From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Alisher Alikhodjaev Date: Thu, 1 Jun 2023 13:44:28 -0700 Subject: [PATCH] Ensure that SecureNFC setting cannot be bypassed Bug: 268038643 Test: ctsverifier (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0) Merged-In: Ic408b3ef9e35b646b728f9b76a0ba8922ed6e25f Change-Id: Ic408b3ef9e35b646b728f9b76a0ba8922ed6e25f --- src/com/android/nfc/NfcService.java | 6 ++++++ src/com/android/nfc/cardemulation/HostEmulationManager.java | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/com/android/nfc/NfcService.java b/src/com/android/nfc/NfcService.java index 0f12d2e9..d41ea4f2 100644 --- a/src/com/android/nfc/NfcService.java +++ b/src/com/android/nfc/NfcService.java @@ -1134,6 +1134,12 @@ public class NfcService implements DeviceHostListener { } } + public boolean isSecureNfcEnabled() { + synchronized (NfcService.this) { + return mIsSecureNfcEnabled; + } + } + final class NfcAdapterService extends INfcAdapter.Stub { @Override public boolean enable() throws RemoteException { diff --git a/src/com/android/nfc/cardemulation/HostEmulationManager.java b/src/com/android/nfc/cardemulation/HostEmulationManager.java index 6af4e0d7..b2670ec2 100644 --- a/src/com/android/nfc/cardemulation/HostEmulationManager.java +++ b/src/com/android/nfc/cardemulation/HostEmulationManager.java @@ -177,8 +177,9 @@ public class HostEmulationManager { // Resolve to default // Check if resolvedService requires unlock NfcApduServiceInfo defaultServiceInfo = resolveInfo.defaultService; - if (defaultServiceInfo.requiresUnlock() && - mKeyguard.isKeyguardLocked() && mKeyguard.isKeyguardSecure()) { + if ((defaultServiceInfo.requiresUnlock() + || NfcService.getInstance().isSecureNfcEnabled()) + && mKeyguard.isKeyguardLocked() && mKeyguard.isKeyguardSecure()) { // Just ignore all future APDUs until next tap mState = STATE_W4_DEACTIVATE; launchTapAgain(resolveInfo.defaultService, resolveInfo.category);