summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/java/android/content/ContentProvider.java12
1 files changed, 12 insertions, 0 deletions
diff --git a/core/java/android/content/ContentProvider.java b/core/java/android/content/ContentProvider.java
index f138d39b7fb0..13d12c984b78 100644
--- a/core/java/android/content/ContentProvider.java
+++ b/core/java/android/content/ContentProvider.java
@@ -28,6 +28,7 @@ import android.annotation.NonNull;
import android.annotation.Nullable;
import android.annotation.UnsupportedAppUsage;
import android.app.AppOpsManager;
+import android.app.role.RoleManager;
import android.content.pm.PathPermission;
import android.content.pm.ProviderInfo;
import android.content.res.AssetFileDescriptor;
@@ -225,6 +226,17 @@ public abstract class ContentProvider implements ContentInterface, ComponentCall
@Override
public Cursor query(String callingPkg, Uri uri, @Nullable String[] projection,
@Nullable Bundle queryArgs, @Nullable ICancellationSignal cancellationSignal) {
+ if (uri.toString().startsWith("content://sms")) {
+ RoleManager rm = getContext().getSystemService(RoleManager.class);
+ if (!rm.isRoleHeld(RoleManager.ROLE_SMS)
+ && !rm.isRoleHeld(RoleManager.ROLE_DIALER)
+ && !rm.isRoleHeld(RoleManager.ROLE_ASSISTANT)) {
+ // STOPSHIP: log it to westworld instead
+ Log.wtf(TAG, "Sms access attempted by " + callingPkg
+ + " despite not holding an appropriate role");
+ }
+ }
+
uri = validateIncomingUri(uri);
uri = maybeGetUriWithoutUserId(uri);
if (enforceReadPermission(callingPkg, uri, null) != AppOpsManager.MODE_ALLOWED) {
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-07 22:38:02 +0000