Merge tag 'android-security-13.0.0_r9' into int/13/fp3
Android security 13.0.0 release 9
* tag 'android-security-13.0.0_r9':
Ensure that SecureNFC setting cannot be bypassed
Change-Id: I6068dd57571023a944a6b8eda3e40d9a4d189a71
diff --git a/src/com/android/nfc/NfcService.java b/src/com/android/nfc/NfcService.java
index 7149ae5..8ff1078 100644
--- a/src/com/android/nfc/NfcService.java
+++ b/src/com/android/nfc/NfcService.java
@@ -1169,6 +1169,12 @@
}
}
+ public boolean isSecureNfcEnabled() {
+ synchronized (NfcService.this) {
+ return mIsSecureNfcEnabled;
+ }
+ }
+
final class NfcAdapterService extends INfcAdapter.Stub {
/**
* An interface for vendor specific extensions
diff --git a/src/com/android/nfc/cardemulation/HostEmulationManager.java b/src/com/android/nfc/cardemulation/HostEmulationManager.java
index 8146202..8849cca 100644
--- a/src/com/android/nfc/cardemulation/HostEmulationManager.java
+++ b/src/com/android/nfc/cardemulation/HostEmulationManager.java
@@ -188,7 +188,9 @@
// Resolve to default
// Check if resolvedService requires unlock
ApduServiceInfo defaultServiceInfo = resolveInfo.defaultService;
- if (defaultServiceInfo.requiresUnlock() && mKeyguard.isKeyguardLocked()) {
+ if ((defaultServiceInfo.requiresUnlock()
+ || NfcService.getInstance().isSecureNfcEnabled())
+ && mKeyguard.isKeyguardLocked()) {
NfcService.getInstance().sendRequireUnlockIntent();
NfcService.getInstance().sendData(AID_NOT_FOUND);
if (DBG) Log.d(TAG, "requiresUnlock()! show toast");