mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
aa4464d1c4
+ an August backport from @flamefire Signed-off-by: Tad <tad@spotco.us>
49 lines
2.4 KiB
Diff
49 lines
2.4 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Alisher Alikhodjaev <alisher@google.com>
|
|
Date: Thu, 1 Jun 2023 13:44:28 -0700
|
|
Subject: [PATCH] Ensure that SecureNFC setting cannot be bypassed
|
|
|
|
Bug: 268038643
|
|
Test: ctsverifier
|
|
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0)
|
|
Merged-In: Ic408b3ef9e35b646b728f9b76a0ba8922ed6e25f
|
|
Change-Id: Ic408b3ef9e35b646b728f9b76a0ba8922ed6e25f
|
|
---
|
|
src/com/android/nfc/NfcService.java | 6 ++++++
|
|
src/com/android/nfc/cardemulation/HostEmulationManager.java | 5 +++--
|
|
2 files changed, 9 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/com/android/nfc/NfcService.java b/src/com/android/nfc/NfcService.java
|
|
index 46a5d88e..0e02cd03 100644
|
|
--- a/src/com/android/nfc/NfcService.java
|
|
+++ b/src/com/android/nfc/NfcService.java
|
|
@@ -851,6 +851,12 @@ public class NfcService implements DeviceHostListener {
|
|
}
|
|
}
|
|
|
|
+ public boolean isSecureNfcEnabled() {
|
|
+ synchronized (NfcService.this) {
|
|
+ return mIsSecureNfcEnabled;
|
|
+ }
|
|
+ }
|
|
+
|
|
final class NfcAdapterService extends INfcAdapter.Stub {
|
|
/**
|
|
* An interface for vendor specific extensions
|
|
diff --git a/src/com/android/nfc/cardemulation/HostEmulationManager.java b/src/com/android/nfc/cardemulation/HostEmulationManager.java
|
|
index df701f2f..a45c5f50 100644
|
|
--- a/src/com/android/nfc/cardemulation/HostEmulationManager.java
|
|
+++ b/src/com/android/nfc/cardemulation/HostEmulationManager.java
|
|
@@ -175,8 +175,9 @@ public class HostEmulationManager {
|
|
// Resolve to default
|
|
// Check if resolvedService requires unlock
|
|
ApduServiceInfo defaultServiceInfo = resolveInfo.defaultService;
|
|
- if (defaultServiceInfo.requiresUnlock() &&
|
|
- mKeyguard.isKeyguardLocked() && mKeyguard.isKeyguardSecure()) {
|
|
+ if ((defaultServiceInfo.requiresUnlock()
|
|
+ || NfcService.getInstance().isSecureNfcEnabled())
|
|
+ && mKeyguard.isKeyguardLocked() && mKeyguard.isKeyguardSecure()) {
|
|
// Just ignore all future APDUs until next tap
|
|
mState = STATE_W4_DEACTIVATE;
|
|
launchTapAgain(resolveInfo.defaultService, resolveInfo.category);
|