Fix permission check for reading SMS on UICC.
When accessing SMS stored on UICC via TelephonyProvider, we need to
use the com.android.phone UID for the call to IccSmsInterfaceManager
to avoid a UID mismatch failure in the app ops check. Add code to
SmsProvider to save and restore the original caller identity.
Also set android:multiprocess attribute to false in the manifest so
that the providers don't run inside the caller's process, which
also leads to a security exception.
Bug: 10131077
Change-Id: Ie6d3477b14973632f3706201de91353950359ee0
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index 9906731..7631950 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -19,6 +19,7 @@
coreApp="true"
android:sharedUserId="android.uid.phone">
+ <uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<application android:process="com.android.phone"
@@ -30,18 +31,18 @@
<provider android:name="TelephonyProvider"
android:authorities="telephony"
android:exported="true"
- android:multiprocess="true" />
+ android:multiprocess="false" />
<provider android:name="SmsProvider"
android:authorities="sms"
- android:multiprocess="true"
+ android:multiprocess="false"
android:exported="true"
android:readPermission="android.permission.READ_SMS"
android:writePermission="android.permission.WRITE_SMS" />
<provider android:name="MmsProvider"
android:authorities="mms"
- android:multiprocess="true"
+ android:multiprocess="false"
android:exported="true"
android:readPermission="android.permission.READ_SMS"
android:writePermission="android.permission.WRITE_SMS">
@@ -51,7 +52,7 @@
<provider android:name="MmsSmsProvider"
android:authorities="mms-sms"
- android:multiprocess="true"
+ android:multiprocess="false"
android:exported="true"
android:readPermission="android.permission.READ_SMS"
android:writePermission="android.permission.WRITE_SMS" />