diff options
| author | 2019-03-22 16:56:34 -0700 | |
|---|---|---|
| committer | 2019-03-25 16:20:24 -0700 | |
| commit | 5b98d401a08bdb11bf031e6371a1009da7ccd860 (patch) | |
| tree | e7973758a62ca7046384aeba6df74758510e06de | |
| parent | 61cd3214fb006c52a3b3d7323fa985815e991e56 (diff) | |
notifyCarrierNetworkChange with subId
notifyCarrierNetworkChange should only be allowed
for carrier service which has the carrier priviledge.
to find carrierService is notifying which subId,
check which subId the caller has carrier privileges
under at the time of the call and use that to restrict.
Bug: 128989180
Test: Build
Change-Id: I061dd5773f8db87c702c5e60413b198330bee854
3 files changed, 33 insertions, 15 deletions
diff --git a/core/java/android/service/carrier/CarrierService.java b/core/java/android/service/carrier/CarrierService.java index c351d891bc61..aeb186b00686 100644 --- a/core/java/android/service/carrier/CarrierService.java +++ b/core/java/android/service/carrier/CarrierService.java @@ -114,9 +114,7 @@ public abstract class CarrierService extends Service { * this UX, so a carrier app must be sure to call with active set to false * sometime after calling with it set to true. * <p> - * Requires Permission: - * {@link android.Manifest.permission#MODIFY_PHONE_STATE MODIFY_PHONE_STATE} - * or the calling app has carrier privileges. + * Requires Permission: calling app has carrier privileges. * * @param active Whether the carrier network change is or shortly will be * active. Set this value to true to begin showing diff --git a/services/core/java/com/android/server/TelephonyRegistry.java b/services/core/java/com/android/server/TelephonyRegistry.java index 26896f54f932..9cdcba4934a7 100644 --- a/services/core/java/com/android/server/TelephonyRegistry.java +++ b/services/core/java/com/android/server/TelephonyRegistry.java @@ -73,10 +73,12 @@ import com.android.server.am.BatteryStatsService; import java.io.FileDescriptor; import java.io.PrintWriter; import java.util.ArrayList; +import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.NoSuchElementException; +import java.util.OptionalInt; /** * Since phone process can be restarted, this class provides a centralized place @@ -1159,17 +1161,28 @@ public class TelephonyRegistry extends ITelephonyRegistry.Stub { @Override public void notifyCarrierNetworkChange(boolean active) { - enforceNotifyPermissionOrCarrierPrivilege("notifyCarrierNetworkChange()"); + // only CarrierService with carrier privilege rule should have the permission. + int subId = SubscriptionManager.INVALID_SUBSCRIPTION_ID; + try { + subId = Arrays.stream(SubscriptionManager.from(mContext) + .getActiveSubscriptionIdList()) + .filter(i -> TelephonyPermissions.checkCarrierPrivilegeForSubId(i)) + .findFirst().getAsInt(); + } catch (NoSuchElementException ex) { + log("notifyCarrierNetworkChange without carrier privilege"); + } + int phoneId = SubscriptionManager.getPhoneId(subId); if (VDBG) { - log("notifyCarrierNetworkChange: active=" + active); + log("notifyCarrierNetworkChange: active=" + active + "subId: " + subId); } synchronized (mRecords) { mCarrierNetworkChangeState = active; for (Record r : mRecords) { if (r.matchPhoneStateListenerEvent( - PhoneStateListener.LISTEN_CARRIER_NETWORK_CHANGE)) { + PhoneStateListener.LISTEN_CARRIER_NETWORK_CHANGE) && + idMatch(r.subId, subId, phoneId)) { try { r.callback.onCarrierNetworkChange(active); } catch (RemoteException ex) { diff --git a/telephony/java/com/android/internal/telephony/TelephonyPermissions.java b/telephony/java/com/android/internal/telephony/TelephonyPermissions.java index 4886a3f8f141..d93e58254b95 100644 --- a/telephony/java/com/android/internal/telephony/TelephonyPermissions.java +++ b/telephony/java/com/android/internal/telephony/TelephonyPermissions.java @@ -123,6 +123,19 @@ public final class TelephonyPermissions { context, TELEPHONY_SUPPLIER, subId, pid, uid, callingPackage, message); } + /** + * Check whether the calling packages has carrier privileges for the passing subscription. + * @return {@code true} if the caller has carrier privileges, {@false} otherwise. + */ + public static boolean checkCarrierPrivilegeForSubId(int subId) { + if (SubscriptionManager.isValidSubscriptionId(subId) + && getCarrierPrivilegeStatus(TELEPHONY_SUPPLIER, subId, Binder.getCallingUid()) + == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS) { + return true; + } + return false; + } + @VisibleForTesting public static boolean checkReadPhoneState( Context context, Supplier<ITelephony> telephonySupplier, int subId, int pid, int uid, @@ -204,9 +217,7 @@ public final class TelephonyPermissions { } // Calling packages with carrier privileges will also have access to device identifiers, but // this may be removed in a future release. - if (SubscriptionManager.isValidSubscriptionId(subId) && getCarrierPrivilegeStatus( - TELEPHONY_SUPPLIER, subId, uid) - == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS) { + if (checkCarrierPrivilegeForSubId(subId)) { return true; } // else the calling package is not authorized to access the device identifiers; call @@ -243,9 +254,7 @@ public final class TelephonyPermissions { } // If the calling package has carrier privileges then allow access to the subscriber // identifiers. - if (SubscriptionManager.isValidSubscriptionId(subId) && getCarrierPrivilegeStatus( - TELEPHONY_SUPPLIER, subId, uid) - == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS) { + if (checkCarrierPrivilegeForSubId(subId)) { return true; } return reportAccessDeniedToReadIdentifiers(context, subId, pid, uid, callingPackage, @@ -365,9 +374,7 @@ public final class TelephonyPermissions { uid) == PackageManager.PERMISSION_GRANTED) { return false; } - if (SubscriptionManager.isValidSubscriptionId(subId) - && getCarrierPrivilegeStatus(TELEPHONY_SUPPLIER, subId, uid) - == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS) { + if (checkCarrierPrivilegeForSubId(subId)) { return false; } } |