diff options
| author | 2022-04-26 13:24:27 +0000 | |
|---|---|---|
| committer | 2022-05-03 10:15:40 +0000 | |
| commit | 2452a35a122b6eb35c1ed7c73931b1eb174d9fb6 (patch) | |
| tree | 84b587518555fd4a2028eafffe83c97ebfcd1686 | |
| parent | fdebeaa897750930b8f60b8a6c7da7a1d1bfd820 (diff) | |
To read the Group UUID, the Caller must also have the USE_ICC_AUTH_WITH_DEVICE_IDENTIFIER permission.
If the app has only the READ_PHONE_STATE permission, it can no longer read the group UUID. When SubscriptionManager#getSubscriptionsInGroup is called, check if the caller has the USE_ICC_AUTH_WITH_DEVICE_IDENTIFIER permission.
Bug: b/213902861
Test: atest SubscriptionManagerTest, SubscriptionControllerTest
Test: Manual
1. Install app-debug.apk from comment#9
2. Enter the group uuid from comment#3
3. Check securityException has occurred.
Change-Id: Iaa54936797204f9b2ed2ad7f63b8b6d7b71116f2
| -rw-r--r-- | telephony/java/android/telephony/SubscriptionManager.java | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/telephony/java/android/telephony/SubscriptionManager.java b/telephony/java/android/telephony/SubscriptionManager.java index d07d8097bce4..2337a5aae467 100644 --- a/telephony/java/android/telephony/SubscriptionManager.java +++ b/telephony/java/android/telephony/SubscriptionManager.java @@ -3426,10 +3426,21 @@ public class SubscriptionManager { * Get subscriptionInfo list of subscriptions that are in the same group of given subId. * See {@link #createSubscriptionGroup(List)} for more details. * - * Caller will either have {@link android.Manifest.permission#READ_PHONE_STATE} - * permission or had carrier privilege permission on the subscription. + * Caller must have {@link android.Manifest.permission#READ_PHONE_STATE} + * or carrier privilege permission on the subscription. * {@link TelephonyManager#hasCarrierPrivileges()} * + * <p>Starting with API level 33, the caller needs the additional permission + * {@link Manifest.permission#USE_ICC_AUTH_WITH_DEVICE_IDENTIFIER} + * to get the list of subscriptions associated with a group UUID. + * This method can be invoked if one of the following requirements is met: + * <ul> + * <li>If the app has carrier privilege permission. + * {@link TelephonyManager#hasCarrierPrivileges()} + * <li>If the app has {@link android.Manifest.permission#READ_PHONE_STATE} and + * {@link Manifest.permission#USE_ICC_AUTH_WITH_DEVICE_IDENTIFIER} permission. + * </ul> + * * @throws IllegalStateException if Telephony service is in bad state. * @throws SecurityException if the caller doesn't meet the requirements * outlined above. |