Merge cherrypicks of [9434351, 9434801, 9434688, 9434802, 9434034, 9434035, 9434608, 9434036] into qt-c2f2-release
Change-Id: I046b7217377a10ff3add0fd4039837c42b54ae18
diff --git a/src/com/android/se/security/AccessControlEnforcer.java b/src/com/android/se/security/AccessControlEnforcer.java
index 22b82f0..79252bd 100644
--- a/src/com/android/se/security/AccessControlEnforcer.java
+++ b/src/com/android/se/security/AccessControlEnforcer.java
@@ -488,9 +488,8 @@
}
}
if (!mTerminal.getName().startsWith(SecureElementService.UICC_TERMINAL)) {
- // It shall be allowed to grant full access if no rule can be retrieved
- // from the secure element except for UICC.
- mFullAccess = true;
+ // Deny full access for eSE if no rule can be retrieved because of security concern
+ mFullAccess = false;
// ARF is supported only on UICC.
mUseArf = false;
}