[automerger skipped] Merge "Turn off privilege fallback when using test privilege rules." am: 5efb37e049 am: 60dba8adda am: cfdbcec035 am: 9f99396bbd -s ours
am skip reason: Change-Id I61130ed4452a4a1bc60b825ef8b2243058ae9b40 with SHA-1 e14a5d4cf3 is in history
Original change: https://android-review.googlesource.com/c/platform/packages/services/Telephony/+/1442596
Change-Id: I6654e52704987f0ffc8f85c000e589875308ed8b
diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index 7e8a249..aaec1c1 100755
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java
@@ -5431,7 +5431,8 @@
.setMinSdkVersionForFine(Build.VERSION_CODES.Q)
.build());
if (locationResult != LocationAccessPolicy.LocationPermissionResult.ALLOWED) {
- SecurityException e = checkNetworkRequestForSanitizedLocationAccess(request, subId);
+ SecurityException e = checkNetworkRequestForSanitizedLocationAccess(
+ request, subId, callingPackage);
if (e != null) {
if (locationResult == LocationAccessPolicy.LocationPermissionResult.DENIED_HARD) {
throw e;
@@ -5454,8 +5455,8 @@
}
private SecurityException checkNetworkRequestForSanitizedLocationAccess(
- NetworkScanRequest request, int subId) {
- boolean hasCarrierPriv = getCarrierPrivilegeStatusForUid(subId, Binder.getCallingUid())
+ NetworkScanRequest request, int subId, String callingPackage) {
+ boolean hasCarrierPriv = checkCarrierPrivilegesForPackage(subId, callingPackage)
== TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS;
boolean hasNetworkScanPermission =
mApp.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SCAN)
@@ -5558,11 +5559,13 @@
final long identity = Binder.clearCallingIdentity();
try {
- Settings.Global.putInt(mApp.getContentResolver(),
- Settings.Global.PREFERRED_NETWORK_MODE + subId, networkType);
-
Boolean success = (Boolean) sendRequest(
CMD_SET_PREFERRED_NETWORK_TYPE, networkType, subId);
+
+ if (success) {
+ Settings.Global.putInt(mApp.getContentResolver(),
+ Settings.Global.PREFERRED_NETWORK_MODE + subId, networkType);
+ }
if (DBG) log("setPreferredNetworkType: " + (success ? "ok" : "fail"));
return success;
} finally {
@@ -6364,6 +6367,14 @@
@Override
public int getRadioAccessFamily(int phoneId, String callingPackage) {
Phone phone = PhoneFactory.getPhone(phoneId);
+ try {
+ TelephonyPermissions
+ .enforeceCallingOrSelfReadPrivilegedPhoneStatePermissionOrCarrierPrivilege(
+ mApp, phone.getSubId(), "getRadioAccessFamily");
+ } catch (SecurityException e) {
+ EventLog.writeEvent(0x534e4554, "150857259", -1, "Missing Permission");
+ throw e;
+ }
int raf = RadioAccessFamily.RAF_UNKNOWN;
if (phone == null) {
return raf;
@@ -6851,6 +6862,13 @@
final long identity = Binder.clearCallingIdentity();
try {
+ // isActiveSubId requires READ_PHONE_STATE, which we already check for above
+ if (!mSubscriptionController.isActiveSubId(subId, callingPackage, callingFeatureId)) {
+ Rlog.d(LOG_TAG,
+ "getServiceStateForSubscriber returning null for inactive subId=" + subId);
+ return null;
+ }
+
final Phone phone = getPhone(subId);
if (phone == null) {
return null;