[security] SubscriptionGroup is exposed to unprivileged callers SubscriptionInfo.mGroupUUID is not cleared in conditionallyRemoveIdentifiers if the caller only has READ_PHONE_STATE (based on a check to checkReadPhoneState) and not READ_DEVICE_IDENTIFIERS. Bug: 181053462 Test: atest SubscriptionManagerTest Change-Id: Ic2b62523330dc6e2169ad851715c4ab3da3b29cf Merged-In: Ic2b62523330dc6e2169ad851715c4ab3da3b29cf (cherry picked from commit 121c969e22950cd966bb99b101c1e7e50084ae3c)

commit: 76ad235b052eb63e9ae2b472f4973f97bc86cebd [log] [tgz]
author: SongFerngWang <songferngwang@google.com> Wed May 05 21:33:00 2021 +0800
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Wed Jun 30 05:29:50 2021 +0000
tree: fdd89c15b87d13460cce7e04019246a4d944981d
parent: 661a05dddbef9d77401ae3d7c8daee7b18d01d9a [diff]
diff --git a/telephony/java/android/telephony/SubscriptionInfo.java b/telephony/java/android/telephony/SubscriptionInfo.java
index 11667c8..8222eef 100644
--- a/telephony/java/android/telephony/SubscriptionInfo.java
+++ b/telephony/java/android/telephony/SubscriptionInfo.java

@@ -568,6 +568,13 @@
     /**
      * @hide
      */
+    public void clearGroupUuid() {
+        this.mGroupUUID = null;
+    }
+
+    /**
+     * @hide
+     */
     public List<String> getEhplmns() {
         return mEhplmns == null ? Collections.emptyList() : Arrays.asList(mEhplmns);
     }
commit	76ad235b052eb63e9ae2b472f4973f97bc86cebd	[log] [tgz]
author	SongFerngWang <songferngwang@google.com>	Wed May 05 21:33:00 2021 +0800
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	Wed Jun 30 05:29:50 2021 +0000
tree	fdd89c15b87d13460cce7e04019246a4d944981d
parent	661a05dddbef9d77401ae3d7c8daee7b18d01d9a [diff]