DO NOT MERGE Revise security requirements for TelephonyManager#endCall.
Note: This fix will be applied up to and including O, but no further
since the P release includes an appropriate substitute API.
There are multiple apps using reflection to call TelephonyManager#endCall.
Although reliance on reflection to call internal implementation methods is
a bad practice, our previous fix for this method rendered a number of
popular apps in the ecosystem broken.
This patch relaxes the security restrictions surrounding the endCall method
and re-instates the ability for a caller holding CALL_PHONE permission
to end non-emergency calls.
In Android P, the new MODIFY_PHONE_STATE restriction remains in place as
the new TelecomManager#endCall API provides a supported means for apps to
reject or end calls.
Test: Use test app to ensure emergency calls cannot be terminated.
Test: Use test app to ensure calls can't be terminated in ECM mode.
Test: Use test app to ensure calls can be rejected/ended with CALL_PHONE
permission.
Test: Use test app to ensure calls cannot be rejected/ended without
CALL_PHONE permission.
Bug: 67862398
Change-Id: Ibac8f4f91402c91176f58fd951be122b513a4cc0
(cherry picked from commit 84101e8a0f89a97f79919debe181223384c97ba6)
1 file changed
