diff options
author | Sarah Chin <sarahchin@google.com> | 2021-04-02 18:47:36 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2021-04-02 18:47:36 +0000 |
commit | 5ccc5d56fb466b0a507360c552f6a13e385b6b83 (patch) | |
tree | 8e1aaa36dd644b9818ee4a010297547415c2ef29 | |
parent | 3c8e09045598314506ceefa19a0b163ea5bb1304 (diff) | |
parent | 172f15e5e1a6ed5eee312c078d24c94e03f03fdc (diff) | |
download | base-5ccc5d56fb466b0a507360c552f6a13e385b6b83.tar.gz |
Merge "Update carrier privilege check in enforceSubscriptionPlanAccess" into rvc-qpr-dev
4 files changed, 21 insertions, 11 deletions
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java index ffa518e266d9..42bd8c512806 100644 --- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java @@ -3067,23 +3067,19 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { // Verify they're not lying about package name mAppOps.checkPackage(callingUid, callingPackage); - final SubscriptionManager sm; - final SubscriptionInfo si; final PersistableBundle config; + final TelephonyManager tm; final long token = Binder.clearCallingIdentity(); try { - sm = mContext.getSystemService(SubscriptionManager.class); - si = sm.getActiveSubscriptionInfo(subId); config = mCarrierConfigManager.getConfigForSubId(subId); + tm = mContext.getSystemService(TelephonyManager.class); } finally { Binder.restoreCallingIdentity(token); } - // First check: is caller the CarrierService? - if (si != null) { - if (si.isEmbedded() && sm.canManageSubscription(si, callingPackage)) { - return; - } + // First check: does caller have carrier privilege? + if (tm != null && tm.hasCarrierPrivileges(subId)) { + return; } // Second check: has the CarrierService delegated access? diff --git a/telephony/java/android/telephony/SubscriptionInfo.java b/telephony/java/android/telephony/SubscriptionInfo.java index 11667c83bc6a..0ee6568b6430 100644 --- a/telephony/java/android/telephony/SubscriptionInfo.java +++ b/telephony/java/android/telephony/SubscriptionInfo.java @@ -148,13 +148,14 @@ public class SubscriptionInfo implements Parcelable { /** * The access rules for this subscription, if it is embedded and defines any. + * This does not include access rules for non-embedded subscriptions. */ @Nullable private UiccAccessRule[] mNativeAccessRules; /** * The carrier certificates for this subscription that are saved in carrier configs. - * The other carrier certificates are embedded on Uicc and stored as part of mNativeAccessRules. + * This does not include access rules from the Uicc, whether embedded or non-embedded. */ @Nullable private UiccAccessRule[] mCarrierConfigAccessRules; @@ -661,7 +662,6 @@ public class SubscriptionInfo implements Parcelable { * is authorized to manage this subscription. * TODO and fix it properly in R / master: either deprecate this and have 3 APIs * native + carrier + all, or have this return all by default. - * @throws UnsupportedOperationException if this subscription is not embedded. * @hide */ @SystemApi diff --git a/telephony/java/android/telephony/SubscriptionManager.java b/telephony/java/android/telephony/SubscriptionManager.java index e9ee06c246ba..c8ba919aa40d 100644 --- a/telephony/java/android/telephony/SubscriptionManager.java +++ b/telephony/java/android/telephony/SubscriptionManager.java @@ -2631,6 +2631,10 @@ public class SubscriptionManager { * Checks whether the app with the given context is authorized to manage the given subscription * according to its metadata. * + * Only supported for embedded subscriptions (if {@link SubscriptionInfo#isEmbedded} returns + * true). To check for permissions for non-embedded subscription as well, + * {@see android.telephony.TelephonyManager#hasCarrierPrivileges}. + * * @param info The subscription to check. * @return whether the app is authorized to manage this subscription per its metadata. */ @@ -2643,6 +2647,10 @@ public class SubscriptionManager { * be authorized if it is included in the {@link android.telephony.UiccAccessRule} of the * {@link android.telephony.SubscriptionInfo} with the access status. * + * Only supported for embedded subscriptions (if {@link SubscriptionInfo#isEmbedded} returns + * true). To check for permissions for non-embedded subscription as well, + * {@see android.telephony.TelephonyManager#hasCarrierPrivileges}. + * * @param info The subscription to check. * @param packageName Package name of the app to check. * @return whether the app is authorized to manage this subscription per its access rules. diff --git a/telephony/java/android/telephony/TelephonyManager.java b/telephony/java/android/telephony/TelephonyManager.java index 35e263036694..10c3e6db5205 100644 --- a/telephony/java/android/telephony/TelephonyManager.java +++ b/telephony/java/android/telephony/TelephonyManager.java @@ -8534,6 +8534,9 @@ public class TelephonyManager { * call will return true. This access is granted by the owner of the UICC * card and does not depend on the registered carrier. * + * Note that this API applies to both physical and embedded subscriptions and + * is a superset of the checks done in SubscriptionManager#canManageSubscription. + * * @return true if the app has carrier privileges. */ public boolean hasCarrierPrivileges() { @@ -8547,6 +8550,9 @@ public class TelephonyManager { * call will return true. This access is granted by the owner of the UICC * card and does not depend on the registered carrier. * + * Note that this API applies to both physical and embedded subscriptions and + * is a superset of the checks done in SubscriptionManager#canManageSubscription. + * * @param subId The subscription to use. * @return true if the app has carrier privileges. * @hide |