Merge "Refactor Telephony phone number access checks to LegacyPermissionMgr" into sc-dev

author: TreeHugger Robot <treehugger-gerrit@google.com> 2021-04-21 04:37:41 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2021-04-21 04:37:41 +0000
commit: a212d74f3eb3949057a40765f63434cd5fc2fe3a (patch)
tree: f3395eceeb7008e7fd7a76bf2fb13913086af7cd /telephony/common
parent: ff38f2041d0e703f5d1128eed62ce9009b2f6394 (diff)
parent: 29475615008d57460350527d3f0806f62dd59c79 (diff)
1 files changed, 14 insertions, 53 deletions
diff --git a/telephony/common/com/android/internal/telephony/TelephonyPermissions.java b/telephony/common/com/android/internal/telephony/TelephonyPermissions.java
index d250297e6f64..d361db2e9ee5 100644
--- a/telephony/common/com/android/internal/telephony/TelephonyPermissions.java
+++ b/telephony/common/com/android/internal/telephony/TelephonyPermissions.java
@@ -482,64 +482,25 @@ public final class TelephonyPermissions {
     public static boolean checkReadPhoneNumber(
             Context context, int subId, int pid, int uid,
             String callingPackage, @Nullable String callingFeatureId, String message) {
-        // First, check if the SDK version is below R
-        boolean preR = false;
-        try {
-            ApplicationInfo info = context.getPackageManager().getApplicationInfoAsUser(
-                    callingPackage, 0, UserHandle.getUserHandleForUid(Binder.getCallingUid()));
-            preR = info.targetSdkVersion <= Build.VERSION_CODES.Q;
-        } catch (PackageManager.NameNotFoundException nameNotFoundException) {
-        }
-        if (preR) {
-            // SDK < R allows READ_PHONE_STATE, READ_PRIVILEGED_PHONE_STATE, or carrier privilege
-            try {
-                return checkReadPhoneState(
-                        context, subId, pid, uid, callingPackage, callingFeatureId, message);
-            } catch (SecurityException readPhoneStateException) {
-            }
-        } else {
-            // SDK >= R allows READ_PRIVILEGED_PHONE_STATE or carrier privilege
-            try {
-                context.enforcePermission(
-                        android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE, pid, uid, message);
-                // Skip checking for runtime permission since caller has privileged permission
-                return true;
-            } catch (SecurityException readPrivilegedPhoneStateException) {
-                if (SubscriptionManager.isValidSubscriptionId(subId)) {
-                    try {
-                        enforceCarrierPrivilege(context, subId, uid, message);
-                        // Skip checking for runtime permission since caller has carrier privilege
-                        return true;
-                    } catch (SecurityException carrierPrivilegeException) {
-                    }
-                }
-            }
-        }
-
-        // Default SMS app can always read it.
-        AppOpsManager appOps = (AppOpsManager) context.getSystemService(Context.APP_OPS_SERVICE);
-        if (appOps.noteOp(AppOpsManager.OPSTR_WRITE_SMS, uid, callingPackage, callingFeatureId,
-                null) == AppOpsManager.MODE_ALLOWED) {
+        LegacyPermissionManager permissionManager = (LegacyPermissionManager)
+                context.getSystemService(Context.LEGACY_PERMISSION_SERVICE);
+        // Apps with target SDK version < R can have the READ_PHONE_STATE permission granted with
+        // the appop denied. If PERMISSION_GRANTED is not received then check if the caller has
+        // carrier privileges; if not and the permission result is MODE_IGNORED then return false
+        // to return null data to the caller.
+        int permissionResult = permissionManager.checkPhoneNumberAccess(callingPackage, message,
+                callingFeatureId, pid, uid);
+        if (permissionResult == PackageManager.PERMISSION_GRANTED) {
             return true;
         }
-        // Can be read with READ_SMS too.
-        try {
-            context.enforcePermission(android.Manifest.permission.READ_SMS, pid, uid, message);
-            if (appOps.noteOp(AppOpsManager.OPSTR_READ_SMS, uid, callingPackage,
-                    callingFeatureId, null) == AppOpsManager.MODE_ALLOWED) {
+        if (SubscriptionManager.isValidSubscriptionId(subId)) {
+            if (TelephonyPermissions.getCarrierPrivilegeStatus(context, subId, uid)
+                    == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS) {
                 return true;
             }
-        } catch (SecurityException readSmsSecurityException) {
         }
-        // Can be read with READ_PHONE_NUMBERS too.
-        try {
-            context.enforcePermission(android.Manifest.permission.READ_PHONE_NUMBERS, pid, uid,
-                    message);
-            if (appOps.noteOp(AppOpsManager.OPSTR_READ_PHONE_NUMBERS, uid, callingPackage,
-                    callingFeatureId, null) == AppOpsManager.MODE_ALLOWED) {
-                return true;
-            }
-        } catch (SecurityException readPhoneNumberSecurityException) {
+        if (permissionResult == AppOpsManager.MODE_IGNORED) {
+            return false;
         }
 
         throw new SecurityException(message + ": Neither user " + uid
author	TreeHugger Robot <treehugger-gerrit@google.com>	2021-04-21 04:37:41 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2021-04-21 04:37:41 +0000
commit	a212d74f3eb3949057a40765f63434cd5fc2fe3a (patch)
tree	f3395eceeb7008e7fd7a76bf2fb13913086af7cd /telephony/common
parent	ff38f2041d0e703f5d1128eed62ce9009b2f6394 (diff)
parent	29475615008d57460350527d3f0806f62dd59c79 (diff)