Create and grant provider permission
Gate the provider with this permission. The old permission
TELEPHONY_DEFAULTS is being removed. This permission should only be able
to be obtained by apps which share our cert (network-stack).
Bug: 148482594
Test: atest CellBroadcastProviderTest
Change-Id: Ibfdea1fb9640dd02d6641dcfba6c3d3bcbf58b0e
diff --git a/AndroidManifest.xml b/AndroidManifest.xml
index eff2cd6..1929faf 100644
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -24,6 +24,10 @@
<original-package android:name="com.android.cellbroadcastservice" />
+ <!-- gives the permission holder access to the CellBroadcastProvider -->
+ <permission android:name="com.android.cellbroadcastservice.FULL_ACCESS_CELL_BROADCAST_HISTORY"
+ android:protectionLevel="signature" />
+
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.RECEIVE_EMERGENCY_BROADCAST" />
@@ -32,7 +36,6 @@
<uses-permission android:name="android.permission.MODIFY_PHONE_STATE" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.BROADCAST_SMS" />
- <uses-permission android:name="android.permission.GRANT_RUNTIME_PERMISSIONS_TO_TELEPHONY_DEFAULTS" />
<protected-broadcast android:name="android.telephony.action.AREA_INFO_UPDATED" />
diff --git a/AndroidManifest_Platform.xml b/AndroidManifest_Platform.xml
index 2c7314f..06c4ba5 100644
--- a/AndroidManifest_Platform.xml
+++ b/AndroidManifest_Platform.xml
@@ -22,6 +22,10 @@
<original-package android:name="com.android.cellbroadcastservice" />
+ <!-- gives the permission holder access to the CellBroadcastProvider -->
+ <permission android:name="com.android.cellbroadcastservice.FULL_ACCESS_CELL_BROADCAST_HISTORY"
+ android:protectionLevel="signature" />
+
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.RECEIVE_EMERGENCY_BROADCAST" />
@@ -30,7 +34,6 @@
<uses-permission android:name="android.permission.MODIFY_PHONE_STATE" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.BROADCAST_SMS" />
- <uses-permission android:name="android.permission.GRANT_RUNTIME_PERMISSIONS_TO_TELEPHONY_DEFAULTS" />
<protected-broadcast android:name="android.telephony.action.AREA_INFO_UPDATED" />
diff --git a/src/com/android/cellbroadcastservice/CellBroadcastProvider.java b/src/com/android/cellbroadcastservice/CellBroadcastProvider.java
index a1032f5..c64c1aa 100644
--- a/src/com/android/cellbroadcastservice/CellBroadcastProvider.java
+++ b/src/com/android/cellbroadcastservice/CellBroadcastProvider.java
@@ -39,9 +39,9 @@
/**
* The content provider that provides access of cell broadcast message to application.
- * Permission {@link android.permission.READ_CELL_BROADCASTS} is required for querying the cell
- * broadcast message. Only phone process has the permission to write/update the database via this
- * provider.
+ * Permission {@link com.android.cellbroadcastservice.FULL_ACCESS_CELL_BROADCAST_HISTORY} is
+ * required for querying the cell broadcast message. Only the Cell Broadcast module should have this
+ * permission.
*/
public class CellBroadcastProvider extends ContentProvider {
/** Interface for read/write permission check. */
@@ -418,10 +418,8 @@
private class CellBroadcastPermissionChecker implements PermissionChecker {
@Override
public boolean hasWritePermission() {
- // Only the telephony system compontents e.g, Cellbroadcast service has the write
- // permission to modify this provider.
int status = getContext().checkCallingOrSelfPermission(
- "android.permission.GRANT_RUNTIME_PERMISSIONS_TO_TELEPHONY_DEFAULTS");
+ "com.android.cellbroadcastservice.FULL_ACCESS_CELL_BROADCAST_HISTORY");
if (status == PackageManager.PERMISSION_GRANTED) {
return true;
}
@@ -430,10 +428,8 @@
@Override
public boolean hasReadPermission() {
- // Only the telephony system compontents e.g, Cellbroadcast service has the read
- // permission to access this provider.
int status = getContext().checkCallingOrSelfPermission(
- "android.permission.GRANT_RUNTIME_PERMISSIONS_TO_TELEPHONY_DEFAULTS");
+ "com.android.cellbroadcastservice.FULL_ACCESS_CELL_BROADCAST_HISTORY");
if (status == PackageManager.PERMISSION_GRANTED) {
return true;
}