am 53c75014: Merge "Add OrSelf to privileged permission check." into mnc-dev

* commit '53c750142332cb33e604266b7c6d09191c32691c': Add OrSelf to privileged permission check.
author: Amit Mahajan <amitmahajan@google.com> 2015-07-30 23:58:34 +0000
committer: Android Git Automerger <android-git-automerger@android.com> 2015-07-30 23:58:34 +0000
commit: 135e2ce571fee7d64572454f55151225bcf22464 (patch)
tree: e4ccb40066ee62d659f780718c8921d93da57062
parent: ee6046add136d4791e71fb17a07076b425b7250c (diff)
parent: 53c750142332cb33e604266b7c6d09191c32691c (diff)
download: frameworks_base-135e2ce571fee7d64572454f55151225bcf22464.zip
frameworks_base-135e2ce571fee7d64572454f55151225bcf22464.tar.gz
frameworks_base-135e2ce571fee7d64572454f55151225bcf22464.tar.bz2
2 files changed, 13 insertions, 10 deletions
diff --git a/services/core/java/com/android/server/TelephonyRegistry.java b/services/core/java/com/android/server/TelephonyRegistry.java
index a06bb30..19a4851 100644
--- a/services/core/java/com/android/server/TelephonyRegistry.java
+++ b/services/core/java/com/android/server/TelephonyRegistry.java
@@ -362,10 +362,10 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
         }
 
         try {
-            mContext.enforceCallingPermission(
+            mContext.enforceCallingOrSelfPermission(
                     android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE,
                     "addOnSubscriptionsChangedListener");
-            // SKIP checking for run-time permission since obtained PRIVILEGED
+            // SKIP checking for run-time permission since caller or self has PRIVILEGED permission
         } catch (SecurityException e) {
             mContext.enforceCallingOrSelfPermission(
                     android.Manifest.permission.READ_PHONE_STATE,
@@ -481,9 +481,10 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
 
             if ((events & ENFORCE_PHONE_STATE_PERMISSION_MASK) != 0) {
                 try {
-                    mContext.enforceCallingPermission(
+                    mContext.enforceCallingOrSelfPermission(
                             android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE, null);
-                    // SKIP checking for run-time permission since obtained PRIVILEGED
+                    // SKIP checking for run-time permission since caller or self has PRIVILEGED
+                    // permission
                 } catch (SecurityException e) {
                     if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),
                             callingPackage) != AppOpsManager.MODE_ALLOWED) {
@@ -661,10 +662,10 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
     }
 
     private boolean canReadPhoneState(String callingPackage) {
-        if (mContext.checkCallingPermission(
+        if (mContext.checkCallingOrSelfPermission(
                 android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE) ==
                 PackageManager.PERMISSION_GRANTED) {
-            // SKIP checking for run-time permission since obtained PRIVILEGED
+            // SKIP checking for run-time permission since caller or self has PRIVILEGED permission
             return true;
         }
         boolean canReadPhoneState = mContext.checkCallingOrSelfPermission(
@@ -1589,9 +1590,10 @@ class TelephonyRegistry extends ITelephonyRegistry.Stub {
 
         if ((events & ENFORCE_PHONE_STATE_PERMISSION_MASK) != 0) {
             try {
-                mContext.enforceCallingPermission(
+                mContext.enforceCallingOrSelfPermission(
                         android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE, null);
-                // SKIP checking for run-time permission since obtained PRIVILEGED
+                // SKIP checking for run-time permission since caller or self has PRIVILEGED
+                // permission
             } catch (SecurityException e) {
                 mContext.enforceCallingOrSelfPermission(
                         android.Manifest.permission.READ_PHONE_STATE, null);
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
index cd982d3..46bda8c 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -1668,8 +1668,9 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
     public NetworkPolicy[] getNetworkPolicies(String callingPackage) {
         mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
         try {
-            mContext.enforceCallingPermission(READ_PRIVILEGED_PHONE_STATE, TAG);
-            // SKIP checking run-time OP_READ_PHONE_STATE since using PRIVILEGED
+            mContext.enforceCallingOrSelfPermission(READ_PRIVILEGED_PHONE_STATE, TAG);
+            // SKIP checking run-time OP_READ_PHONE_STATE since caller or self has PRIVILEGED
+            // permission
         } catch (SecurityException e) {
             mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, TAG);
author	Amit Mahajan <amitmahajan@google.com>	2015-07-30 23:58:34 +0000
committer	Android Git Automerger <android-git-automerger@android.com>	2015-07-30 23:58:34 +0000
commit	135e2ce571fee7d64572454f55151225bcf22464 (patch)
tree	e4ccb40066ee62d659f780718c8921d93da57062
parent	ee6046add136d4791e71fb17a07076b425b7250c (diff)
parent	53c750142332cb33e604266b7c6d09191c32691c (diff)
download	frameworks_base-135e2ce571fee7d64572454f55151225bcf22464.zip frameworks_base-135e2ce571fee7d64572454f55151225bcf22464.tar.gz frameworks_base-135e2ce571fee7d64572454f55151225bcf22464.tar.bz2