Merge cherrypicks of [9434351, 9434801, 9434688, 9434802, 9434034, 9434035, 9434608, 9434036] into qt-c2f2-release Change-Id: I046b7217377a10ff3add0fd4039837c42b54ae18

commit: 314970de07467e27fbeb1a35058590b4329f2f4a [log] [tgz]
author: android-build-team Robot <android-build-team-robot@google.com> Sat Sep 21 00:52:25 2019 +0000
committer: android-build-team Robot <android-build-team-robot@google.com> Sat Sep 21 00:52:25 2019 +0000
tree: 2185a58e8ec20e50d4817e460ff26f21a8d9d1cf
parent: bcac007eefcc6da58e62d30a357d42bdcb622231 [diff]
parent: 5d1fc795c572e2febb8abec21bc3dda107e35aef [diff]
diff --git a/src/com/android/se/security/AccessControlEnforcer.java b/src/com/android/se/security/AccessControlEnforcer.java
index 22b82f0..79252bd 100644
--- a/src/com/android/se/security/AccessControlEnforcer.java
+++ b/src/com/android/se/security/AccessControlEnforcer.java

@@ -488,9 +488,8 @@
             }
         }
         if (!mTerminal.getName().startsWith(SecureElementService.UICC_TERMINAL)) {
-            // It shall be allowed to grant full access if no rule can be retrieved
-            // from the secure element except for UICC.
-            mFullAccess = true;
+            // Deny full access for eSE if no rule can be retrieved because of security concern
+            mFullAccess = false;
             // ARF is supported only on UICC.
             mUseArf = false;
         }
commit	314970de07467e27fbeb1a35058590b4329f2f4a	[log] [tgz]
author	android-build-team Robot <android-build-team-robot@google.com>	Sat Sep 21 00:52:25 2019 +0000
committer	android-build-team Robot <android-build-team-robot@google.com>	Sat Sep 21 00:52:25 2019 +0000
tree	2185a58e8ec20e50d4817e460ff26f21a8d9d1cf
parent	bcac007eefcc6da58e62d30a357d42bdcb622231 [diff]
parent	5d1fc795c572e2febb8abec21bc3dda107e35aef [diff]