Enforce privileged phone state for getSubscriptionProperty(GROUP_UUID)
Bug: 213457638
Test: atest
Change-Id: I8d7cc836402a9a7695c972860d38035c4ec0fa44
Merged-In: I8d7cc836402a9a7695c972860d38035c4ec0fa44
Merged-In: Ie8017c39a495f93603aeb5d1a335fe2fe528cf77
(cherry picked from commit b0e3c5d17e44b6de4ddb5e1ad0018243d38e2cc4)
(cherry picked from commit b7399246a90b2125ccca606e7eb3c5e7e2160cdb)
Merged-In: I8d7cc836402a9a7695c972860d38035c4ec0fa44
diff --git a/src/java/com/android/internal/telephony/SubscriptionController.java b/src/java/com/android/internal/telephony/SubscriptionController.java
index dea8c80..94033f4 100644
--- a/src/java/com/android/internal/telephony/SubscriptionController.java
+++ b/src/java/com/android/internal/telephony/SubscriptionController.java
@@ -3237,9 +3237,19 @@
@Override
public String getSubscriptionProperty(int subId, String propKey, String callingPackage,
String callingFeatureId) {
- if (!TelephonyPermissions.checkCallingOrSelfReadPhoneState(mContext, subId, callingPackage,
- callingFeatureId, "getSubscriptionProperty")) {
- return null;
+ switch (propKey) {
+ case SubscriptionManager.GROUP_UUID:
+ if (mContext.checkCallingOrSelfPermission(
+ Manifest.permission.READ_PRIVILEGED_PHONE_STATE) != PERMISSION_GRANTED) {
+ EventLog.writeEvent(0x534e4554, "213457638", Binder.getCallingUid());
+ return null;
+ }
+ break;
+ default:
+ if (!TelephonyPermissions.checkCallingOrSelfReadPhoneState(mContext, subId,
+ callingPackage, callingFeatureId, "getSubscriptionProperty")) {
+ return null;
+ }
}
final long identity = Binder.clearCallingIdentity();
diff --git a/tests/telephonytests/src/com/android/internal/telephony/SubscriptionControllerTest.java b/tests/telephonytests/src/com/android/internal/telephony/SubscriptionControllerTest.java
index a0a19bc..1ead1e2 100644
--- a/tests/telephonytests/src/com/android/internal/telephony/SubscriptionControllerTest.java
+++ b/tests/telephonytests/src/com/android/internal/telephony/SubscriptionControllerTest.java
@@ -962,6 +962,37 @@
@Test
@SmallTest
+ public void testGetSubscriptionProperty() throws Exception {
+ testInsertSim();
+ ContentValues values = new ContentValues();
+ values.put(SubscriptionManager.GROUP_UUID, 1);
+ mFakeTelephonyProvider.update(SubscriptionManager.CONTENT_URI, values,
+ SubscriptionManager.UNIQUE_KEY_SUBSCRIPTION_ID + "=" + 1, null);
+
+ mContextFixture.removeCallingOrSelfPermission(ContextFixture.PERMISSION_ENABLE_ALL);
+ mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE);
+
+ // should succeed with read phone state permission
+ String prop = mSubscriptionControllerUT.getSubscriptionProperty(1,
+ SubscriptionManager.CB_EXTREME_THREAT_ALERT, mContext.getOpPackageName(),
+ mContext.getAttributionTag());
+
+ assertNotEquals(null, prop);
+
+ // group UUID requires privileged phone state permission
+ prop = mSubscriptionControllerUT.getSubscriptionProperty(1, SubscriptionManager.GROUP_UUID,
+ mContext.getOpPackageName(), mContext.getAttributionTag());
+ assertEquals(null, prop);
+
+ // group UUID should succeed once privileged phone state permission is granted
+ mContextFixture.addCallingOrSelfPermission(Manifest.permission.READ_PRIVILEGED_PHONE_STATE);
+ prop = mSubscriptionControllerUT.getSubscriptionProperty(1, SubscriptionManager.GROUP_UUID,
+ mContext.getOpPackageName(), mContext.getAttributionTag());
+ assertNotEquals(null, prop);
+ }
+
+ @Test
+ @SmallTest
public void testCreateSubscriptionGroupWithCarrierPrivilegePermission() throws Exception {
testInsertSim();
// Adding a second profile and mark as embedded.
