Check READ_PRIVILEGED_PHONE_STATE instead of READ_PHONE_STATE for getAvailableSubscriptionInfoList
Test: atest SubscriptionManagerTest#testSubscriptionGroupingWithPermission; Safety net logging
Bug: 185235454
Change-Id: Ideef8793ac3c42ab30ac3004071d6be19e15b5fe
(cherry picked from commit 9f741b9a3f871cde331f0c0f06abaa42e74f87f8)
diff --git a/src/java/com/android/internal/telephony/SubscriptionController.java b/src/java/com/android/internal/telephony/SubscriptionController.java
index f5c173e..8a03431 100644
--- a/src/java/com/android/internal/telephony/SubscriptionController.java
+++ b/src/java/com/android/internal/telephony/SubscriptionController.java
@@ -59,6 +59,7 @@
import android.telephony.UiccSlotInfo;
import android.telephony.euicc.EuiccManager;
import android.text.TextUtils;
+import android.util.EventLog;
import android.util.LocalLog;
import android.util.Log;
@@ -1055,12 +1056,18 @@
@Override
public List<SubscriptionInfo> getAvailableSubscriptionInfoList(String callingPackage,
String callingFeatureId) {
- // This API isn't public, so no need to provide a valid subscription ID - we're not worried
- // about carrier-privileged callers not having access.
- if (!TelephonyPermissions.checkCallingOrSelfReadPhoneState(
- mContext, SubscriptionManager.INVALID_SUBSCRIPTION_ID, callingPackage,
- callingFeatureId, "getAvailableSubscriptionInfoList")) {
- throw new SecurityException("Need READ_PHONE_STATE to call "
+ try {
+ enforceReadPrivilegedPhoneState("getAvailableSubscriptionInfoList");
+ } catch (SecurityException e) {
+ try {
+ mContext.enforceCallingOrSelfPermission(Manifest.permission.READ_PHONE_STATE, null);
+ // If caller doesn't have READ_PRIVILEGED_PHONE_STATE permission but only
+ // has READ_PHONE_STATE permission, log this event.
+ EventLog.writeEvent(0x534e4554, "185235454", Binder.getCallingUid());
+ } catch (SecurityException ex) {
+ // Ignore
+ }
+ throw new SecurityException("Need READ_PRIVILEGED_PHONE_STATE to call "
+ " getAvailableSubscriptionInfoList");
}
