| Age | Commit message (Collapse) | Author |
|---|
|
lineage-18.1
Signed-off-by: alk3pInjection <webmaster@raspii.tech>
Change-Id: Ifda025f9963e067b37475cf65de4276fdaeeedd2
|
|
If there is temporary failures in access rules retrieval, Secure Element
service should handle the re-initialization. NFC transactions usually
need to be completed in short time and should not wait for the access
control enforcer re-initialization.
Bug: 186588474
Test: HCE test in CtsVerifier
Change-Id: I6e6dd8c05622ff67f6b75a8a93d0db0d35bc7056
(cherry picked from commit 8ca26b9e6c7381ac51c3bfe4d774b5d61b1b30c3)
|
|
Return when SE is not connected
Bug: 185198557
Test: manual
Change-Id: I0c90862585f311bc6695235e316023aeceb9df7a
(cherry picked from commit cba6328078700b0d3adc92c8a95da9337718597a)
|
|
If there is temporary failures in access rules retrieval, Secure Element
service should handle the re-initialization. NFC transactions usually
need to be completed in short time and should not wait for the access
control enforcer re-initialization.
Bug: 186588474
Test: HCE test in CtsVerifier
Change-Id: I6e6dd8c05622ff67f6b75a8a93d0db0d35bc7056
|
|
Return when SE is not connected
Bug: 185198557
Test: manual
Change-Id: I0c90862585f311bc6695235e316023aeceb9df7a
|
|
As part of statsd becoming a Mainline module in R, autogenerated
StatsLog.write() calls are going away and replaced by *StatsLog.java
that is autogenerated for each module.
This CL adds autogenerated SecureElementStatsLog and replaces usages
of StatsLog with SecureElementStatsLog.
|
|
Warnings fixed: FORWARD_NULL
Checked for null before accessing method on mSEHal11.
|
|
1. Ensure the concurrent access to mChannels in Terminal.java
is protected by the same lock instance
2. Move the remove operation of mSessions into synchronized block
in method of Terminal.removeSession
3. Add synchronous block protection to mChannels.add operation in
SecureElementService.java
|
|
Do not directly provide privilege access to carrier privilege apps to
select ISD-R aid. Fallback to GP rules checking.
|
|
Do not return null directly when application try to openLogicalChannel
with null aid.
Check if it is privilege application first.
|
|
Listen to CARRIER_CONFIG_CHANGED and reinitialize UICC terminals.
|
|
Throw exception in setUpChannelAccess if this is not a privilege app.
|
|
When setup channel access for UICC terminal, carrier privileges checking
add unnecessary rules loading.
|
|
Listen to CARRIER_CONFIG_CHANGED and reinitialize UICC terminals.
Bug: 152008670
Test: adb shell dumpsys secure_element
Merged-In: I8bb13b43de6f17f0b5b82440708d90bf684ca7ec
Change-Id: I8bb13b43de6f17f0b5b82440708d90bf684ca7ec
|
|
|
|
Do not directly provide privilege access to carrier privilege apps to
select ISD-R aid. Fallback to GP rules checking.
Bug: 157968163
Test: select ISD-R aid is not directly allowed for carrier privilege
apps
Merged-In: Id7dd6e3afcb88d97b7c62e8710ef16fbc35010f3
Change-Id: Id7dd6e3afcb88d97b7c62e8710ef16fbc35010f3
|
|
Do not return null directly when application try to openLogicalChannel
with null aid.
Check if it is privilege application first.
Bug: 157349625
Test: openLogicalChannel with null aid
Merged-In: Icf7ee2b299154874f1bdd4b5b409c7df04eb831b
Change-Id: Icf7ee2b299154874f1bdd4b5b409c7df04eb831b
|
|
HAL_ESE_IOCTL_OMAPI_RELEASE_ESE_SESSION
|
|
Test: manual
Bug: 142495673
Change-Id: I1338a2a11cc60fa50b1c8dd8e75022af9ea1b0a1
|
|
Allow privilege app access to open channel even if
AccessControlEnforcer is not available.
Throw exception only for non privileged access.
Bug: 149632580
Test: OpenBasicChannel from Privileged/Non privileged app
Change-Id: Ie188d397f6bf641923d010ad3a9d00d21bc9351b
|
|
When application try to stress OMAPI by continuously open/close channels
with multi-thread, there is possibility channel management is incorrect
and result to no response.
Bug: 148892905
Test: OMAPI works normal after multi-thread stress tests
Change-Id: I530015ff20ed143a129024d6385fae9392a00a99
|
|
Support Carrier Privilege rules.
Bug: 139701995
Test: Check carrier privilege rules could be parsed correctly
Change-Id: I2838d335f9993eb7e50323773ed52579f53766a3
|
|
Provide access to eSE when system application granted privilege
permission.
Bug: 141963658
Test: Manual
Change-Id: I5f00ee71c4d42ea612abeeeb637248337af3c1f6
|
|
1. Try to retrieve ARs from a configurable list of AIDs.
If all AIDs are not accessible, then try default AID.
2. Add PKG_REF_DO/PERM_AR_DO for AR parsing.
Bug:139078767
Test: Access rules could be retrieved from different AIDs.
|
|
transmit method can handle 6CXX or 61XX once, and then call transmitInternal method.
transmitInternal method cannot handle 6CXX or 61XX.
After process 6CXX, call transmit method again to handle 61XX.
Bug: 141838332
Test: CTS OmapiTest
Change-Id: I4e7ff90953d7a5374b012f55c25f29a73adb586b
|
|
Terminals are loaded in the onCreate, which has a
limited amount of time to do work without ANRing.
For DSDS, its possible that although a SIM2
ese exists in a manifest, the HAL won't be loaded
if DSDS is inactive on the device.
Don't allow retries when trying to fetch terminals
after index 1, in case they don't actually exist.
Bug: 139010988
Change-Id: I250cfed507a2805abba21e2c8ebfb025431cfb0d
|
|
Throw exception in setUpChannelAccess if this is not a privilege app.
Bug: 153934978
Test: atest CtsOmapiTestCases
Merged-In: Id39bcad679e856370b985bb77ca77aaadc84c7a0
Change-Id: Id39bcad679e856370b985bb77ca77aaadc84c7a0
|
|
When setup channel access for UICC terminal, carrier privileges checking
add unnecessary rules loading.
Bug: 152060727
Bug: 153832909
Test: atest CtsOmapiTestCases
Merged-In: Ia3230a7f0165b9233196a698d9bfd0e243fa0db6
Change-Id: Ia3230a7f0165b9233196a698d9bfd0e243fa0db6
|
|
Allow privilege app access to open channel even if
AccessControlEnforcer is not available.
Throw exception only for non privileged access.
Bug: 149632580
Test: OpenBasicChannel from Privileged/Non privileged app
Merged-In: Ie188d397f6bf641923d010ad3a9d00d21bc9351b
Change-Id: Ie188d397f6bf641923d010ad3a9d00d21bc9351b
|
|
Change SECURE_ELEMENT_PRIVILEGED to SECURE_ELEMENT_PRIVILEGED_OPERATION.
Bug: 150877612
Test: build pass
Merged-In: I5c0d557f9ac43b64f2113de6c4a46f92e99b7c27
Change-Id: I5c0d557f9ac43b64f2113de6c4a46f92e99b7c27
|
|
am: 235b4688ef
Change-Id: Id9083df806b6cceaf0f339bf998971bb90afd42c
|
|
When application try to stress OMAPI by continuously open/close channels
with multi-thread, there is possibility channel management is incorrect
and result to no response.
Bug: 148892905
Test: OMAPI works normal after multi-thread stress tests
Change-Id: I530015ff20ed143a129024d6385fae9392a00a99
|
|
|
|
As part of statsd becoming a Mainline module in R, autogenerated
StatsLog.write() calls are going away and replaced by *StatsLog.java
that is autogenerated for each module.
This CL adds autogenerated SecureElementStatsLog and replaces usages
of StatsLog with SecureElementStatsLog.
Bug: 145952197
Test: m SecureElement
Change-Id: Ided6c27ba2be86152949dcbf430bcc3140a62b58
|
|
|
|
Test: manual
Bug: 142495673
Change-Id: I1338a2a11cc60fa50b1c8dd8e75022af9ea1b0a1
|
|
Support Carrier Privilege rules.
Bug: 139701995
Test: Check carrier privilege rules could be parsed correctly
Change-Id: I2838d335f9993eb7e50323773ed52579f53766a3
|
|
Provide access to eSE when system application granted privilege
permission.
Bug: 141963658
Test: Manual
Change-Id: I5f00ee71c4d42ea612abeeeb637248337af3c1f6
|
|
|
|
|
|
Warnings resolved: GUARDED_BY_VIOLATION, FORWARD_NULL, NULL_RETURN, CALL_SUPER
|
|
am: 71c804e16d
Change-Id: I3cc94965bfd98316ffd91ff53e9858ed2f5ed2ab
|
|
1. Try to retrieve ARs from a configurable list of AIDs.
If all AIDs are not accessible, then try default AID.
2. Add PKG_REF_DO/PERM_AR_DO for AR parsing.
Bug:139078767
Test: Access rules could be retrieved from different AIDs.
Change-Id: Id14418ebd39646d4b50e2ad240f50bc74507f816
|
|
transmit method can handle 6CXX or 61XX once, and then call transmitInternal method.
transmitInternal method cannot handle 6CXX or 61XX.
After process 6CXX, call transmit method again to handle 61XX.
Bug: 141838332
Test: CTS OmapiTest
Change-Id: I4e7ff90953d7a5374b012f55c25f29a73adb586b
|
|
Terminals are loaded in the onCreate, which has a
limited amount of time to do work without ANRing.
For DSDS, its possible that although a SIM2
ese exists in a manifest, the HAL won't be loaded
if DSDS is inactive on the device.
Don't allow retries when trying to fetch terminals
after index 1, in case they don't actually exist.
Bug: 139010988
Change-Id: I250cfed507a2805abba21e2c8ebfb025431cfb0d
|
|
installed
If no access rule is accessible, access to secure element is allowed in
eSE case and denied in UICC SE case in accordance with the chapter 4 of
GP SEAC specification. The problem with the current implementation is
that there is no mechanism to re-initialize Access Control Enforcer when
access rule becomes accessible. If access rule is installed to the
secure element, Access Controler Enforcer shall work to cache the rules.
|
|
|
|
|
|
Session and Terminal should output more logs helpful for the device
development. This change adds logs for openBasicChannel(),
openLogicalChannel() and getAtr(). New logs should be output only for
debuggable build variants.
|
|
Keep the same order than SEHAL 1.0.
There is possibility to use mSEHal before initialized.
Bug: 131298247
Test: AccessRule loaded successfully
Change-Id: I65c0fe98c4cafd179be3708e53b6d40165acd9f6
Merged-In: I65c0fe98c4cafd179be3708e53b6d40165acd9f6
|
