Access rule application/file can be inaccessible dynamically

There is an usecase that the access rule application/file is dynamically disabled in order to prohibit access to the secure element. Currently updateAccessRuleIfNeed() throws AccessControlException when ARA is not found, but does not throw the same exception in ARF case. This change make them consistent. Bug: 129101434 Test: Manually confirmed no ARF is treated in the same way as no ARA. Change-Id: I8a8e4cb26ff1b92ef189b38364a19ca2205fb63c
author: Yoshiaki Naka <yoshiaki.naka@sony.com> 2019-03-20 16:44:25 +0900
committer: Ruchi Kandoi <kandoiruchi@google.com> 2019-03-22 20:54:22 +0000
commit: bc2f3e2c60c307f0785b74bc60633543cae0cb10 (patch)
tree: 7a76ec5ef5c5d8b573c8c3a3705fc06bbe937d2c
parent: 3624ed8af1198b00c6ed07e1cfa3ad13d8e3b0fd (diff)
download: SecureElement-bc2f3e2c60c307f0785b74bc60633543cae0cb10.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/com/android/se/security/AccessControlEnforcer.java b/src/com/android/se/security/AccessControlEnforcer.java
index 07df7e6..22b82f0 100644
--- a/src/com/android/se/security/AccessControlEnforcer.java
+++ b/src/com/android/se/security/AccessControlEnforcer.java
@@ -443,7 +443,7 @@ public class AccessControlEnforcer {
                 // These errors must be distinguished from other ones.
                 throw e;
             } catch (Exception e) {
-                Log.e(mTag, e.getMessage());
+                throw new AccessControlException("No ARF found in " + mTerminal.getName());
             }
         }
     }
author	Yoshiaki Naka <yoshiaki.naka@sony.com>	2019-03-20 16:44:25 +0900
committer	Ruchi Kandoi <kandoiruchi@google.com>	2019-03-22 20:54:22 +0000
commit	bc2f3e2c60c307f0785b74bc60633543cae0cb10 (patch)
tree	7a76ec5ef5c5d8b573c8c3a3705fc06bbe937d2c
parent	3624ed8af1198b00c6ed07e1cfa3ad13d8e3b0fd (diff)
download	SecureElement-bc2f3e2c60c307f0785b74bc60633543cae0cb10.tar.gz