Update sms test app and integrate PERFORM_IMS_SINGLE_REGISTRATION into permission checks
1) Make a system app
2) Add a button that checks for the PERFORM_IMS_SINGLE_REGISTRATION permission
3) Move to checking PERFORM_IMS_SINGLE_REGISTRATION API check instead of further overloading phone state permissions.
4) Add permissions to test app
Bug: 168923956
Bug: 173652571
Bug: 149426399
Test: atest CtsTelephonyTestCases; use RcsTestApp to check perms
Merged-In: I91c5e49450545b76c6ccbaa900388abcc756aeb8
Merged-In: I9ebc9416f177b030ae531300b3024f31ddb07ca2
Change-Id: I9ebc9416f177b030ae531300b3024f31ddb07ca2
diff --git a/src/com/android/phone/ImsRcsController.java b/src/com/android/phone/ImsRcsController.java
index 701a759..5e616b7 100644
--- a/src/com/android/phone/ImsRcsController.java
+++ b/src/com/android/phone/ImsRcsController.java
@@ -16,6 +16,7 @@
package com.android.phone;
+import android.Manifest;
import android.app.ActivityManager;
import android.content.pm.PackageManager;
import android.net.Uri;
@@ -402,7 +403,10 @@
@Override
public boolean isSipDelegateSupported(int subId) {
- enforceReadPrivilegedPermission("isSipDelegateSupported");
+ TelephonyPermissions.enforceAnyPermissionGranted(mApp, Binder.getCallingUid(),
+ "isSipDelegateSupported",
+ Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION,
+ Manifest.permission.READ_PRIVILEGED_PHONE_STATE);
if (!isImsSingleRegistrationSupportedOnDevice()) {
return false;
}
@@ -430,7 +434,7 @@
public void createSipDelegate(int subId, DelegateRequest request, String packageName,
ISipDelegateConnectionStateCallback delegateState,
ISipDelegateMessageCallback delegateMessage) {
- enforceModifyPermission();
+ enforceImsSingleRegistrationPermission("createSipDelegate");
if (!isImsSingleRegistrationSupportedOnDevice()) {
throw new ServiceSpecificException(ImsException.CODE_ERROR_UNSUPPORTED_OPERATION,
"SipDelegate creation is only supported for devices supporting IMS single "
@@ -468,7 +472,7 @@
@Override
public void destroySipDelegate(int subId, ISipDelegate connection, int reason) {
- enforceModifyPermission();
+ enforceImsSingleRegistrationPermission("destroySipDelegate");
final long identity = Binder.clearCallingIdentity();
try {
@@ -486,7 +490,7 @@
@Override
public void triggerNetworkRegistration(int subId, ISipDelegate connection, int sipCode,
String sipReason) {
- enforceModifyPermission();
+ enforceImsSingleRegistrationPermission("triggerNetworkRegistration");
final long identity = Binder.clearCallingIdentity();
try {
@@ -548,6 +552,15 @@
}
/**
+ * @throws SecurityException if the caller does not have the required
+ * PERFORM_IMS_SINGLE_REGISTRATION permission.
+ */
+ private void enforceImsSingleRegistrationPermission(String message) {
+ mApp.enforceCallingOrSelfPermission(
+ Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION, message);
+ }
+
+ /**
* Make sure the caller has the MODIFY_PHONE_STATE permission.
*
* @throws SecurityException if the caller does not have the required permission
diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index eac13bb..79bb301 100755
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java
@@ -21,6 +21,7 @@
import static com.android.internal.telephony.PhoneConstants.PHONE_TYPE_IMS;
import static com.android.internal.telephony.PhoneConstants.SUBSCRIPTION_KEY;
+import android.Manifest;
import android.Manifest.permission;
import android.annotation.NonNull;
import android.annotation.Nullable;
@@ -9416,9 +9417,11 @@
@Override
public void bootstrapAuthenticationRequest(int subId, int appType, Uri nafUrl,
UaSecurityProtocolIdentifier securityProtocol,
- boolean forceBootStrapping, IBootstrapAuthenticationCallback callback)
- throws RemoteException {
- enforceModifyPermission();
+ boolean forceBootStrapping, IBootstrapAuthenticationCallback callback) {
+ TelephonyPermissions.enforceAnyPermissionGrantedOrCarrierPrivileges(mApp, subId,
+ Binder.getCallingUid(), "bootstrapAuthenticationRequest",
+ Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION,
+ Manifest.permission.MODIFY_PHONE_STATE);
if (DBG) {
log("bootstrapAuthenticationRequest, subId:" + subId + ", appType:"
+ appType + ", NAF:" + nafUrl + ", sp:" + securityProtocol
@@ -9694,7 +9697,10 @@
*/
@Override
public boolean isRcsVolteSingleRegistrationCapable(int subId) {
- enforceReadPrivilegedPermission("isRcsVolteSingleRegistrationCapable");
+ TelephonyPermissions.enforceAnyPermissionGrantedOrCarrierPrivileges(mApp, subId,
+ Binder.getCallingUid(), "isRcsVolteSingleRegistrationCapable",
+ Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION,
+ permission.READ_PRIVILEGED_PHONE_STATE);
if (!SubscriptionManager.isValidSubscriptionId(subId)) {
throw new IllegalArgumentException("Invalid Subscription ID: " + subId);
@@ -9718,7 +9724,10 @@
@Override
public void registerRcsProvisioningChangedCallback(int subId,
IRcsConfigCallback callback) {
- enforceReadPrivilegedPermission("registerRcsProvisioningChangedCallback");
+ TelephonyPermissions.enforceAnyPermissionGrantedOrCarrierPrivileges(mApp, subId,
+ Binder.getCallingUid(), "registerRcsProvisioningChangedCallback",
+ Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION,
+ permission.READ_PRIVILEGED_PHONE_STATE);
if (!SubscriptionManager.isValidSubscriptionId(subId)) {
throw new IllegalArgumentException("Invalid Subscription ID: " + subId);
@@ -9746,7 +9755,10 @@
@Override
public void unregisterRcsProvisioningChangedCallback(int subId,
IRcsConfigCallback callback) {
- enforceReadPrivilegedPermission("unregisterRcsProvisioningChangedCallback");
+ TelephonyPermissions.enforceAnyPermissionGrantedOrCarrierPrivileges(mApp, subId,
+ Binder.getCallingUid(), "unregisterRcsProvisioningChangedCallback",
+ Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION,
+ permission.READ_PRIVILEGED_PHONE_STATE);
if (!SubscriptionManager.isValidSubscriptionId(subId)) {
throw new IllegalArgumentException("Invalid Subscription ID: " + subId);
@@ -9769,8 +9781,9 @@
* trigger RCS reconfiguration.
*/
public void triggerRcsReconfiguration(int subId) {
- TelephonyPermissions.enforceCallingOrSelfModifyPermissionOrCarrierPrivilege(
- mApp, subId, "triggerRcsReconfiguration");
+ TelephonyPermissions.enforceAnyPermissionGranted(mApp, Binder.getCallingUid(),
+ "triggerRcsReconfiguration",
+ Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION);
if (!SubscriptionManager.isValidSubscriptionId(subId)) {
throw new IllegalArgumentException("Invalid Subscription ID: " + subId);
@@ -9792,8 +9805,9 @@
* Provide the client configuration parameters of the RCS application.
*/
public void setRcsClientConfiguration(int subId, RcsClientConfiguration rcc) {
- TelephonyPermissions.enforceCallingOrSelfModifyPermissionOrCarrierPrivilege(
- mApp, subId, "setRcsClientConfiguration");
+ TelephonyPermissions.enforceAnyPermissionGranted(mApp, Binder.getCallingUid(),
+ "setRcsClientConfiguration",
+ Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION);
if (!SubscriptionManager.isValidSubscriptionId(subId)) {
throw new IllegalArgumentException("Invalid Subscription ID: " + subId);
diff --git a/src/com/android/phone/RcsProvisioningMonitor.java b/src/com/android/phone/RcsProvisioningMonitor.java
index 13dddec..2191e28 100644
--- a/src/com/android/phone/RcsProvisioningMonitor.java
+++ b/src/com/android/phone/RcsProvisioningMonitor.java
@@ -16,6 +16,7 @@
package com.android.phone;
+import android.Manifest;
import android.app.role.OnRoleHoldersChangedListener;
import android.app.role.RoleManager;
import android.content.BroadcastReceiver;
@@ -784,8 +785,7 @@
// Only send permission to the default sms app if it has the correct permissions
// except test mode enabled
if (!mTestModeEnabled) {
- //mPhone.sendBroadcast(intent, Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION);
- mPhone.sendBroadcast(intent);
+ mPhone.sendBroadcast(intent, Manifest.permission.PERFORM_IMS_SINGLE_REGISTRATION);
} else {
mPhone.sendBroadcast(intent);
}