Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_services_Telephony / 26735295cd9d67bebada93cca9db586b373679ec^! / . / src
commit26735295cd9d67bebada93cca9db586b373679ec[log] [tgz]
authorJack Yu <jackyu@google.com>Wed Sep 25 14:33:49 2024 -0700
committerJack Yu <jackyu@google.com>Fri Sep 27 09:20:29 2024 -0700
tree699e955502b75e206219384854f4d5db77f949aa
parentbe3fa44813960acd87f68c0d140baa7f51a4b6c6 [diff]
Fixed CTS EuiccManagerTest on HSUM devices

When EuiccManagerTest runs on HSUM devices, the
EuiccUiDispatcherActivity is running as secondary user and on
a different process than phone process. Fixed by storing the
test component in the phone process. This also fixed a security issue
that any malware can use the shell command to override the Euicc
UI component and mess up the eSIM download procedure.

Fix: 353346528
Test: atest EuiccManagerTest on HSUM device
Flag: EXEMPT bug fix
Change-Id: Ib59cb02949bbbd29bc14e426fbd444d4855f2ef9

diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index 7342580..92ed609 100644
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java

@@ -442,6 +442,9 @@
     private PackageManager mPackageManager;
     private final int mVendorApiLevel;
 
+    @Nullable
+    private ComponentName mTestEuiccUiComponent;
+
     /** User Activity */
     private final AtomicBoolean mNotifyUserActivity;
     private static final int USER_ACTIVITY_NOTIFICATION_DELAY = 200;
@@ -14439,4 +14442,31 @@
             Binder.restoreCallingIdentity(identity);
         }
     }
+
+    /**
+     * This API can be used by only CTS to override the Euicc UI component.
+     *
+     * @param componentName ui component to be launched for testing. {@code null} to reset.
+     *
+     * @hide
+     */
+    @Override
+    public void setTestEuiccUiComponent(@Nullable ComponentName componentName) {
+        enforceModifyPermission();
+        log("setTestEuiccUiComponent: " + componentName);
+        mTestEuiccUiComponent = componentName;
+    }
+
+    /**
+     * This API can be used by only CTS to retrieve the Euicc UI component.
+     *
+     * @return Euicc UI component. {@code null} if not available.
+     * @hide
+     */
+    @Override
+    @Nullable
+    public ComponentName getTestEuiccUiComponent() {
+        enforceReadPrivilegedPermission("getTestEuiccUiComponent");
+        return mTestEuiccUiComponent;
+    }
 }

diff --git a/src/com/android/phone/TelephonyShellCommand.java b/src/com/android/phone/TelephonyShellCommand.java
index bfc93e0..96da488 100644
--- a/src/com/android/phone/TelephonyShellCommand.java
+++ b/src/com/android/phone/TelephonyShellCommand.java

@@ -56,12 +56,12 @@
 import com.android.internal.telephony.ITelephony;
 import com.android.internal.telephony.Phone;
 import com.android.internal.telephony.PhoneFactory;
+import com.android.internal.telephony.TelephonyPermissions;
 import com.android.internal.telephony.d2d.Communicator;
 import com.android.internal.telephony.emergency.EmergencyNumberTracker;
 import com.android.internal.telephony.util.TelephonyUtils;
 import com.android.modules.utils.BasicShellCommandHandler;
 import com.android.phone.callcomposer.CallComposerPictureManager;
-import com.android.phone.euicc.EuiccUiDispatcherActivity;
 import com.android.phone.utils.CarrierAllowListInfo;
 
 import java.io.IOException;
@@ -131,9 +131,6 @@
     private static final String CC_SET_VALUES_FROM_XML = "set-values-from-xml";
     private static final String CC_CLEAR_VALUES = "clear-values";
 
-    private static final String EUICC_SUBCOMMAND = "euicc";
-    private static final String EUICC_SET_UI_COMPONENT = "set-euicc-uicomponent";
-
     private static final String GBA_SUBCOMMAND = "gba";
     private static final String GBA_SET_SERVICE = "set-service";
     private static final String GBA_GET_SERVICE = "get-service";
@@ -358,8 +355,6 @@
                 return handleDataTestModeCommand();
             case END_BLOCK_SUPPRESSION:
                 return handleEndBlockSuppressionCommand();
-            case EUICC_SUBCOMMAND:
-                return handleEuiccCommand();
             case GBA_SUBCOMMAND:
                 return handleGbaCommand();
             case D2D_SUBCOMMAND:
@@ -691,15 +686,6 @@
         pw.println("          is specified, it will choose the default voice SIM slot.");
     }
 
-    private void onHelpEuicc() {
-        PrintWriter pw = getOutPrintWriter();
-        pw.println("Euicc Commands:");
-        pw.println("  euicc set-euicc-uicomponent COMPONENT_NAME PACKAGE_NAME");
-        pw.println("  Sets the Euicc Ui-Component which handles EuiccService Actions.");
-        pw.println("  COMPONENT_NAME: The component name which handles UI Actions.");
-        pw.println("  PACKAGE_NAME: THe package name in which ui component belongs.");
-    }
-
     private void onHelpGba() {
         PrintWriter pw = getOutPrintWriter();
         pw.println("Gba Commands:");
@@ -1686,9 +1672,7 @@
     }
 
     private boolean checkShellUid() {
-        // adb can run as root or as shell, depending on whether the device is rooted.
-        return UserHandle.isSameApp(Binder.getCallingUid(), Process.SHELL_UID)
-                || UserHandle.isSameApp(Binder.getCallingUid(), Process.ROOT_UID);
+        return TelephonyPermissions.isRootOrShell(Binder.getCallingUid());
     }
 
     private int handleCcCommand() {
@@ -2219,35 +2203,6 @@
         return 0;
     }
 
-    private int handleEuiccCommand() {
-        String arg = getNextArg();
-        if (arg == null) {
-            onHelpEuicc();
-            return 0;
-        }
-
-        switch (arg) {
-            case EUICC_SET_UI_COMPONENT: {
-                return handleEuiccServiceCommand();
-            }
-        }
-        return -1;
-    }
-
-    private int handleEuiccServiceCommand() {
-        String uiComponent = getNextArg();
-        String packageName = getNextArg();
-        if (packageName == null || uiComponent == null) {
-            return -1;
-        }
-        EuiccUiDispatcherActivity.setTestEuiccUiComponent(packageName, uiComponent);
-        if (VDBG) {
-            Log.v(LOG_TAG, "euicc set-euicc-uicomponent " + uiComponent +" "
-                    + packageName);
-        }
-        return 0;
-    }
-
     private int handleRestartModemCommand() {
         // Verify that the user is allowed to run the command. Only allowed in rooted device in a
         // non user build.

diff --git a/src/com/android/phone/euicc/EuiccUiDispatcherActivity.java b/src/com/android/phone/euicc/EuiccUiDispatcherActivity.java
index a75f26f..9632329 100644
--- a/src/com/android/phone/euicc/EuiccUiDispatcherActivity.java
+++ b/src/com/android/phone/euicc/EuiccUiDispatcherActivity.java

@@ -28,8 +28,8 @@
 import android.os.UserHandle;
 import android.permission.LegacyPermissionManager;
 import android.service.euicc.EuiccService;
+import android.telephony.TelephonyManager;
 import android.telephony.euicc.EuiccManager;
-import android.text.TextUtils;
 import android.util.Log;
 
 import com.android.internal.annotations.VisibleForTesting;
@@ -59,8 +59,6 @@
     private LegacyPermissionManager mPermissionManager;
     private boolean mGrantPermissionDone = false;
     private ThreadPoolExecutor mExecutor;
-    // Used for CTS EuiccManager action verification
-    private static ComponentName mTestEuiccUiComponentName;
 
     @Override
     public void onCreate(Bundle savedInstanceState) {
@@ -97,18 +95,6 @@
         }
     }
 
-    /**
-    * This API used to set the Test EuiccUiComponent for CTS
-    * @param packageName package which handles the intent
-    * @param componentName ui component to be launched for testing
-    */
-    public static void setTestEuiccUiComponent(String packageName, String componentName) {
-        mTestEuiccUiComponentName = null;
-        if (!TextUtils.isEmpty(packageName) && !TextUtils.isEmpty(componentName)) {
-            mTestEuiccUiComponentName = new ComponentName(packageName, componentName);
-        }
-    }
-
     @VisibleForTesting
     @Nullable
     Intent resolveEuiccUiIntent() {
@@ -124,10 +110,11 @@
             return null;
         }
 
-        if (mTestEuiccUiComponentName != null) {
-            Log.i(TAG, "Test mode");
-            euiccUiIntent.setComponent(mTestEuiccUiComponentName);
-            mTestEuiccUiComponentName = null;
+        ComponentName testEuiccUiComponent = ((TelephonyManager)
+                getSystemService(Context.TELEPHONY_SERVICE)).getTestEuiccUiComponent();
+        if (testEuiccUiComponent != null) {
+            Log.i(TAG, "Test mode: " + testEuiccUiComponent);
+            euiccUiIntent.setComponent(testEuiccUiComponent);
             return euiccUiIntent;
         }