Snap for 7183507 from 6811c422974b91d084899f25555a469d9af61623 to sdk-release

Change-Id: I2ca478d80b5115157b546a4f23e232c7c38be725
diff --git a/Android.bp b/Android.bp
new file mode 100644
index 0000000..aef15f3
--- /dev/null
+++ b/Android.bp
@@ -0,0 +1,44 @@
+//
+// Copyright (C) 2021 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package {
+    default_applicable_licenses: ["hardware_st_secure_element2_license"],
+}
+
+// Added automatically by a large-scale-change that took the approach of
+// 'apply every license found to every target'. While this makes sure we respect
+// every license restriction, it may not be entirely correct.
+//
+// e.g. GPL in an MIT project might only apply to the contrib/ directory.
+//
+// Please consider splitting the single license below into multiple licenses,
+// taking care not to lose any license_kind information, and overriding the
+// default license using the 'licenses: [...]' property on targets as needed.
+//
+// For unused files, consider creating a 'fileGroup' with "//visibility:private"
+// to attach the license to, and including a comment whether the files may be
+// used in the current project.
+// See: http://go/android-license-faq
+license {
+    name: "hardware_st_secure_element2_license",
+    visibility: [":__subpackages__"],
+    license_kinds: [
+        "SPDX-license-identifier-Apache-2.0",
+        "SPDX-license-identifier-GPL-2.0",
+    ],
+    license_text: [
+        "LICENSE",
+    ],
+}
diff --git a/secure_element/1.0/esehal/src/libse-gto.c b/secure_element/1.0/esehal/src/libse-gto.c
index b111f38..e6ea3bf 100644
--- a/secure_element/1.0/esehal/src/libse-gto.c
+++ b/secure_element/1.0/esehal/src/libse-gto.c
@@ -21,21 +21,22 @@
  *
  */
 
-#include <stdio.h>
-#include <stdlib.h>
-#include <stddef.h>
-#include <stdarg.h>
-#include <unistd.h>
-#include <errno.h>
-#include <string.h>
 #include <ctype.h>
-#include <stdint.h>
+#include <cutils/properties.h>
+#include <errno.h>
 #include <fcntl.h>
 #include <log/log.h>
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
 #include <sys/ioctl.h>
+#include <unistd.h>
 
-#include "se-gto/libse-gto.h"
 #include "libse-gto-private.h"
+#include "se-gto/libse-gto.h"
 #include "spi.h"
 
 #define SE_GTO_GTODEV "/dev/gto"
@@ -262,10 +263,30 @@
 se_gto_close(struct se_gto_ctx *ctx)
 {
     int status = 0;
+    const char ese_reset_property[] = "persist.vendor.se.reset";
 
-    if(ctx) dbg("se_gto_close check_alive = %d\n", ctx->check_alive);
-    if (ctx->check_alive == 1)
-        if (gtoSPI_checkAlive(ctx) != 0) status = 0xDEAD;
+    if (ctx){
+        dbg("se_gto_close check_alive = %d\n", ctx->check_alive);
+    }
+    if (ctx->check_alive == 1) {
+        if (gtoSPI_checkAlive(ctx) != 0) {
+            status = -(0xDEAD);
+            // eSE needs cold reset.
+            if (strncmp(ctx->gtodev, "/dev/st54spi", 12) == 0 ) {
+                property_set(ese_reset_property, "needed");
+            }
+        } else {
+            // Set noneed if SPI worked normally.
+            if (strncmp(ctx->gtodev, "/dev/st54spi", 12) == 0 ) {
+                property_set(ese_reset_property, "noneed");
+            }
+        }
+    } else {
+        // Set noneed if SPI worked normally.
+        if (strncmp(ctx->gtodev, "/dev/st54spi", 12) == 0 ) {
+            property_set(ese_reset_property, "noneed");
+        }
+    }
 
     (void)isot1_release(&ctx->t1);
     (void)spi_teardown(ctx);
diff --git a/secure_element/1.2/SecureElement.cpp b/secure_element/1.2/SecureElement.cpp
index 6e7406b..a3801da 100644
--- a/secure_element/1.2/SecureElement.cpp
+++ b/secure_element/1.2/SecureElement.cpp
@@ -25,7 +25,11 @@
 #include "se-gto/libse-gto.h"
 #include "SecureElement.h"
 
+#include <dlfcn.h>
 
+#define VENDOR_LIB_PATH "/vendor/lib64/"
+#define VENDOR_LIB_EXT ".so"
+#include <android-base/properties.h>
 //#include "profile.h"
 //#include "settings.h"
 
@@ -53,10 +57,11 @@
     nbrOpenChannel = 0;
     ctx = NULL;
 
-    if (strcmp(ese_name, "eSE2") == 0) {
-        strcpy( config_filename, "/vendor/etc/libse-gto-hal2.conf");
+    strncpy(ese_flag_name, ese_name, 4);
+    if (strncmp(ese_flag_name, "eSE2", 4) == 0) {
+        strncpy(config_filename, "/vendor/etc/libse-gto-hal2.conf", 31);
     } else {
-        strcpy( config_filename, "/vendor/etc/libse-gto-hal.conf");
+        strncpy(config_filename, "/vendor/etc/libse-gto-hal.conf", 30);
     }
 }
 
@@ -686,20 +691,51 @@
 SecureElement::reset() {
 
     SecureElementStatus status = SecureElementStatus::FAILED;
+    std::string valueStr = android::base::GetProperty("persist.vendor.se.streset", "");
+
+    int ret = 0;
 
     ALOGD("SecureElement:%s start", __func__);
     if (deinitializeSE() != SecureElementStatus::SUCCESS) {
         ALOGE("SecureElement:%s deinitializeSE Failed", __func__);
     }
 
-    if(internalClientCallback_v1_1 != nullptr) {
+    if (internalClientCallback_v1_1 != nullptr) {
         internalClientCallback_v1_1->onStateChange_1_1(false, "SE deinitialized");
     } else {
         internalClientCallback->onStateChange(false);
     }
 
-    if(initializeSE() == EXIT_SUCCESS) {
-        status = SecureElementStatus::SUCCESS;
+    if (strncmp(ese_flag_name, "eSE1", 4) == 0 && valueStr.length() > 0) {
+        typedef int (*STEseReset)();
+        valueStr = VENDOR_LIB_PATH + valueStr + VENDOR_LIB_EXT;
+        void *stdll = dlopen(valueStr.c_str(), RTLD_NOW);
+        STEseReset fn = (STEseReset)dlsym(stdll, "direct_reset");
+        ret = fn();
+
+        ALOGD("SecureElement:%s STResetTool ret : %d", __func__, ret);
+        if (ret == 0) {
+            ALOGD("SecureElement:%s STResetTool Success", __func__);
+            if (initializeSE() == EXIT_SUCCESS) {
+                status = SecureElementStatus::SUCCESS;
+            }
+            turnOffSE = true;
+            if (deinitializeSE() != SecureElementStatus::SUCCESS) {
+                ALOGE("SecureElement:%s deinitializeSE Failed", __func__);
+            }
+        } else {
+            ALOGE("SecureElement:%s STResetTool Failed!", __func__);
+        }
+
+        dlclose(stdll);
+    } else {
+        if (initializeSE() == EXIT_SUCCESS) {
+            status = SecureElementStatus::SUCCESS;
+        }
+        turnOffSE = true;
+        if (deinitializeSE() != SecureElementStatus::SUCCESS) {
+            ALOGE("SecureElement:%s deinitializeSE Failed", __func__);
+        }
     }
 
     ALOGD("SecureElement:%s end", __func__);
diff --git a/secure_element/1.2/SecureElement.h b/secure_element/1.2/SecureElement.h
index 19d3601..1c2293b 100644
--- a/secure_element/1.2/SecureElement.h
+++ b/secure_element/1.2/SecureElement.h
@@ -57,6 +57,7 @@
     uint8_t atr[32];
     uint8_t atr_size;
     char config_filename[100];
+    char ese_flag_name[5];
     static sp<V1_0::ISecureElementHalCallback> internalClientCallback;
     static sp<V1_1::ISecureElementHalCallback> internalClientCallback_v1_1;
     int initializeSE();
diff --git a/secure_element/1.2/android.hardware.secure_element@1.2-service-gto.rc b/secure_element/1.2/android.hardware.secure_element@1.2-service-gto.rc
index 4a39a6a..c52b9e2 100644
--- a/secure_element/1.2/android.hardware.secure_element@1.2-service-gto.rc
+++ b/secure_element/1.2/android.hardware.secure_element@1.2-service-gto.rc
@@ -1,4 +1,4 @@
 service gto_secure_element_hal_service_1_2 /vendor/bin/hw/android.hardware.secure_element@1.2-service-gto
     class hal
     user secure_element
-    group secure_element
+    group secure_element nfc
diff --git a/secure_element/Android.bp b/secure_element/Android.bp
index a30615b..70707d6 100644
--- a/secure_element/Android.bp
+++ b/secure_element/Android.bp
@@ -1,3 +1,13 @@
+package {
+    // See: http://go/android-license-faq
+    // A large-scale-change added 'default_applicable_licenses' to import
+    // all of the 'license_kinds' from "hardware_st_secure_element2_license"
+    // to get the below license kinds:
+    //   SPDX-license-identifier-Apache-2.0
+    //   SPDX-license-identifier-GPL-2.0
+    default_applicable_licenses: ["hardware_st_secure_element2_license"],
+}
+
 cc_library_shared {
     // FIXME: this should only be -impl for a passthrough hal.
     // In most cases, to convert this to a binderized implementation, you should: