Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_services_Telephony / 6d3d6b3c5cfd838e72df32eb57e7816df0210310^! / . / src / com / android / phone / CarrierConfigLoader.java
commit6d3d6b3c5cfd838e72df32eb57e7816df0210310[log] [tgz]
authorMalcolm Chen <refuhoo@google.com>Thu Mar 01 13:58:03 2018 -0800
committerMalcolm Chen <refuhoo@google.com>Fri Jul 27 14:34:45 2018 -0700
tree34b529cd4962c5c1f13d0dfd273718dd82165c6e
parent0c3e81b74304b75d53e55b55111e9567f630366e [diff] [blame]
Have proper permission check in getConfigForSubId

getConfigForSubId also needs to check permission from AppOps, but
it's not. This change fixes it. Within this commit, PhoneGlobals#
getCarrierConfigForSubId always passes its own packageName as
when calling getConfigForSubId, so further change is needed (pass
external callingPackage or clear calling identity).

Bug: 73136824
Test: regression
Change-Id: Icfefd2cc17633304a397d573a9e010385c5799c8
Merged-In: Icfefd2cc17633304a397d573a9e010385c5799c8

diff --git a/src/com/android/phone/CarrierConfigLoader.java b/src/com/android/phone/CarrierConfigLoader.java
index dab2177..42c9918 100644
--- a/src/com/android/phone/CarrierConfigLoader.java
+++ b/src/com/android/phone/CarrierConfigLoader.java

@@ -16,8 +16,6 @@
 
 package com.android.phone;
 
-import static android.Manifest.permission.READ_PHONE_STATE;
-import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE;
 import static android.service.carrier.CarrierService.ICarrierServiceWrapper.KEY_CONFIG_BUNDLE;
 import static android.service.carrier.CarrierService.ICarrierServiceWrapper.RESULT_ERROR;
 
@@ -777,22 +775,10 @@
 
     @Override public
     @NonNull
-    PersistableBundle getConfigForSubId(int subId) {
-        // TODO(b/73136824): Migrate to TelephonyPermissions#checkCallingOrSelfReadPhoneState.
-        try {
-            mContext.enforceCallingOrSelfPermission(READ_PRIVILEGED_PHONE_STATE, null);
-            // SKIP checking run-time READ_PHONE_STATE since using PRIVILEGED
-        } catch (SecurityException e) {
-            try {
-                mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, null);
-            } catch (SecurityException securityException) {
-                // If we don't have the runtime permission, but do have carrier privileges, that
-                // suffices for reading phone state.
-                if (!SubscriptionManager.isValidSubscriptionId(subId)) {
-                    throw securityException;
-                }
-                TelephonyPermissions.enforceCallingOrSelfCarrierPrivilege(subId, null);
-            }
+    PersistableBundle getConfigForSubId(int subId, String callingPackage) {
+        if (!TelephonyPermissions.checkCallingOrSelfReadPhoneState(
+                mContext, subId, callingPackage, "getCarrierConfig")) {
+            return new PersistableBundle();
         }
 
         int phoneId = SubscriptionManager.getPhoneId(subId);