Merge cherrypicks of [14947191, 14947212, 14947132, 14947133, 14947450, 14947331] into security-aosp-oc-mr1-releaseandroid-security-8.1.0_r93 android-security-8.1.0_r92 android-security-8.1.0_r91 oreo-mr1-security-release

Change-Id: I026cfbb8f34ec1926505da3eea635c9380667c32
author: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2021-06-11 16:12:53 +0000
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> 2021-06-11 16:12:53 +0000
commit: 98ba0ca7a85b675b9f82878726fed63646f89ea2 (patch)
tree: a8ac813fa701b47997a50ca89577befe25152ff1
parent: 392688861a55c784aff881a480fcfeef3ac31ef8 (diff)
parent: 1697442cbbdcb5e7e377b120c10aada965bc7792 (diff)
download: telephony-oreo-mr1-security-release.tar.gz
1 files changed, 18 insertions, 2 deletions
diff --git a/src/java/com/android/internal/telephony/SubscriptionController.java b/src/java/com/android/internal/telephony/SubscriptionController.java
index f122cc0be5..c84fe5af64 100644
--- a/src/java/com/android/internal/telephony/SubscriptionController.java
+++ b/src/java/com/android/internal/telephony/SubscriptionController.java
@@ -41,6 +41,7 @@ import android.telephony.UiccAccessRule;
 import android.telephony.euicc.EuiccManager;
 import android.text.TextUtils;
 import android.text.format.Time;
+import android.util.EventLog;
 import android.util.Log;
 
 import com.android.internal.annotations.VisibleForTesting;
@@ -256,6 +257,11 @@ public class SubscriptionController extends ISub.Stub {
                 android.Manifest.permission.MODIFY_PHONE_STATE, message);
     }
 
+    private void enforceReadPrivilegedPhoneState(String message) {
+        mContext.enforceCallingOrSelfPermission(
+                Manifest.permission.READ_PRIVILEGED_PHONE_STATE, message);
+    }
+
     /**
      * Broadcast when SubscriptionInfo has changed
      * FIXME: Hopefully removed if the API council accepts SubscriptionInfoListener
@@ -734,8 +740,18 @@ public class SubscriptionController extends ISub.Stub {
 
     @Override
     public List<SubscriptionInfo> getAvailableSubscriptionInfoList(String callingPackage) {
-        if (!canReadPhoneState(callingPackage, "getAvailableSubscriptionInfoList")) {
-            throw new SecurityException("Need READ_PHONE_STATE to call "
+        try {
+            enforceReadPrivilegedPhoneState("getAvailableSubscriptionInfoList");
+        } catch (SecurityException e) {
+            try {
+                mContext.enforceCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE, null);
+                // If caller doesn't have READ_PRIVILEGED_PHONE_STATE permission but only
+                // has READ_PHONE_STATE permission, log this event.
+                EventLog.writeEvent(0x534e4554, "185235454", Binder.getCallingUid());
+            } catch (SecurityException ex) {
+                // Ignore
+            }
+            throw new SecurityException("Need READ_PRIVILEGED_PHONE_STATE to call "
                     + " getAvailableSubscriptionInfoList");
         }
author	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2021-06-11 16:12:53 +0000
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	2021-06-11 16:12:53 +0000
commit	98ba0ca7a85b675b9f82878726fed63646f89ea2 (patch)
tree	a8ac813fa701b47997a50ca89577befe25152ff1
parent	392688861a55c784aff881a480fcfeef3ac31ef8 (diff)
parent	1697442cbbdcb5e7e377b120c10aada965bc7792 (diff)
download	telephony-oreo-mr1-security-release.tar.gz