commit 7e99d126699fe92f6898c3f4e386564918b496db
author Kris Alder <kalder@google.com> Wed Nov 27 10:13:50 2024 -0800
committer Kris Alder <kalder@google.com> Tue Dec 03 17:23:58 2024 -0800
tree 77d56915946e16a78e3d97e84e4491f74c1466dc
parent b80a5aec48acd778cee8e08c12f999cf1483fe77

iterate over all SIMs/subscriptions and disable 2G

We need to disable 2G on all SIM cards, not just the first one.

This also checks if any of the subscriptions support cellular data to
decide if the feature is available or not.

Bug: 381265069
Test: enabled 2G, toggled APM, verified 2G is disabled in UI
Flag: android.security.aapm_feature_disable_cellular_2g
Change-Id: I4b650bdf6da904bdb59ebb4f3402140c3d1e7e43

services/core/java/com/android/server/security/advancedprotection/features/DisallowCellular2GAdvancedProtectionHook.java

diff --git a/services/core/java/com/android/server/security/advancedprotection/features/DisallowCellular2GAdvancedProtectionHook.java b/services/core/java/com/android/server/security/advancedprotection/features/DisallowCellular2GAdvancedProtectionHook.java
index b9c8d3d..f51c25d 100644
--- a/services/core/java/com/android/server/security/advancedprotection/features/DisallowCellular2GAdvancedProtectionHook.java
+++ b/services/core/java/com/android/server/security/advancedprotection/features/DisallowCellular2GAdvancedProtectionHook.java
@@ -24,9 +24,14 @@
 import android.content.Context;
 import android.os.UserManager;
 import android.security.advancedprotection.AdvancedProtectionFeature;
+import android.telephony.SubscriptionInfo;
+import android.telephony.SubscriptionManager;
 import android.telephony.TelephonyManager;
 import android.util.Slog;
 
+import java.util.ArrayList;
+import java.util.List;
+
 /** @hide */
 public final class DisallowCellular2GAdvancedProtectionHook extends AdvancedProtectionHook {
     private static final String TAG = "AdvancedProtectionDisallowCellular2G";
@@ -35,11 +40,13 @@
             new AdvancedProtectionFeature(FEATURE_ID_DISALLOW_CELLULAR_2G);
     private final DevicePolicyManager mDevicePolicyManager;
     private final TelephonyManager mTelephonyManager;
+    private final SubscriptionManager mSubscriptionManager;
 
     public DisallowCellular2GAdvancedProtectionHook(@NonNull Context context, boolean enabled) {
         super(context, enabled);
         mDevicePolicyManager = context.getSystemService(DevicePolicyManager.class);
         mTelephonyManager = context.getSystemService(TelephonyManager.class);
+        mSubscriptionManager = context.getSystemService(SubscriptionManager.class);
 
         setPolicy(enabled);
     }
@@ -50,14 +57,44 @@
         return mFeature;
     }
 
+    private static boolean isEmbeddedSubscriptionVisible(SubscriptionInfo subInfo) {
+        if (subInfo.isEmbedded()
+                && (subInfo.getProfileClass() == SubscriptionManager.PROFILE_CLASS_PROVISIONING
+                        || (com.android.internal.telephony.flags.Flags.oemEnabledSatelliteFlag()
+                                && subInfo.isOnlyNonTerrestrialNetwork()))) {
+            return false;
+        }
+
+        return true;
+    }
+
+    private List<TelephonyManager> getActiveTelephonyManagers() {
+        List<TelephonyManager> telephonyManagers = new ArrayList<>();
+
+        for (SubscriptionInfo subInfo : mSubscriptionManager.getActiveSubscriptionInfoList()) {
+            if (isEmbeddedSubscriptionVisible(subInfo)) {
+                telephonyManagers.add(
+                        mTelephonyManager.createForSubscriptionId(subInfo.getSubscriptionId()));
+            }
+        }
+
+        return telephonyManagers;
+    }
+
     @Override
     public boolean isAvailable() {
-        return mTelephonyManager.isDataCapable();
+        for (TelephonyManager telephonyManager : getActiveTelephonyManagers()) {
+            if (telephonyManager.isDataCapable()
+                    && telephonyManager.isRadioInterfaceCapabilitySupported(
+                            mTelephonyManager.CAPABILITY_USES_ALLOWED_NETWORK_TYPES_BITMASK)) {
+                return true;
+            }
+        }
+
+        return false;
     }
 
     private void setPolicy(boolean enabled) {
-        Slog.i(TAG, "setPolicy called with " + enabled);
-
         if (enabled) {
             Slog.d(TAG, "Setting DISALLOW_CELLULAR_2G_GLOBALLY restriction");
             mDevicePolicyManager.addUserRestrictionGlobally(
@@ -75,12 +112,14 @@
 
         // Leave 2G disabled even if APM is disabled.
         if (!enabled) {
-            long oldAllowedTypes =
-                    mTelephonyManager.getAllowedNetworkTypesForReason(
-                            TelephonyManager.ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G);
-            long newAllowedTypes = oldAllowedTypes & ~TelephonyManager.NETWORK_CLASS_BITMASK_2G;
-            mTelephonyManager.setAllowedNetworkTypesForReason(
-                    TelephonyManager.ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G, newAllowedTypes);
+            for (TelephonyManager telephonyManager : getActiveTelephonyManagers()) {
+                long oldAllowedTypes =
+                        telephonyManager.getAllowedNetworkTypesForReason(
+                                TelephonyManager.ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G);
+                long newAllowedTypes = oldAllowedTypes & ~TelephonyManager.NETWORK_CLASS_BITMASK_2G;
+                telephonyManager.setAllowedNetworkTypesForReason(
+                        TelephonyManager.ALLOWED_NETWORK_TYPES_REASON_ENABLE_2G, newAllowedTypes);
+            }
         }
     }
 }