Merge "Check system and phone process in a multiple-user-aware way" into main
diff --git a/src/com/android/phone/CarrierConfigLoader.java b/src/com/android/phone/CarrierConfigLoader.java
index 47fd96e..d4822ad 100644
--- a/src/com/android/phone/CarrierConfigLoader.java
+++ b/src/com/android/phone/CarrierConfigLoader.java
@@ -44,7 +44,6 @@
import android.os.Message;
import android.os.PermissionEnforcer;
import android.os.PersistableBundle;
-import android.os.Process;
import android.os.RemoteException;
import android.os.ResultReceiver;
import android.os.SystemProperties;
@@ -1758,12 +1757,14 @@
private void enforceCallerIsSystemOrRequestingPackage(@NonNull String requestingPackage)
throws SecurityException {
final int callingUid = Binder.getCallingUid();
- if (callingUid == Process.ROOT_UID || callingUid == Process.SYSTEM_UID
- || callingUid == Process.SHELL_UID || callingUid == Process.PHONE_UID) {
- // Bug reports (dumpstate.cpp) run as SHELL, and let some other privileged UIDs through
- // as well.
+ if (TelephonyPermissions.isRootOrShell(callingUid)
+ || TelephonyPermissions.isSystemOrPhone(
+ callingUid)) {
+ // Bug reports (dumpstate.cpp) run as SHELL, and let some other privileged UIDs
+ // through as well.
return;
}
+
// An app is trying to dump extra detail, block it if they aren't who they claim to be.
AppOpsManager appOps = mContext.getSystemService(AppOpsManager.class);
if (appOps == null) {
diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index 356a79e..9aed910 100644
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java
@@ -12297,7 +12297,7 @@
private static void validateSignalStrengthUpdateRequest(Context context,
SignalStrengthUpdateRequest request, int callingUid) {
- if (callingUid == Process.PHONE_UID || callingUid == Process.SYSTEM_UID) {
+ if (TelephonyPermissions.isSystemOrPhone(callingUid)) {
// phone/system process do not have further restriction on request
return;
}