdentifier(context,