diff options
| author | 2021-02-23 12:21:24 -0800 | |
|---|---|---|
| committer | 2021-04-01 16:55:50 -0700 | |
| commit | 172f15e5e1a6ed5eee312c078d24c94e03f03fdc (patch) | |
| tree | da919e6fef49e6dc51caba1a11bfd0ebb4f0f03e /services | |
| parent | e1e036661c5bf3b642e4ac0a4f20e2a38a14a7ae (diff) | |
Update carrier privilege check in enforceSubscriptionPlanAccess
Remove isEmbedded() check, since this can be called on both PSIM and
ESIM. Replace SM#canManageSubscription with TM#hasCarrierPrivileges,
since it is a superset of the checks done in SM#canManageSubscription
and applies to both PSIMs as well as ESIMS. Updated the documentation
for the two APIs to clarify the differences.
Test: atest CtsTelephonyTestCases (SubscriptionManagerTest)
Fix: 180451446
Change-Id: Icb4e2c619dacaea9e74cedea31865ec1eb689dce
Diffstat (limited to 'services')
| -rw-r--r-- | services/core/java/com/android/server/net/NetworkPolicyManagerService.java | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java index ffa518e266d9..42bd8c512806 100644 --- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java @@ -3067,23 +3067,19 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { // Verify they're not lying about package name mAppOps.checkPackage(callingUid, callingPackage); - final SubscriptionManager sm; - final SubscriptionInfo si; final PersistableBundle config; + final TelephonyManager tm; final long token = Binder.clearCallingIdentity(); try { - sm = mContext.getSystemService(SubscriptionManager.class); - si = sm.getActiveSubscriptionInfo(subId); config = mCarrierConfigManager.getConfigForSubId(subId); + tm = mContext.getSystemService(TelephonyManager.class); } finally { Binder.restoreCallingIdentity(token); } - // First check: is caller the CarrierService? - if (si != null) { - if (si.isEmbedded() && sm.canManageSubscription(si, callingPackage)) { - return; - } + // First check: does caller have carrier privilege? + if (tm != null && tm.hasCarrierPrivileges(subId)) { + return; } // Second check: has the CarrierService delegated access? |