[security] SubscriptionGroup is exposed to unprivileged callers SubscriptionInfo.mGroupUUID is not cleared in conditionallyRemoveIdentifiers if the caller only has READ_PHONE_STATE (based on a check to checkReadPhoneState) and not READ_DEVICE_IDENTIFIERS. Bug: 181053462 Test: atest SubscriptionManagerTest Change-Id: I68d1edb4e7cc2ad6696363ea1dacb09e839a651e Merged-In: I68d1edb4e7cc2ad6696363ea1dacb09e839a651e (cherry picked from commit f93d57ebb057af5bdb493dfe34519bf97869b023)

commit: 34a25ceffd8f9d4d8bfc1f79d42dc9843d87c2f7 [log] [tgz]
author: SongFerngWang <songferngwang@google.com> Wed May 05 21:30:39 2021 +0800
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Thu Jul 01 11:00:38 2021 +0000
tree: 4e6308574bc7a3ecf8a830d5ad258533043a0268
parent: 80e4a258578df50bfa5e02520afadb460a414dee [diff]
diff --git a/src/java/com/android/internal/telephony/SubscriptionController.java b/src/java/com/android/internal/telephony/SubscriptionController.java
index 94d6d5f..f5c173e 100644
--- a/src/java/com/android/internal/telephony/SubscriptionController.java
+++ b/src/java/com/android/internal/telephony/SubscriptionController.java

@@ -4078,6 +4078,7 @@
         if (!hasIdentifierAccess) {
             result.clearIccId();
             result.clearCardString();
+            result.clearGroupUuid();
         }
         if (!hasPhoneNumberAccess) {
             result.clearNumber();
commit	34a25ceffd8f9d4d8bfc1f79d42dc9843d87c2f7	[log] [tgz]
author	SongFerngWang <songferngwang@google.com>	Wed May 05 21:30:39 2021 +0800
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	Thu Jul 01 11:00:38 2021 +0000
tree	4e6308574bc7a3ecf8a830d5ad258533043a0268
parent	80e4a258578df50bfa5e02520afadb460a414dee [diff]