diff options
author | android-build-team Robot <android-build-team-robot@google.com> | 2018-04-12 07:21:00 +0000 |
---|---|---|
committer | android-build-team Robot <android-build-team-robot@google.com> | 2018-04-12 07:21:00 +0000 |
commit | b22cf53936fccce09982b26be3f0f6b5ad1b4609 (patch) | |
tree | 215e7a6aa9e81c6997f1409dc2b2fab0ab8d93a6 | |
parent | 7de75dafe71f6573540f17e834d391e93d5fc050 (diff) | |
parent | 0f8b45235b612ac4d7a9cd7af7233039e4358b81 (diff) | |
download | SecureElement-android-wear-9.0.0_r25.tar.gz |
Snap for 4716599 from 0f8b45235b612ac4d7a9cd7af7233039e4358b81 to pi-releaseandroid-wear-9.0.0_r9android-wear-9.0.0_r8android-wear-9.0.0_r7android-wear-9.0.0_r6android-wear-9.0.0_r5android-wear-9.0.0_r4android-wear-9.0.0_r34android-wear-9.0.0_r33android-wear-9.0.0_r32android-wear-9.0.0_r31android-wear-9.0.0_r30android-wear-9.0.0_r3android-wear-9.0.0_r29android-wear-9.0.0_r28android-wear-9.0.0_r27android-wear-9.0.0_r26android-wear-9.0.0_r25android-wear-9.0.0_r24android-wear-9.0.0_r23android-wear-9.0.0_r22android-wear-9.0.0_r21android-wear-9.0.0_r20android-wear-9.0.0_r2android-wear-9.0.0_r19android-wear-9.0.0_r18android-wear-9.0.0_r17android-wear-9.0.0_r16android-wear-9.0.0_r15android-wear-9.0.0_r14android-wear-9.0.0_r13android-wear-9.0.0_r12android-wear-9.0.0_r11android-wear-9.0.0_r10android-wear-9.0.0_r1android-vts-9.0_r9android-vts-9.0_r8android-vts-9.0_r7android-vts-9.0_r6android-vts-9.0_r5android-vts-9.0_r4android-vts-9.0_r19android-vts-9.0_r18android-vts-9.0_r17android-vts-9.0_r16android-vts-9.0_r15android-vts-9.0_r14android-vts-9.0_r13android-vts-9.0_r12android-vts-9.0_r11android-vts-9.0_r10android-security-9.0.0_r76android-security-9.0.0_r75android-security-9.0.0_r74android-security-9.0.0_r73android-security-9.0.0_r72android-security-9.0.0_r71android-security-9.0.0_r70android-security-9.0.0_r69android-security-9.0.0_r68android-security-9.0.0_r67android-security-9.0.0_r66android-security-9.0.0_r65android-security-9.0.0_r64android-security-9.0.0_r63android-security-9.0.0_r62android-cts-9.0_r9android-cts-9.0_r8android-cts-9.0_r7android-cts-9.0_r6android-cts-9.0_r5android-cts-9.0_r4android-cts-9.0_r3android-cts-9.0_r20android-cts-9.0_r2android-cts-9.0_r19android-cts-9.0_r18android-cts-9.0_r17android-cts-9.0_r16android-cts-9.0_r15android-cts-9.0_r14android-cts-9.0_r13android-cts-9.0_r12android-cts-9.0_r11android-cts-9.0_r10android-cts-9.0_r1android-9.0.0_r9android-9.0.0_r8android-9.0.0_r7android-9.0.0_r61android-9.0.0_r60android-9.0.0_r6android-9.0.0_r59android-9.0.0_r58android-9.0.0_r57android-9.0.0_r56android-9.0.0_r55android-9.0.0_r54android-9.0.0_r53android-9.0.0_r52android-9.0.0_r51android-9.0.0_r50android-9.0.0_r5android-9.0.0_r49android-9.0.0_r48android-9.0.0_r3android-9.0.0_r2android-9.0.0_r18android-9.0.0_r17android-9.0.0_r10android-9.0.0_r1security-pi-releasepie-vts-releasepie-security-releasepie-s2-releasepie-release-2pie-releasepie-r2-s2-releasepie-r2-s1-releasepie-r2-releasepie-cts-release
Change-Id: I5ade2e643b33883ac380ecac10c4822d15232b89
-rw-r--r-- | src/com/android/se/SecureElementService.java | 26 | ||||
-rw-r--r-- | src/com/android/se/Terminal.java | 94 |
2 files changed, 91 insertions, 29 deletions
diff --git a/src/com/android/se/SecureElementService.java b/src/com/android/se/SecureElementService.java index 20f0524..b38cb22 100644 --- a/src/com/android/se/SecureElementService.java +++ b/src/com/android/se/SecureElementService.java @@ -26,7 +26,6 @@ import android.app.Service; import android.content.Context; import android.content.Intent; import android.content.pm.PackageManager; -import android.hardware.secure_element.V1_0.ISecureElement; import android.os.Binder; import android.os.IBinder; import android.os.RemoteException; @@ -101,7 +100,6 @@ public final class SecureElementService extends Service { } } }; - private Context mContext; public SecureElementService() { super(); @@ -134,8 +132,6 @@ public final class SecureElementService extends Service { @Override public void onCreate() { Log.i(mTag, Thread.currentThread().getName() + " onCreate"); - - mContext = getApplicationContext(); createTerminals(); ServiceManager.addService(Context.SECURE_ELEMENT_SERVICE, mSecureElementServiceBinder); } @@ -148,33 +144,31 @@ public final class SecureElementService extends Service { Log.i(mTag, "onDestroy"); for (Terminal terminal : mTerminals.values()) { terminal.closeChannels(); + terminal.close(); } } private void addTerminals(String terminalName) { int index = 1; - String name = terminalName + Integer.toString(index); + String name = null; try { - ISecureElement seHal = ISecureElement.getService(name); - while (seHal != null) { - Terminal terminal = new Terminal(name, mContext, seHal); - mTerminals.put(name, terminal); - index++; + do { name = terminalName + Integer.toString(index); - seHal = ISecureElement.getService(name); - } + Terminal terminal = new Terminal(name, this); + terminal.initialize(); + mTerminals.put(name, terminal); + } while (++index > 0); } catch (NoSuchElementException e) { - //Thrown if the HAL implementation doesn't exist. - } catch (RemoteException e) { + Log.i(mTag, "No HAL implementation for " + name); + } catch (RemoteException | RuntimeException e) { Log.e(mTag, "Error in getService() for " + name); } } private void createTerminals() { - // Check for all eSE HAL implementations + // Check for all SE HAL implementations addTerminals(ESE_TERMINAL); addTerminals(UICC_TERMINAL); - return; } private String getPackageNameFromCallingUid(int uid) { diff --git a/src/com/android/se/Terminal.java b/src/com/android/se/Terminal.java index ee42502..b3bedba 100644 --- a/src/com/android/se/Terminal.java +++ b/src/com/android/se/Terminal.java @@ -30,6 +30,9 @@ import android.hardware.secure_element.V1_0.ISecureElementHalCallback; import android.hardware.secure_element.V1_0.LogicalChannelResponse; import android.hardware.secure_element.V1_0.SecureElementStatus; import android.os.Build; +import android.os.Handler; +import android.os.HwBinder; +import android.os.Message; import android.os.RemoteException; import android.os.ServiceSpecificException; import android.se.omapi.ISecureElementListener; @@ -67,6 +70,8 @@ public class Terminal { private boolean mDefaultApplicationSelectedOnBasicChannel = true; private static final boolean DEBUG = Build.IS_DEBUGGABLE; + private static final int GET_SERVICE_DELAY_MILLIS = 4 * 1000; + private static final int EVENT_GET_HAL = 1; private ISecureElement mSEHal; @@ -84,31 +89,80 @@ public class Terminal { mAccessControlEnforcer.reset(); } } else { + // If any logical channel in use is in the channel list, it should be closed + // because the access control enfocer allowed to open it by checking the access + // rules retrieved before. Now we are going to retrieve the rules again and + // the new rules can be different from the previous ones. + closeChannels(); try { initializeAccessControl(); } catch (Exception e) { // ignore } - synchronized (mLock) { - mDefaultApplicationSelectedOnBasicChannel = true; - } + mDefaultApplicationSelectedOnBasicChannel = true; } } } }; - public Terminal(String name, Context context, ISecureElement seHal) { - if (seHal == null) { - throw new IllegalArgumentException("ISecureElement cannot be null "); + class SecureElementDeathRecipient implements HwBinder.DeathRecipient { + @Override + public void serviceDied(long cookie) { + Log.e(mTag, mName + " died"); + synchronized (mLock) { + mIsConnected = false; + if (mAccessControlEnforcer != null) { + mAccessControlEnforcer.reset(); + } + } + mHandler.sendMessageDelayed(mHandler.obtainMessage(EVENT_GET_HAL, 0), + GET_SERVICE_DELAY_MILLIS); + } + } + + private HwBinder.DeathRecipient mDeathRecipient = new SecureElementDeathRecipient(); + + private Handler mHandler = new Handler() { + @Override + public void handleMessage(Message message) { + switch (message.what) { + case EVENT_GET_HAL: + try { + initialize(); + } catch (Exception e) { + Log.e(mTag, mName + " could not be initialized again"); + sendMessageDelayed(obtainMessage(EVENT_GET_HAL, 0), + GET_SERVICE_DELAY_MILLIS); + } + break; + default: + break; + } } + }; + + public Terminal(String name, Context context) { mContext = context; mName = name; mTag = "SecureElement-Terminal-" + getName(); - mSEHal = seHal; - try { - seHal.init(mHalCallback); - } catch (RemoteException e) { + } + + /** + * Initializes the terminal + * + * @throws NoSuchElementException if there is no HAL implementation for the specified SE name + * @throws RemoteException if there is a failure communicating with the remote + */ + public void initialize() throws NoSuchElementException, RemoteException { + synchronized (mLock) { + mSEHal = ISecureElement.getService(mName); + if (mSEHal == null) { + throw new NoSuchElementException("No HAL is provided for " + mName); + } + mSEHal.init(mHalCallback); + mSEHal.linkToDeath(mDeathRecipient, 0); } + Log.i(mTag, mName + " was initialized"); } private ArrayList<Byte> byteArrayToArrayList(byte[] array) { @@ -164,14 +218,28 @@ public class Terminal { } /** - * This method is called in SecureElementService:onDestroy to clean up - * all open channels. + * Cleans up all the channels in use. */ public synchronized void closeChannels() { Collection<Channel> col = mChannels.values(); Channel[] channelList = col.toArray(new Channel[col.size()]); for (Channel channel : channelList) { - closeChannel(channel); + channel.close(); + } + } + + /** + * Closes the terminal. + */ + public void close() { + synchronized (mLock) { + if (mSEHal != null) { + try { + mSEHal.unlinkToDeath(mDeathRecipient); + } catch (RemoteException e) { + // ignore + } + } } } |