Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_services_Telephony / b7a95a4ffd44c8dbab2fc60c7ff587594c8e8721^! / . / src
commitb7a95a4ffd44c8dbab2fc60c7ff587594c8e8721[log] [tgz]
authorRambo Wang <rambowang@google.com>Thu Mar 07 04:57:29 2024 +0000
committerrambowang <rambowang@google.com>Tue Jul 02 15:11:08 2024 -0500
tree0efc32008541d75550070538a2a188bce3669070
parent7c35b1060dd544d0e9e25de5141a6d275a128c24 [diff]
Check system and phone process in a multiple-user-aware way

This CL calls UserHandle.isSameApp to make sure the UID check with
Process.SYSTEM_UID and PHONE_UID are multiple-user-aware.

The logic to directly compare UID with PROCESS_XXX_UID only works for
system user. For secondary users, system/phone processes may run with UID
prefixed with user id.

Bug: 328511085
Test: atest framewoksTelephonyTests
Flag: com.android.internal.telephony.flags.support_phone_uid_check_for_multiuser
Change-Id: If3144179d7986c2a322a43459c22e0435fbaf4d0

diff --git a/src/com/android/phone/CarrierConfigLoader.java b/src/com/android/phone/CarrierConfigLoader.java
index 47fd96e..d4822ad 100644
--- a/src/com/android/phone/CarrierConfigLoader.java
+++ b/src/com/android/phone/CarrierConfigLoader.java

@@ -44,7 +44,6 @@
 import android.os.Message;
 import android.os.PermissionEnforcer;
 import android.os.PersistableBundle;
-import android.os.Process;
 import android.os.RemoteException;
 import android.os.ResultReceiver;
 import android.os.SystemProperties;
@@ -1758,12 +1757,14 @@
     private void enforceCallerIsSystemOrRequestingPackage(@NonNull String requestingPackage)
             throws SecurityException {
         final int callingUid = Binder.getCallingUid();
-        if (callingUid == Process.ROOT_UID || callingUid == Process.SYSTEM_UID
-                || callingUid == Process.SHELL_UID || callingUid == Process.PHONE_UID) {
-            // Bug reports (dumpstate.cpp) run as SHELL, and let some other privileged UIDs through
-            // as well.
+        if (TelephonyPermissions.isRootOrShell(callingUid)
+                || TelephonyPermissions.isSystemOrPhone(
+                callingUid)) {
+            // Bug reports (dumpstate.cpp) run as SHELL, and let some other privileged UIDs
+            // through as well.
             return;
         }
+
         // An app is trying to dump extra detail, block it if they aren't who they claim to be.
         AppOpsManager appOps = mContext.getSystemService(AppOpsManager.class);
         if (appOps == null) {

diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index 07b027e..97b6a5a 100644
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java

@@ -12296,7 +12296,7 @@
 
     private static void validateSignalStrengthUpdateRequest(Context context,
             SignalStrengthUpdateRequest request, int callingUid) {
-        if (callingUid == Process.PHONE_UID || callingUid == Process.SYSTEM_UID) {
+        if (TelephonyPermissions.isSystemOrPhone(callingUid)) {
             // phone/system process do not have further restriction on request
             return;
         }