diff options
| -rw-r--r-- | core/java/android/provider/DeviceConfig.java | 8 | ||||
| -rw-r--r-- | telephony/java/com/android/internal/telephony/TelephonyPermissions.java | 16 |
2 files changed, 21 insertions, 3 deletions
diff --git a/core/java/android/provider/DeviceConfig.java b/core/java/android/provider/DeviceConfig.java index daaa632a5cca..c217ab9fa038 100644 --- a/core/java/android/provider/DeviceConfig.java +++ b/core/java/android/provider/DeviceConfig.java @@ -239,6 +239,14 @@ public final class DeviceConfig { * Whether to show location access check notifications. */ String PROPERTY_LOCATION_ACCESS_CHECK_ENABLED = "location_access_check_enabled"; + + /** + * Whether to disable the new device identifier access restrictions. + * + * @hide + */ + String PROPERTY_DEVICE_IDENTIFIER_ACCESS_RESTRICTIONS_DISABLED = + "device_identifier_access_restrictions_disabled"; } /** diff --git a/telephony/java/com/android/internal/telephony/TelephonyPermissions.java b/telephony/java/com/android/internal/telephony/TelephonyPermissions.java index c76d153c6112..091665f5a106 100644 --- a/telephony/java/com/android/internal/telephony/TelephonyPermissions.java +++ b/telephony/java/com/android/internal/telephony/TelephonyPermissions.java @@ -29,6 +29,7 @@ import android.os.Process; import android.os.RemoteException; import android.os.ServiceManager; import android.os.UserHandle; +import android.provider.DeviceConfig; import android.provider.Settings; import android.telephony.Rlog; import android.telephony.SubscriptionManager; @@ -319,9 +320,10 @@ public final class TelephonyPermissions { // The new Q restrictions for device identifier access will be enforced for all apps with // settings to individually disable the new restrictions for privileged, preloaded // non-privileged, and 3P apps. - if ((!is3PApp && !isNonPrivApp && !relaxPrivDeviceIdentifierCheck) - || (is3PApp && !relax3PDeviceIdentifierCheck) - || (isNonPrivApp && !relaxNonPrivDeviceIdentifierCheck)) { + if (!isIdentifierCheckDisabled() && ( + (!is3PApp && !isNonPrivApp && !relaxPrivDeviceIdentifierCheck) + || (is3PApp && !relax3PDeviceIdentifierCheck) + || (isNonPrivApp && !relaxNonPrivDeviceIdentifierCheck))) { Log.wtf(LOG_TAG, "reportAccessDeniedToReadIdentifiers:" + callingPackage + ":" + message + ":is3PApp=" + is3PApp + ":isNonPrivApp=" + isNonPrivApp); // if the target SDK is pre-Q then check if the calling package would have previously @@ -348,6 +350,14 @@ public final class TelephonyPermissions { } /** + * Returns true if the new device identifier access restrictions are disabled. + */ + private static boolean isIdentifierCheckDisabled() { + return Boolean.parseBoolean(DeviceConfig.getProperty(DeviceConfig.Privacy.NAMESPACE, + DeviceConfig.Privacy.PROPERTY_DEVICE_IDENTIFIER_ACCESS_RESTRICTIONS_DISABLED)); + } + + /** * Check whether the app with the given pid/uid can read the call log. * @return {@code true} if the specified app has the read call log permission and AppOpp granted * to it, {@code false} otherwise. |