| Age | Commit message (Collapse) | Author |
|---|
|
When applications with privilege permission or carrier privilege, allow
basic channel access and select operation in an opened channel.
Bug: 139701995
Test: build pass
Change-Id: I823202b9eadf012cfdf89bde5678c01bc8f77314
|
|
Support Carrier Privilege rules.
Bug: 139701995
Test: Check carrier privilege rules could be parsed correctly
Change-Id: I2838d335f9993eb7e50323773ed52579f53766a3
|
|
Provide access to eSE when system application granted privilege
permission.
Bug: 141963658
Test: Manual
Change-Id: I5f00ee71c4d42ea612abeeeb637248337af3c1f6
|
|
|
|
|
|
Warnings resolved: GUARDED_BY_VIOLATION, FORWARD_NULL, NULL_RETURN, CALL_SUPER
|
|
stage-aosp-master
Bug: 142003500
Change-Id: I0ba7275df67cb9e4381360eb6d4972a396fc7614
|
|
am: 71c804e16d
Change-Id: I3cc94965bfd98316ffd91ff53e9858ed2f5ed2ab
|
|
1. Try to retrieve ARs from a configurable list of AIDs.
If all AIDs are not accessible, then try default AID.
2. Add PKG_REF_DO/PERM_AR_DO for AR parsing.
Bug:139078767
Test: Access rules could be retrieved from different AIDs.
Change-Id: Id14418ebd39646d4b50e2ad240f50bc74507f816
|
|
transmit method can handle 6CXX or 61XX once, and then call transmitInternal method.
transmitInternal method cannot handle 6CXX or 61XX.
After process 6CXX, call transmit method again to handle 61XX.
Bug: 141838332
Test: CTS OmapiTest
Change-Id: I4e7ff90953d7a5374b012f55c25f29a73adb586b
|
|
am: 2adec4001b
Change-Id: Ifbb77afcbec2ce42a8270d40e5b907d0f358d6d8
|
|
According to GP spec chap 4, access permission should be ALLOWED when ARA-M is not accessible on the eSE.
But on converged chip which is used by both eSIM/Felica, there is security concern when deleting ARA-M on this chip.
Set ChannelAccess as DENIED before long-term solution complete.
Bug: 140902609
Bug: 141203396
Test: Check ChannelAccess is DENIED after deleting ARA-M
Change-Id: Ic0eee4f4b214eae8f1a94b1b0c3b9621502deff5
|
|
Bug: 135460123
Change-Id: I78c7ab50d01e19ceda55344d859eb2f2d80b03b9
Merged-In: Ib467fb998d42424ba48c7dd4490ec7e725e36857
|
|
am: 8a81e4dc66
Change-Id: Ia9c1d75df687017b7dce677b6d1f6b219c019df3
|
|
If the access rules are of different types (i.e. NFC permission, APDU
permission), both rules are combined and thus both rules apply. That is
the policy of the rules combination process described in the clause
3.4.1 of GP SEAC specification. Interpretation of missing APDU access
rule attribute shall be done after all combination process is finished.
Bug: 129524272
Test: Confirmed no error with GP SEAC Test Plan v1.0.6 and SEAC CTS TCs
Change-Id: I32932b00d0cd4b8df31fb2194b8dd8766f0dd44f
|
|
If the access rules are of different types (i.e. NFC permission, APDU
permission), both rules are combined and thus both rules apply. That is
the policy of the rules combination process described in the clause
3.4.1 of GP SEAC specification. Interpretation of missing NFC access
rule attribute shall be done after all combination process is finished.
Bug: 129524272
Test: Confirmed no error with GP SEAC Test Plan v1.0.6 and SEAC CTS TCs
Change-Id: Iea06a4496b7a09a21c10700781f8bf988405592f
|
|
ChannelAccess.setAccess() shall not be called with DENIED until the
interpretation of the access rules retrieved from ARA is finished, if
'NEVER' is not explicitly specified in APDU-AR-DO.
Bug: 129509913
Test: Confirmed no error with GP SEAC Test Plan v1.0.6 and SEAC CTS TCs
Change-Id: I0f20baf544f95f7c584ad4c6d752a8d43d8cc195
|
|
Terminals are loaded in the onCreate, which has a
limited amount of time to do work without ANRing.
For DSDS, its possible that although a SIM2
ese exists in a manifest, the HAL won't be loaded
if DSDS is inactive on the device.
Don't allow retries when trying to fetch terminals
after index 1, in case they don't actually exist.
Bug: 139010988
Change-Id: I250cfed507a2805abba21e2c8ebfb025431cfb0d
|
|
installed
If no access rule is accessible, access to secure element is allowed in
eSE case and denied in UICC SE case in accordance with the chapter 4 of
GP SEAC specification. The problem with the current implementation is
that there is no mechanism to re-initialize Access Control Enforcer when
access rule becomes accessible. If access rule is installed to the
secure element, Access Controler Enforcer shall work to cache the rules.
|
|
|
|
|
|
There is an usecase that the access rule application/file is dynamically
disabled in order to prohibit access to the secure element. Currently
updateAccessRuleIfNeed() throws AccessControlException when ARA is not
found, but does not throw the same exception in ARF case. This change
make them consistent.
|
|
AccessRuleCache.findAccessRule() logs access rule when the appropriate
rule is found. The log should clearly state which condition is met. It
is helpful to have a log of hash of application.
|
|
There is a case that missing NFC accees rule is mistakenly treated as
DENIED if access rules are retrieved from ARA-M. It shall be interpreted
as ALLOWED if relevant APDU access rule, ALLOWED or filter, exists.
|
|
Session and Terminal should output more logs helpful for the device
development. This change adds logs for openBasicChannel(),
openLogicalChannel() and getAtr(). New logs should be output only for
debuggable build variants.
|
|
Detect Carrier Privilege Rules and ignore them.
|
|
|
|
When mNFCEventAllowed=UNDEFINED it must be updated accordingto GP in
all search rules.
This was already done in A & C but not fixed in B & D.
|
|
Keep the same order than SEHAL 1.0.
There is possibility to use mSEHal before initialized.
Bug: 131298247
Test: AccessRule loaded successfully
Change-Id: I65c0fe98c4cafd179be3708e53b6d40165acd9f6
Merged-In: I65c0fe98c4cafd179be3708e53b6d40165acd9f6
|
|
Keep the same order than SEHAL 1.0.
Change-Id: I65c0fe98c4cafd179be3708e53b6d40165acd9f6
|
|
NFC_IN_USE has been moved to SecureElement from Frameworks for better
code alignment
|
|
mSEHal is null while onStateChanged_1_1(true,"") invoked as part of
init_1_1.
|
|
|
|
|
|
nxpEseHalIoctl call is needed only for reader eSE1.
|
|
In cases of off-host transaction, there is a contention for the eSE
causing delays for the transaction. Not checking for the refresh tag
and using the access rules from the cache in case it exists will
avoid the contention.
|
|
There is an usecase that the access rule application/file is dynamically
disabled in order to prohibit access to the secure element. Currently
updateAccessRuleIfNeed() throws AccessControlException when ARA is not
found, but does not throw the same exception in ARF case. This change
make them consistent.
Bug: 129101434
Test: Manually confirmed no ARF is treated in the same way as no ARA.
Change-Id: I8a8e4cb26ff1b92ef189b38364a19ca2205fb63c
|
|
|
|
AccessRuleCache.findAccessRule() logs access rule when the appropriate
rule is found. The log should clearly state which condition is met. It
is helpful to have a log of hash of application.
Bug: 128686348
Test: Manually checked the logs.
Change-Id: I6cdad43d68a067051a45defd6606ee94e517ada3
|
|
There is a case that missing NFC accees rule is mistakenly treated as
DENIED if access rules are retrieved from ARA-M. It shall be interpreted
as ALLOWED if relevant APDU access rule, ALLOWED or filter, exists.
Bug: 127878096
Test: Confirmed no error with GP SEAC Test Plan v1.0.6 and SEAC CTS TCs
Change-Id: I0f86682d95e168e72659af487d0f102a6de79597
|
|
Session and Terminal should output more logs helpful for the device
development. This change adds logs for openBasicChannel(),
openLogicalChannel() and getAtr(). New logs should be output only for
debuggable build variants.
Bug: 128686348
Test: Manually checked the logs.
Change-Id: Ic0f3e16da9d03b46bb00053744de93d17949c0cb
|
|
Detect Carrier Privilege Rules and ignore them.
Test: None
Bug: 127880615
Change-Id: Ia80a8c6abdd12f56c0540d9165eb04b67c63fc22
|
|
Bug: 127536923
Test: run cts CtsSecureElementAccessControlTestCases*
Change-Id: Ia76ca7fde4b9bf3fe2f1c0b0cf770910362b6446
|
|
When mNFCEventAllowed=UNDEFINED it must be updated according
to GP in all search rules.
This was already done in A & C but not fixed in B & D.
Test: test transaction Event using CTS SIM
using AID a000000476416e64726f696443545341
Change-Id: I9b6568965403c0f4c60507a3530537ed6284a62c
|
|
Test:Check logged data locally
Bug:116641110
Change-Id: I696f66ab9c467f2310338963910907fc878dab7a
|
|
If SE HAL 1.1 is not supported, try SE HAL 1.0
Test:Check secure element sevice loaded
Change-Id: I9657792000a61876242e2f7230ddafe9936d8c70
|
|
Test: manual
Bug: 122590188
Change-Id: I28d2bec166cf786fedd0444778583073492de804
|
|
In cases of off-host transaction, there is a contention for the eSE
causing delays for the transaction. Not checking for the refresh tag
and using the access rules from the cache in case it exists will
avoid the contention.
Test: Manual
Bug: 119260337
Change-Id: I359f4eb20ba8d61f3a8e5e7ff382b61bd59edfd8
|
|
Following changes are done:-
1) Added API to send IOCTL to ESE HAL
2) Added logic to get SHA1 of the calling applications
|
|
NullPointerException is thrown when building AID_REF_DO if mAid is null.
Test: Default selected application rules can be parsed
Change-Id: I4a1109b0c51ef97f91b2a207a76141c1265d8096
|
