Merge "Add checks for READ_PRIVILEGED_PHONE_STATE." into mnc-dev

author: Amit Mahajan <amitmahajan@google.com> 2015-07-14 17:59:17 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2015-07-14 17:59:20 +0000
commit: 51b4e97ae42fb789b7d1c9d4134ddaa7e2b27b11 (patch)
tree: dc3efabeb5d81de6fd15dd95809d6455e3cdb582 /services
parent: fe03a84bc6d59e9b09029cfa8800bd9ef8d85d18 (diff)
parent: 7c5befa4a7ccd6e7e91ffdd93264b717259ec863 (diff)
download: frameworks_base-51b4e97ae42fb789b7d1c9d4134ddaa7e2b27b11.zip
frameworks_base-51b4e97ae42fb789b7d1c9d4134ddaa7e2b27b11.tar.gz
frameworks_base-51b4e97ae42fb789b7d1c9d4134ddaa7e2b27b11.tar.bz2
1 files changed, 10 insertions, 4 deletions
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
index f618c3e..f8f00ef 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -22,6 +22,7 @@ import static android.Manifest.permission.DUMP;
 import static android.Manifest.permission.MANAGE_NETWORK_POLICY;
 import static android.Manifest.permission.READ_NETWORK_USAGE_HISTORY;
 import static android.Manifest.permission.READ_PHONE_STATE;
+import static android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE;
 import static android.content.Intent.ACTION_PACKAGE_ADDED;
 import static android.content.Intent.ACTION_UID_REMOVED;
 import static android.content.Intent.ACTION_USER_ADDED;
@@ -1651,11 +1652,16 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
     @Override
     public NetworkPolicy[] getNetworkPolicies(String callingPackage) {
         mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
-        mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, TAG);
+        try {
+            mContext.enforceCallingPermission(READ_PRIVILEGED_PHONE_STATE, TAG);
+            // SKIP checking run-time OP_READ_PHONE_STATE since using PRIVILEGED
+        } catch (SecurityException e) {
+            mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, TAG);
 
-        if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),
-                callingPackage) != AppOpsManager.MODE_ALLOWED) {
-            return new NetworkPolicy[0];
+            if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),
+                    callingPackage) != AppOpsManager.MODE_ALLOWED) {
+                return new NetworkPolicy[0];
+            }
         }
 
         synchronized (mRulesLock) {
author	Amit Mahajan <amitmahajan@google.com>	2015-07-14 17:59:17 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2015-07-14 17:59:20 +0000
commit	51b4e97ae42fb789b7d1c9d4134ddaa7e2b27b11 (patch)
tree	dc3efabeb5d81de6fd15dd95809d6455e3cdb582 /services
parent	fe03a84bc6d59e9b09029cfa8800bd9ef8d85d18 (diff)
parent	7c5befa4a7ccd6e7e91ffdd93264b717259ec863 (diff)
download	frameworks_base-51b4e97ae42fb789b7d1c9d4134ddaa7e2b27b11.zip frameworks_base-51b4e97ae42fb789b7d1c9d4134ddaa7e2b27b11.tar.gz frameworks_base-51b4e97ae42fb789b7d1c9d4134ddaa7e2b27b11.tar.bz2