Merge "Add OrSelf to privileged permission check." into mnc-dev

Author: Amit Mahajan

services/core/java/com/android/server/TelephonyRegistry.java

@@ -362,10 +362,10 @@ public void addOnSubscriptionsChangedListener(String callingPackage,
         }
 
         try {
-            mContext.enforceCallingPermission(
+            mContext.enforceCallingOrSelfPermission(
                     android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE,
                     "addOnSubscriptionsChangedListener");
-            // SKIP checking for run-time permission since obtained PRIVILEGED
+            // SKIP checking for run-time permission since caller or self has PRIVILEGED permission
         } catch (SecurityException e) {
             mContext.enforceCallingOrSelfPermission(
                     android.Manifest.permission.READ_PHONE_STATE,
@@ -481,9 +481,10 @@ private void listen(String callingPackage, IPhoneStateListener callback, int eve
 
             if ((events & ENFORCE_PHONE_STATE_PERMISSION_MASK) != 0) {
                 try {
-                    mContext.enforceCallingPermission(
+                    mContext.enforceCallingOrSelfPermission(
                             android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE, null);
-                    // SKIP checking for run-time permission since obtained PRIVILEGED
+                    // SKIP checking for run-time permission since caller or self has PRIVILEGED
+                    // permission
                 } catch (SecurityException e) {
                     if (mAppOps.noteOp(AppOpsManager.OP_READ_PHONE_STATE, Binder.getCallingUid(),
                             callingPackage) != AppOpsManager.MODE_ALLOWED) {
@@ -661,10 +662,10 @@ private void listen(String callingPackage, IPhoneStateListener callback, int eve
     }
 
     private boolean canReadPhoneState(String callingPackage) {
-        if (mContext.checkCallingPermission(
+        if (mContext.checkCallingOrSelfPermission(
                 android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE) ==
                 PackageManager.PERMISSION_GRANTED) {
-            // SKIP checking for run-time permission since obtained PRIVILEGED
+            // SKIP checking for run-time permission since caller or self has PRIVILEGED permission
             return true;
         }
         boolean canReadPhoneState = mContext.checkCallingOrSelfPermission(
@@ -1589,9 +1590,10 @@ private void checkListenerPermission(int events) {
 
         if ((events & ENFORCE_PHONE_STATE_PERMISSION_MASK) != 0) {
             try {
-                mContext.enforceCallingPermission(
+                mContext.enforceCallingOrSelfPermission(
                         android.Manifest.permission.READ_PRIVILEGED_PHONE_STATE, null);
-                // SKIP checking for run-time permission since obtained PRIVILEGED
+                // SKIP checking for run-time permission since caller or self has PRIVILEGED
+                // permission
             } catch (SecurityException e) {
                 mContext.enforceCallingOrSelfPermission(
                         android.Manifest.permission.READ_PHONE_STATE, null);

services/core/java/com/android/server/net/NetworkPolicyManagerService.java

@@ -1668,8 +1668,9 @@ void addNetworkPolicyLocked(NetworkPolicy policy) {
     public NetworkPolicy[] getNetworkPolicies(String callingPackage) {
         mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
         try {
-            mContext.enforceCallingPermission(READ_PRIVILEGED_PHONE_STATE, TAG);
-            // SKIP checking run-time OP_READ_PHONE_STATE since using PRIVILEGED
+            mContext.enforceCallingOrSelfPermission(READ_PRIVILEGED_PHONE_STATE, TAG);
+            // SKIP checking run-time OP_READ_PHONE_STATE since caller or self has PRIVILEGED
+            // permission
         } catch (SecurityException e) {
             mContext.enforceCallingOrSelfPermission(READ_PHONE_STATE, TAG);