Allow Location-off NetworkScan without READ_PRIV
There is a bug that was failing to perform the carrier
privileges permissions check unless the caller had
READ_PRIVILEGED_PHONE_STATE. Update the check to use
a different method for verifying carrier privileges that
doesn't require READ_PRIVILEGED_PHONE_STATE as a prereq.
Bug: 169022494
Test: ag/12690432
Change-Id: Ia8779004e98f63c1fca82fa6d3ccffb445d9fde9
diff --git a/src/com/android/phone/PhoneInterfaceManager.java b/src/com/android/phone/PhoneInterfaceManager.java
index 865f59b..8bf31c1 100755
--- a/src/com/android/phone/PhoneInterfaceManager.java
+++ b/src/com/android/phone/PhoneInterfaceManager.java
@@ -5405,7 +5405,8 @@
.setMinSdkVersionForFine(Build.VERSION_CODES.Q)
.build());
if (locationResult != LocationAccessPolicy.LocationPermissionResult.ALLOWED) {
- SecurityException e = checkNetworkRequestForSanitizedLocationAccess(request, subId);
+ SecurityException e = checkNetworkRequestForSanitizedLocationAccess(
+ request, subId, callingPackage);
if (e != null) {
if (locationResult == LocationAccessPolicy.LocationPermissionResult.DENIED_HARD) {
throw e;
@@ -5428,8 +5429,8 @@
}
private SecurityException checkNetworkRequestForSanitizedLocationAccess(
- NetworkScanRequest request, int subId) {
- boolean hasCarrierPriv = getCarrierPrivilegeStatusForUid(subId, Binder.getCallingUid())
+ NetworkScanRequest request, int subId, String callingPackage) {
+ boolean hasCarrierPriv = checkCarrierPrivilegesForPackage(subId, callingPackage)
== TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS;
boolean hasNetworkScanPermission =
mApp.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SCAN)