Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_services_Telephony / f3c90b3cb0db4c89825d89187a0bcbf91d16c4cf^! / . / src / com / android / phone / PhoneInterfaceManager.java
commitf3c90b3cb0db4c89825d89187a0bcbf91d16c4cf[log] [tgz]
authorAman Gupta <amagup@google.com>Thu Mar 17 04:54:16 2022 +0000
committerAman Gupta <amagup@google.com>Fri Mar 18 19:38:21 2022 +0000
treebff7dc78848ea6a6a88d770336eee3042bfa4a20
parentb2e353a4968cb2d3665308e2c2c75f1a692e0a4b [diff] [blame]
Throw SecurityException if caller does not have
READ_PRIVILEGED_PHONE_STATE even caller has the
CARRIER_PRIVILEGE_STATUS_HAS_ACCESS.

Test: build.
Bug: 221431393
Change-Id: I0a7bc42fa26b9532bc2f0e68a21c9703d7e0b6c3

diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index 3b3251a..5e6424d 100755
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java

@@ -8926,20 +8926,11 @@
         mApp.getSystemService(AppOpsManager.class)
                 .checkPackage(Binder.getCallingUid(), callingPackage);
 
-        boolean hasReadPermission = false;
         boolean isLogicalSlotAccessRestricted = false;
 
-        try {
-            enforceReadPrivilegedPermission("getUiccSlotsInfo");
-            hasReadPermission = true;
-        } catch (SecurityException e) {
-            // even without READ_PRIVILEGED_PHONE_STATE, we allow the call to continue if the caller
-            // has carrier privileges on an active UICC
-            if (checkCarrierPrivilegesForPackageAnyPhoneWithPermission(callingPackage)
-                    == TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS) {
-                hasReadPermission = true;
-            }
-        }
+        // This will make sure caller has the READ_PRIVILEGED_PHONE_STATE. Do not remove this as
+        // we are reading iccId which is PII data.
+        enforceReadPrivilegedPermission("getUiccSlotsInfo");
 
         // checking compatibility, if calling app's target SDK is T and beyond.
         if (CompatChanges.isChangeEnabled(GET_API_SIGNATURES_FROM_UICC_PORT_INFO,
@@ -8967,11 +8958,8 @@
                 } else {
                     cardId = slot.getEid();
                     if (TextUtils.isEmpty(cardId)) {
-                        // If cardId is null, use iccId of default port as cardId. Check if has
-                        // read permission otherwise set to null.(card is null which means no
-                        // carrier permission)
-                       cardId = hasReadPermission ? slot.getIccId(
-                               TelephonyManager.DEFAULT_PORT_INDEX) : null;
+                        // If cardId is null, use iccId of default port as cardId.
+                        cardId = slot.getIccId(TelephonyManager.DEFAULT_PORT_INDEX);
                     }
                 }
 
@@ -9003,7 +8991,7 @@
                 int[] portIndexes = slot.getPortList();
                 for (int portIdx : portIndexes) {
                     String iccId = IccUtils.stripTrailingFs(getIccId(slot, portIdx,
-                            callingPackage, hasReadPermission));
+                            callingPackage, /* hasReadPermission= */ true));
                     portInfos.add(new UiccPortInfo(iccId, portIdx,
                             slot.getPhoneIdFromPortIndex(portIdx), slot.isPortActive(portIdx)));
                 }