Snap for 4716599 from 0f8b45235b612ac4d7a9cd7af7233039e4358b81 to pi-releaseandroid-wear-9.0.0_r9 android-wear-9.0.0_r8 android-wear-9.0.0_r7 android-wear-9.0.0_r6 android-wear-9.0.0_r5 android-wear-9.0.0_r4 android-wear-9.0.0_r34 android-wear-9.0.0_r33 android-wear-9.0.0_r32 android-wear-9.0.0_r31 android-wear-9.0.0_r30 android-wear-9.0.0_r3 android-wear-9.0.0_r29 android-wear-9.0.0_r28 android-wear-9.0.0_r27 android-wear-9.0.0_r26 android-wear-9.0.0_r25 android-wear-9.0.0_r24 android-wear-9.0.0_r23 android-wear-9.0.0_r22 android-wear-9.0.0_r21 android-wear-9.0.0_r20 android-wear-9.0.0_r2 android-wear-9.0.0_r19 android-wear-9.0.0_r18 android-wear-9.0.0_r17 android-wear-9.0.0_r16 android-wear-9.0.0_r15 android-wear-9.0.0_r14 android-wear-9.0.0_r13 android-wear-9.0.0_r12 android-wear-9.0.0_r11 android-wear-9.0.0_r10 android-wear-9.0.0_r1 android-vts-9.0_r9 android-vts-9.0_r8 android-vts-9.0_r7 android-vts-9.0_r6 android-vts-9.0_r5 android-vts-9.0_r4 android-vts-9.0_r19 android-vts-9.0_r18 android-vts-9.0_r17 android-vts-9.0_r16 android-vts-9.0_r15 android-vts-9.0_r14 android-vts-9.0_r13 android-vts-9.0_r12 android-vts-9.0_r11 android-vts-9.0_r10 android-security-9.0.0_r76 android-security-9.0.0_r75 android-security-9.0.0_r74 android-security-9.0.0_r73 android-security-9.0.0_r72 android-security-9.0.0_r71 android-security-9.0.0_r70 android-security-9.0.0_r69 android-security-9.0.0_r68 android-security-9.0.0_r67 android-security-9.0.0_r66 android-security-9.0.0_r65 android-security-9.0.0_r64 android-security-9.0.0_r63 android-security-9.0.0_r62 android-cts-9.0_r9 android-cts-9.0_r8 android-cts-9.0_r7 android-cts-9.0_r6 android-cts-9.0_r5 android-cts-9.0_r4 android-cts-9.0_r3 android-cts-9.0_r20 android-cts-9.0_r2 android-cts-9.0_r19 android-cts-9.0_r18 android-cts-9.0_r17 android-cts-9.0_r16 android-cts-9.0_r15 android-cts-9.0_r14 android-cts-9.0_r13 android-cts-9.0_r12 android-cts-9.0_r11 android-cts-9.0_r10 android-cts-9.0_r1 android-9.0.0_r9 android-9.0.0_r8 android-9.0.0_r7 android-9.0.0_r61 android-9.0.0_r60 android-9.0.0_r6 android-9.0.0_r59 android-9.0.0_r58 android-9.0.0_r57 android-9.0.0_r56 android-9.0.0_r55 android-9.0.0_r54 android-9.0.0_r53 android-9.0.0_r52 android-9.0.0_r51 android-9.0.0_r50 android-9.0.0_r5 android-9.0.0_r49 android-9.0.0_r48 android-9.0.0_r3 android-9.0.0_r2 android-9.0.0_r18 android-9.0.0_r17 android-9.0.0_r10 android-9.0.0_r1 security-pi-release pie-vts-release pie-security-release pie-s2-release pie-release-2 pie-release pie-r2-s2-release pie-r2-s1-release pie-r2-release pie-cts-release

Change-Id: I5ade2e643b33883ac380ecac10c4822d15232b89
author: android-build-team Robot <android-build-team-robot@google.com> 2018-04-12 07:21:00 +0000
committer: android-build-team Robot <android-build-team-robot@google.com> 2018-04-12 07:21:00 +0000
commit: b22cf53936fccce09982b26be3f0f6b5ad1b4609 (patch)
tree: 215e7a6aa9e81c6997f1409dc2b2fab0ab8d93a6
parent: 7de75dafe71f6573540f17e834d391e93d5fc050 (diff)
parent: 0f8b45235b612ac4d7a9cd7af7233039e4358b81 (diff)
download: SecureElement-android-wear-9.0.0_r25.tar.gz
2 files changed, 91 insertions, 29 deletions
diff --git a/src/com/android/se/SecureElementService.java b/src/com/android/se/SecureElementService.java
index 20f0524..b38cb22 100644
--- a/src/com/android/se/SecureElementService.java
+++ b/src/com/android/se/SecureElementService.java
@@ -26,7 +26,6 @@ import android.app.Service;
 import android.content.Context;
 import android.content.Intent;
 import android.content.pm.PackageManager;
-import android.hardware.secure_element.V1_0.ISecureElement;
 import android.os.Binder;
 import android.os.IBinder;
 import android.os.RemoteException;
@@ -101,7 +100,6 @@ public final class SecureElementService extends Service {
                     }
                 }
             };
-    private Context mContext;
 
     public SecureElementService() {
         super();
@@ -134,8 +132,6 @@ public final class SecureElementService extends Service {
     @Override
     public void onCreate() {
         Log.i(mTag, Thread.currentThread().getName() + " onCreate");
-
-        mContext = getApplicationContext();
         createTerminals();
         ServiceManager.addService(Context.SECURE_ELEMENT_SERVICE, mSecureElementServiceBinder);
     }
@@ -148,33 +144,31 @@ public final class SecureElementService extends Service {
         Log.i(mTag, "onDestroy");
         for (Terminal terminal : mTerminals.values()) {
             terminal.closeChannels();
+            terminal.close();
         }
     }
 
     private void addTerminals(String terminalName) {
         int index = 1;
-        String name = terminalName + Integer.toString(index);
+        String name = null;
         try {
-            ISecureElement seHal = ISecureElement.getService(name);
-            while (seHal != null) {
-                Terminal terminal = new Terminal(name, mContext, seHal);
-                mTerminals.put(name, terminal);
-                index++;
+            do {
                 name = terminalName + Integer.toString(index);
-                seHal = ISecureElement.getService(name);
-            }
+                Terminal terminal = new Terminal(name, this);
+                terminal.initialize();
+                mTerminals.put(name, terminal);
+            } while (++index > 0);
         } catch (NoSuchElementException e) {
-            //Thrown if the HAL implementation doesn't exist.
-        } catch (RemoteException e) {
+            Log.i(mTag, "No HAL implementation for " + name);
+        } catch (RemoteException | RuntimeException e) {
             Log.e(mTag, "Error in getService() for " + name);
         }
     }
 
     private void createTerminals() {
-        // Check for all eSE HAL implementations
+        // Check for all SE HAL implementations
         addTerminals(ESE_TERMINAL);
         addTerminals(UICC_TERMINAL);
-        return;
     }
 
     private String getPackageNameFromCallingUid(int uid) {
diff --git a/src/com/android/se/Terminal.java b/src/com/android/se/Terminal.java
index ee42502..b3bedba 100644
--- a/src/com/android/se/Terminal.java
+++ b/src/com/android/se/Terminal.java
@@ -30,6 +30,9 @@ import android.hardware.secure_element.V1_0.ISecureElementHalCallback;
 import android.hardware.secure_element.V1_0.LogicalChannelResponse;
 import android.hardware.secure_element.V1_0.SecureElementStatus;
 import android.os.Build;
+import android.os.Handler;
+import android.os.HwBinder;
+import android.os.Message;
 import android.os.RemoteException;
 import android.os.ServiceSpecificException;
 import android.se.omapi.ISecureElementListener;
@@ -67,6 +70,8 @@ public class Terminal {
     private boolean mDefaultApplicationSelectedOnBasicChannel = true;
 
     private static final boolean DEBUG = Build.IS_DEBUGGABLE;
+    private static final int GET_SERVICE_DELAY_MILLIS = 4 * 1000;
+    private static final int EVENT_GET_HAL = 1;
 
     private ISecureElement mSEHal;
 
@@ -84,31 +89,80 @@ public class Terminal {
                         mAccessControlEnforcer.reset();
                     }
                 } else {
+                    // If any logical channel in use is in the channel list, it should be closed
+                    // because the access control enfocer allowed to open it by checking the access
+                    // rules retrieved before. Now we are going to retrieve the rules again and
+                    // the new rules can be different from the previous ones.
+                    closeChannels();
                     try {
                         initializeAccessControl();
                     } catch (Exception e) {
                         // ignore
                     }
-                    synchronized (mLock) {
-                        mDefaultApplicationSelectedOnBasicChannel = true;
-                    }
+                    mDefaultApplicationSelectedOnBasicChannel = true;
                 }
             }
         }
     };
 
-    public Terminal(String name, Context context, ISecureElement seHal) {
-        if (seHal == null) {
-            throw new IllegalArgumentException("ISecureElement cannot be null ");
+    class SecureElementDeathRecipient implements HwBinder.DeathRecipient {
+        @Override
+        public void serviceDied(long cookie) {
+            Log.e(mTag, mName + " died");
+            synchronized (mLock) {
+                mIsConnected = false;
+                if (mAccessControlEnforcer != null) {
+                    mAccessControlEnforcer.reset();
+                }
+            }
+            mHandler.sendMessageDelayed(mHandler.obtainMessage(EVENT_GET_HAL, 0),
+                    GET_SERVICE_DELAY_MILLIS);
+        }
+    }
+
+    private HwBinder.DeathRecipient mDeathRecipient = new SecureElementDeathRecipient();
+
+    private Handler mHandler = new Handler() {
+        @Override
+        public void handleMessage(Message message) {
+            switch (message.what) {
+                case EVENT_GET_HAL:
+                    try {
+                        initialize();
+                    } catch (Exception e) {
+                        Log.e(mTag, mName + " could not be initialized again");
+                        sendMessageDelayed(obtainMessage(EVENT_GET_HAL, 0),
+                                GET_SERVICE_DELAY_MILLIS);
+                    }
+                    break;
+                default:
+                    break;
+            }
         }
+    };
+
+    public Terminal(String name, Context context) {
         mContext = context;
         mName = name;
         mTag = "SecureElement-Terminal-" + getName();
-        mSEHal = seHal;
-        try {
-            seHal.init(mHalCallback);
-        } catch (RemoteException e) {
+    }
+
+    /**
+     * Initializes the terminal
+     *
+     * @throws NoSuchElementException if there is no HAL implementation for the specified SE name
+     * @throws RemoteException if there is a failure communicating with the remote
+     */
+    public void initialize() throws NoSuchElementException, RemoteException {
+        synchronized (mLock) {
+            mSEHal = ISecureElement.getService(mName);
+            if (mSEHal == null) {
+                throw new NoSuchElementException("No HAL is provided for " + mName);
+            }
+            mSEHal.init(mHalCallback);
+            mSEHal.linkToDeath(mDeathRecipient, 0);
         }
+        Log.i(mTag, mName + " was initialized");
     }
 
     private ArrayList<Byte> byteArrayToArrayList(byte[] array) {
@@ -164,14 +218,28 @@ public class Terminal {
     }
 
     /**
-     * This method is called in SecureElementService:onDestroy to clean up
-     * all open channels.
+     * Cleans up all the channels in use.
      */
     public synchronized void closeChannels() {
         Collection<Channel> col = mChannels.values();
         Channel[] channelList = col.toArray(new Channel[col.size()]);
         for (Channel channel : channelList) {
-            closeChannel(channel);
+            channel.close();
+        }
+    }
+
+    /**
+     * Closes the terminal.
+     */
+    public void close() {
+        synchronized (mLock) {
+            if (mSEHal != null) {
+                try {
+                    mSEHal.unlinkToDeath(mDeathRecipient);
+                } catch (RemoteException e) {
+                    // ignore
+                }
+            }
         }
     }
author	android-build-team Robot <android-build-team-robot@google.com>	2018-04-12 07:21:00 +0000
committer	android-build-team Robot <android-build-team-robot@google.com>	2018-04-12 07:21:00 +0000
commit	b22cf53936fccce09982b26be3f0f6b5ad1b4609 (patch)
tree	215e7a6aa9e81c6997f1409dc2b2fab0ab8d93a6
parent	7de75dafe71f6573540f17e834d391e93d5fc050 (diff)
parent	0f8b45235b612ac4d7a9cd7af7233039e4358b81 (diff)
download	SecureElement-android-wear-9.0.0_r25.tar.gz